This Privacy Policy explains how VE Ai, Inc. (a Delaware corporation, “Ve,” “we,” “our,” or “us”), together with our subsidiaries, collects, uses, discloses, and protects personal information when you use our macOS and iOS applications, the website at ve.ai, and our related services (collectively, the “Services”). It applies to individual end-users (“you”) and to individuals whose information is processed through our Services by a business customer.
This Privacy Policy supplements, and should be read together with, our Terms of Service.
#Our Key Commitments
- Ve does not sell your personal information.
- Ve does not use your Inputs or Outputs to train foundation or generalized machine-learning models.
- Ve does not use Google Workspace data for advertising.
- Human access to your content is restricted and logged.
- Where applicable law requires a lawful basis, specific consents, or data-subject rights, we honor them.
#1. Who We Are and How to Contact Us
The controller of personal information processed under this Privacy Policy is VE Ai, Inc., 8 The Green, Suite R, Dover, DE 19901, United States.
For privacy inquiries, data-subject requests, and to reach our Grievance Officer under the Digital Personal Data Protection Act, 2023 (India):
- Privacy inbox: Support@ve.ai
- Postal address (U.S.): VE Ai, Inc., 8 The Green, Suite R, Dover, DE 19901, USA
- Postal address (India operations): To be updated soon
#2. The Information We Collect
We collect only the information we need to provide and improve the Services.
- Account data
Name, email address, account credentials, profile settings, organization affiliation. - Billing data
Plan, subscription status, billing address, invoice history. Payment-card details are collected and stored by Stripe, Inc.; we receive only a tokenized reference. - Voice / Dictation data
Audio captured from your microphone while dictation is active, and the resulting transcriptions. - Meeting data
Audio, video, transcripts, prep notes, and summaries of meetings you choose to capture; participant names where available. - Email and calendar data
Email contents, headers, attachments, and calendar events from accounts you connect (Google Workspace, Microsoft 365, etc.). - File data
Files you upload to, store with, or share through the Files sub-product and their metadata. - Screen Recall data
Screenshots and extracted text of on-screen content captured only when Screen Recall is enabled and for scopes you configure. - Usage and device data
Device model, OS, application version, language, IP address, approximate location derived from IP, feature usage events, crash logs, and diagnostic data. - Support data
Correspondence with our support team, including content you voluntarily share.
We do not intentionally collect: Social Security Numbers, taxpayer identification numbers beyond those required for billing, bank-account numbers, passport or driver-license images, health records, or other special-category information, except to the limited extent (for example, voice characteristics) that is inherent in features you choose to use.
#3. How Each Sub-Product Handles Your Data
#3.1 Dictation
When dictation is active, audio is captured from your microphone and processed to generate text. Audio may be processed on our servers or by a speech-to-text sub-processor. Dictation is off by default and you control when it is on.
#3.2 Meetings
You choose which meetings to capture. You are responsible for obtaining any consent from participants required by law. You may delete a meeting record at any time.
#3.3 Intent Mails and Morning Brief
When you connect your email and calendar accounts, Ve reads messages, threads, and events to generate drafts, briefings, and the Morning Brief. We do not send email on your behalf except in response to your explicit instruction. Email contents are not used to train our models.
#3.4 Files
Files you upload are stored in our cloud storage. We process file contents only to enable user-initiated features and to detect prohibited or abusive content consistent with our Acceptable Use Policy.
#3.5 Screen Recall
Screen Recall is disabled by default. When enabled, Ve captures screenshots and derives text from them for scopes you configure. You can pause, disable, and bulk-delete Recall data at any time.
#3.6 Routines and Simple Actions
These features orchestrate other sub-products on the schedules you configure. They do not collect new categories of information.
#4. How We Use Personal Information
- Provide, secure, and maintain the Services and your account;
- Generate the Outputs you request;
- Personalize your experience within your own account;
- Prevent, detect, and respond to fraud, abuse, security incidents, and violations of our Terms;
- Process payments, produce Invoices, and manage our business;
- Communicate with you about the Services;
- Improve the Services using de-identified or aggregated data;
- Comply with our legal obligations.
Where GDPR applies, we rely on: performance of a contract with you; our legitimate interests; your explicit consent; and compliance with legal obligations. You may object to processing based on legitimate interests as described in Section 9.
#5. AI Training, Model Providers, and What We Do Not Do
#5.1 We Do Not Train on Your Data
We do not use your Inputs, Outputs, Customer Content, Google Workspace data, voice data, meeting data, screen-recall data, or email and calendar data to train foundation models, large language models, or other generalized machine-learning models. We do not allow our sub-processors to do so on our behalf.
#5.2 How AI Features Work
When you invoke an AI feature, the relevant context is sent to a language-model sub-processor for inference. We contract with these providers on commercial terms that prohibit their use of our customers’ data for training and, where available, apply zero-retention terms.
#5.3 Product Improvement
We may use de-identified, aggregated signals to evaluate product performance and make improvements. These signals do not identify you.
#6.1 Sub-processors
- Amazon Web Services, Inc.
Cloud infrastructure, hosting, and storage. United States. - Stripe, Inc.
Payment processing and subscription billing. United States. - OpenAI, L.L.C. / Anthropic
Large-language-model inference. Data is processed under zero-retention or no-training commercial terms. United States. - Google LLC (Workspace APIs)
Access to Google Workspace data you choose to connect. United States. - Apple, Inc.
Application distribution (App Store), push notifications (APNs). United States. - Customer-support tooling
To respond to support inquiries. United States. - Product analytics and crash-reporting providers
Service diagnostics and usage analytics. United States.
#6.2 Scope of Sub-processor Responsibility
Ve performs reasonable due diligence on its sub-processors and imposes written contractual obligations at least as protective as those in this Privacy Policy. However, Ve is not liable for the independent acts or omissions of third parties that are not sub-processors acting under Ve’s direction.
#6.3 Other Recipients
We may share personal information with (a) our professional advisors under confidentiality obligations; (b) parties to a merger, acquisition, financing, reorganization, or sale of assets; (c) authorities where we believe disclosure is necessary to comply with applicable law; and (d) parties to whom you direct us to share.
#7. International Data Transfers
Ve is headquartered in the United States and has operational teams in India. Where we transfer personal information out of the European Economic Area, the United Kingdom, or Switzerland, we rely on recognized transfer mechanisms such as the European Commission’s Standard Contractual Clauses. Where we transfer personal data of Indian residents outside India, we do so in compliance with the DPDP Act, 2023.
#8. How We Protect Personal Information; Limits of Our Responsibility
#8.1 Our Safeguards
We implement encryption in transit (TLS) and at rest (AES-256 or equivalent), role-based access controls, multi-factor authentication for administrative access, a documented incident-response program, continuous monitoring and logging, periodic risk assessments, vendor due diligence, and mandatory employee security and privacy training.
#8.2 No Guarantee of Absolute Security
No system, service, or transmission is perfectly secure. Ve does not warrant or guarantee that our safeguards will prevent all unauthorized access, acquisition, alteration, disclosure, loss, or other misuse of personal information. Any liability of Ve arising from a security or data-protection event is subject to the limitations set out in the Terms of Service.
#8.3 Your Responsibilities
You are responsible for safeguarding your credentials, configuring features appropriately, maintaining independent backups of Customer Content, and obtaining any consents from third parties required by law. Ve is not liable for losses caused by your failure to meet these responsibilities.
#8.4 Breach Notification
If a personal-data breach affecting your personal information occurs, we will notify you and relevant authorities as required by applicable law.
#9. Your Rights and Choices
#9.1 Rights
Depending on where you live, you may have rights to:
- Know what personal information we hold about you and obtain a copy;
- Correct or update inaccurate or incomplete information;
- Delete personal information in certain circumstances;
- Restrict or object to certain processing;
- Withdraw consent where processing is based on consent;
- Data portability;
- Opt out of “sale,” “sharing,” or “targeted advertising”;
- Not receive discriminatory treatment for exercising your rights;
- Lodge a complaint with a supervisory authority.
#9.2 How to Exercise Your Rights
You can exercise these rights through your in-product settings or by emailing privacy@ve.ai. We will verify your identity before acting on your request and will respond within the time required by applicable law.
#9.3 Marketing Preferences
You can opt out of marketing emails by using the unsubscribe link or by emailing privacy@ve.ai. We will still send transactional and service-related messages.
#10. California Privacy Rights
If you are a California resident, you have rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (the “CCPA”). We do not “sell” personal information and do not “share” personal information for cross-context behavioral advertising. To exercise your CCPA rights, email privacy@ve.ai.
#11. India: DPDP Act Notice
For individuals in India, Ve processes personal data as a “Data Fiduciary” under the Digital Personal Data Protection Act, 2023. Our Grievance Officer contact is given in Section 1. You may withdraw consent through in-product settings or by emailing privacy@ve.ai.
#12. Children
The Services are not directed to children under 13 (or under 16 in the EEA and UK). We do not knowingly collect personal information from such children. If you believe a child has provided personal information to us, contact privacy@ve.ai.
#13. Data Retention
We retain personal information only for as long as needed to provide the Services, comply with our legal obligations, resolve disputes, and enforce our agreements.
- Account data
Life of the account, plus up to 30 days after closure. - Billing records
Up to 8 years per tax and corporate-record requirements. - Google user data
Processed in transient memory only. Deleted within 24 hours of disconnection. - Voice, meeting, screen-recall, and file data
Kept while the item exists in your account. Encrypted backup retention up to 90 days. - Diagnostic and log data
Typically up to 90 days. - Support correspondence
Up to 3 years from last interaction.
#14. Automated Decision-Making and Profiling
We do not use personal information for solely automated decision-making that produces legal or similarly significant effects about you. AI features may generate suggestions, drafts, and summaries; you remain responsible for reviewing Outputs.
#15. Third-Party Links and Integrations
The Services may link to or integrate with third-party services. Their privacy practices are governed by their own policies.
#16. Google API Services User Data Policy
Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
- We only use Google user data to provide or improve user-facing features visible in the Services.
- We do not transfer Google user data to third parties except as necessary to provide those features, comply with law, or in a merger/acquisition with notice.
- We do not use Google user data for advertising.
- We do not use Google user data to train generalized AI or machine-learning models.
- We do not allow humans to read Google user data except: (a) with your explicit consent; (b) for security or compliance; (c) when required by law; or (d) where data is aggregated and anonymized for internal operations.
#16.1 Use and Storage
Google user data is processed on an ephemeral basis in transient memory. We do not persist Google email bodies, calendar event contents, or file contents in long-term databases.
#16.2 Disconnection and Deletion
You may disconnect your Google account from Ve at any time. Google OAuth tokens are revoked, we stop further access, and any remaining temporary Google data is deleted within 24 hours.
#17. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Material changes will be notified at least 30 days in advance. The “Effective Date” at the top shows when the current version was published.
#18. Contact Us
If you have questions about this Privacy Policy, email Support@ve.ai or write to VE Ai, Inc., 8 The Green, Suite R, Dover, DE 19901, USA. For DPDP Act grievances, contact grievance@ve.ai.