Velaro is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using Velaro websites or products, then you can be assured that it will only be used in accordance with this privacy statement. Velaro may change this policy from time to time by updating this page. You should check this page occasionally to ensure that you agree with any changes. This policy is effective as of 6/1/22.
What we collect
When you visit our website, we may collect:
- Name and job title.
- Contact information including email address.
- Demographic information such as location, preferences, and interests.
- Other information relevant to customer support, surveys, or other offers.
When you use our products, we may collect:
- User identification information, such as name and contact data.
- Engagement information, such as survey data, chat transcripts and message history.
- Automatic information, such as IP address and computing device details.
The data collected by the Velaro chat products is dependent on each customer’s configuration of their Velaro account and guaranteed by fully executed data processing and transfer agreements with Velaro. See the GDPR Addendum below for compliance with the EU General Data Protection Regulation (GDPR) rules.
What we do with the information we gather
We require this information to understand your needs and provide you with a better service, and for the following reasons:
- To facilitate the goals of the brands using our products.
- For internal record keeping and billing.
- We may use the information to improve our products and services.
- We may periodically send promotional email about new products, special offers or other information which we think you may find interesting using the contact information which you have provided.
- Occasionally, we may also use your information to contact you for market research purposes. We may contact you by email, phone, fax, or mail.
- We may use the information to customize our website or products per your interests and preferences.
- We may provide your information to our third-party partners for marketing or promotional purposes.
- We will never sell your information, unless at one point you subscribed to our free service (excludes trial periods).
Velaro is committed to ensuring that your information is secure. To prevent unauthorized access or disclosure we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect online. Please refer Velaro Security and Infrastructure for details about Velaro platform security and compliance.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added, and the cookie helps analyze web traffic or lets you know when you visit a site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
On the Velaro website, we use traffic log cookies to identify which pages are being used. This helps us analyze data about web page traffic and improve our website to tailor it to customer needs. We use this information for statistical analysis purposes and then the data is removed from the system. Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. Cookies also enable us to improve the performance of our messaging products by capturing your preferences. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
Types of cookies that we store: we only store first party cookies. Strictly necessary cookies: these cookies are strictly necessary to provide you with services available through our websites. Performance and analytical cookies: these cookies are used to enhance the performance and functionality of our Websites but are non-essential to their use. However, without these cookies, certain functionality may become unavailable. We may track anonymized data through google analytics products to provide better service to you.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of our websites and products.
Links to other websites
Our website or products may contain links to enable you to visit other websites or third-party applications easily. However, once you have used these links to leave our site, you should note that we do not have any control over other websites or applications. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and applications and they are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website or application in question.
Controlling your personal information
You may choose to restrict the collection or use of your personal information in the following ways:
When using our website:
- If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at firstname.lastname@example.org.
- You have a right to access the personal information that we maintain about you, and to correct, amend, or delete that information where it is inaccurate, or has been processed in violation of the Privacy Shield Principles, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated. You may do so simply by emailing us at email@example.com.
When using our messaging products:
- When you submit information and send messages during an engagement session with a brand using one of our messaging products, this data will be encrypted and securely archived. If you do not wish for your information to be archived, you may opt not to submit information.
- You have a right to access the application data that we maintain about you and may do so simply by emailing us at firstname.lastname@example.org.
- If you are subject to EU GDPR regulation, refer to the GDPR Addendum below for details on the control of personal information.
We will not sell, distribute or lease your personal information to third parties unless we have your permission (as a paying customer) or you use our free service, where applicable by law. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen. We will provide an individual opt-out or opt-in choice before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized.
Addendum 1: Compliance with the European Union General Data Protection Regulation (GDPR)
Velaro Live Chat Version 10 and above complies with the EU General Data Protection Regulation (GDPR) rules as set forth by the European Commission.
Privacy Role Definitions
• The Velaro Live Chat product is a “Processor” of Velaro customer data.
• Each Velaro Customer is a “Controller” of their visitors’ data
Why Does Velaro Process Data?
Velaro processes visitor data to enable chat features and provide context to chat engagements.
Velaro customers subject to GDPR compliance must gain consent from their visitors prior to a chat engagement. Visitors give direct consent for the controller to export their engagement data for processing, and for Velaro to import it back to the agent and for display to the visitor.
Velaro live chat is an application that is installed on Controller websites. It is the responsibility of the Controller to assert an acknowledgment of consent agreement from visitors to process live chat data.
The Controller will need to present and gain agreement from their visitors requesting chat engagements to enable cookie opt-in permissions as required by GDPR rules.
Access & Portability
The visitors of the Controller can access the data captured during their chat by having the chat transcript emailed to them. The Controller can configure Velaro settings to have data records offloaded to a secure site.
Velaro has a process in place that will inform customers if there has been a data breach. Data is securely encrypted on rest and in-transit, and is housed in the Microsoft Azure cloud. Azure alert procedures are in place. Security processes are in place to restrict access and protect credentials. Contact Velaro support for details on the Microsoft Azure Cloud Hosting environment security and compliance.
A visitor transcript can be deleted at any time in Velaro by a Controller user with the appropriate permissions. Additionally, Controller administrators can enable an automated data transcript purge feature in Velaro to schedule the deletion of visitor transcript records by age.
Controller administrators can enable the Compliance Mode feature in Velaro to fully offload all private chat transcript visitor information. Compliance Mode also requires the configuration of a secure server hosted by the Controller to house visitor records. Compliance mode ensures EU GDPR and US HIPAA BAA compliance as no personal information is stored by the Processor.
Velaro does not use the data of their customers or their customer’s visitors without their consent.
Velaro does not collect sensitive data.
Controllers are responsible for the consent, configuration, and management of any sensitive data that is collected by the Velaro Chat platform based on the Data Processing Agreement and/or Data Transfer Agreement in place with Velaro that guarantees EU GDPR compliance.
Velaro is primarily hosted on Microsoft Azure locations in North America. Localized hosting arrangements and privacy agreements are exclusive to individual customers and are the responsibility of the Controller.
Data Protection Officer
1234 North La Brea Avenue, Suite 508 West Hollywood, California 90038, USA
Address inquiries to email@example.com
Velaro keeps the chat engagement transaction records (non-personal) for all customers unless otherwise agreed.
Following is the content of records kept by Velaro:
- Name and contact details of Velaro customers, for account management.
- The reason for data processing specific to the Velaro customer’s business goals and industry, for account management.
- Description of categories of data subjects and personal data, for customized visitor engagements.
- Identity and categorization of organizations receiving the data, as required by customer agreements.
- Transfer of data to another country or organization parameters, as specified by customer agreements.
- Time limit for removal of data, as configured in each Velaro customer account settings by the customer account administrator.
Addendum 2: Compliance with the California Consumer Privacy Act (CCPA)
Velaro Live Chat complies with the Compliance with the California Consumer Privacy Act of 2018 (CCPA).
Velaro is both a “business” and a “service provider” under the CCPA. The information in this Addendum applies to information collected in the role of “business” when Velaro interacts directly with you as a customer.
When Velaro acts as a service provider, Velaro provides services to another business that interacts directly with you as a customer, and this business controls what data is collected and how it is used. For more information about how your data is processed by another business that uses Velaro as a service provider, please contact that company directly.
Disclosure of business data collection practices
Velaro does not sell personal information. Velaro never provides access or discloses personal information to third parties for monetary or other considerations.
Categories of business data collected
Velaro may collect the following categories of personal information as defined by the CCPA:
- Identifiers, such as name, email address, and company affiliation
- Commercial information, such as internet activity and geolocation
- Professional or employment information: in the case of customer account contacts and business roles.
Requests to receive or delete personal information
California residents may request a copy of their personal information collected by Velaro for the purposes of the Velaro business. Please use this form to submit your inquiry
Alternatively, you may email your inquiry to firstname.lastname@example.org.