Legal

Privacy Policy

How Veilframe handles account, billing, analytics, diagnostics, and local-first meeting data.

Last updated Jun 5, 2026

Summary

Veilframe is a local-first meeting workspace for Mac. The web app exists for marketing, account access, billing, downloads, and device pairing. It does not store your meeting recordings, transcripts, notes, screenshots, or action items.

This policy explains what the web app and the Veilframe API handle, what stays on your Mac, and how to contact us about your data.

Data we collect

We collect the minimum account and operational data needed to run Veilframe:

  • Account details such as your name, email address, authentication session, and account creation date.
  • Subscription and entitlement status, including plan, billing renewal state, and the identifiers needed to reconcile billing events.
  • Device and session metadata used for account security, such as session creation time, last activity time, IP address, user agent, and device label where available.
  • Basic request metadata such as IP address, user agent, timestamps, and error context needed to operate and protect the service.

Data that stays local

Veilframe stores your meeting library on your Mac. Your recordings, transcripts, notes, summaries, screenshots, action items, and local app database are not uploaded to the web app for storage.

On Pro, AI requests use the provider you configure in the Mac app. On Max, Veilframe-hosted AI features may send the content needed for a requested AI action through the Veilframe API and provider infrastructure. We use this only to fulfill the request and do not use your meeting content to train models.

Billing

Paid subscriptions are processed by Lemon Squeezy. Veilframe receives subscription status, plan, renewal, and invoice identifiers from Lemon Squeezy, but we do not store full card numbers or payment credentials.

Diagnostics and analytics

We use PostHog to understand production errors, page views, and key product actions such as downloads, sign-in, billing starts, and pairing completions. Error events can include technical context such as browser, route, stack trace, and request metadata. We do not intentionally send meeting content, form contents, payment details, or raw email addresses to PostHog.

Cookies

Veilframe uses better-auth.session_token, a functional session cookie set by the API. It keeps you signed in and is required for authenticated account pages, billing return flows, and device pairing approval.

Veilframe uses an analytics preference stored in your browser. Unknown analytics consent is treated as declined until you choose. We do not use advertising cookies or third-party fingerprinting.

Subprocessors

We use a small set of service providers to operate Veilframe:

  • Cherryservers for hosting the Veilframe API and web app.
  • PostHog for error monitoring and consent-based product analytics.
  • Lemon Squeezy for payments, tax, invoices, and subscription lifecycle events.
  • Resend for transactional email.
  • Better Auth-powered session infrastructure in the Veilframe API.

Retention

We keep account, entitlement, billing, and session records for as long as needed to provide the service, comply with legal obligations, resolve disputes, prevent abuse, and maintain security. When you delete your account, we delete or anonymize account data unless retention is required for legitimate legal, tax, security, or operational reasons.

Your rights

You can request an export or deletion of account data from the account dashboard once those controls are available. You can also contact us at privacy@veilframe.app to request access, correction, export, or deletion.

If you are in a region with privacy rights such as the EEA, UK, or California, we will handle your request according to applicable law.

Contact

Questions about privacy can be sent to privacy@veilframe.app.