This policy covers two Vela Vision products: the Vela caregiver and patient mobile app (iOS), and the Vela smart glasses hardware. We've written this in plain language — if anything is unclear, reach out and we'll explain it.
01 What we collect
Account information. When you create an account, we collect your name, email address, and the role you choose (patient or caregiver). This is used to authenticate you and personalize your experience.
Care data. Caregivers and patients can add daily routines, medication schedules, caregiver notes, and help alerts. This data is stored on our servers and is only visible to members of the linked care team.
Health data. With your permission, the app may read health metrics (such as steps and heart rate) from Apple HealthKit. This data is used only to display trends and is never shared with third parties or used for advertising.
Face photos (app). Caregivers can upload photos of people in the patient's life to enable face recognition via the glasses. These photos are stored securely and used solely for recognition purposes within your care team.
Location data. With permission, the app may use approximate location to power zone alerts (for example, notifying a caregiver when a patient leaves a defined area). We do not store precise location history.
Device and usage data. We collect standard technical information such as device type, operating system version, and crash reports to improve app stability. We do not sell or share this data.
02 How we use your data
We use your data only to provide and improve Vela Vision. Specifically:
- To authenticate you and maintain your session securely
- To display care team data, routines, medications, and health trends
- To power the glasses' face recognition feature using enrolled photos
- To send push notifications for help alerts, reminders, and care team updates
- To power AI-assisted features — including the care assistant, check-in summaries, visit reports, behavioral insights, and voice check-ins — using third-party AI services (see section 4)
- To diagnose crashes and improve app performance
- To process subscription payments via the App Store
We do not use your data for advertising, we do not build advertising profiles, and we do not sell your data to any third party.
03 Face recognition & the glasses
The Vela smart glasses use an on-device AI model to recognize faces of enrolled individuals. Here is how this works and what it means for your privacy:
- On-device processing. Face recognition inference runs entirely on the glasses hardware. Live camera frames are not streamed to our servers or any cloud service during normal operation.
- Enrolled photos. Photos uploaded by a caregiver are used to generate a facial recognition model stored on the device. The original photos are retained on our servers so the model can be updated if needed.
- No bystander storage. Faces of people who are not enrolled are not captured, stored, or processed beyond the instant of the recognition attempt.
- Camera access. The glasses camera is active only when the device is powered on and worn. There is no remote activation of the camera.
- Data sync. Recognized-face events (name, relationship, timestamp) may be synced to the app to populate the timeline. This data is encrypted in transit and at rest.
Biometric data generated by the face recognition model is sensitive. We treat it as such — it is never shared with third parties, used for any purpose other than in-session recognition, or retained beyond the life of your account.
04 Data sharing
We do not sell your personal data. We share data only in the following limited circumstances:
- Care team members. Data you add to a care profile is visible to all members of that care team (primary caregiver and invited members).
- Infrastructure providers. We use a small number of trusted infrastructure providers to operate the service: Supabase (authentication), MongoDB Atlas (database), and Apple (push notifications and App Store payments). These providers process data on our behalf under strict data processing agreements and may not use your data for their own purposes.
- AI service providers. Several features in the Vela app are powered by third-party AI services. When you use these features, relevant care data is sent to the service as described below. All three providers are contractually prohibited from using your data to train their models or for any purpose other than returning a response.
- Groq (LLaMA 3.3). Powers the in-app care assistant chat. When you send a message, Groq receives your message text along with the patient's name, daily routines, medications, reminders, and recent conversation history to generate a contextual response. Groq Privacy Policy
- Google Gemini. Powers care summaries, visit report generation, behavioral pattern analysis, and voice check-ins. Google Gemini may receive check-in notes, caregiver observations, patient event data, and live voice audio depending on the feature used. Google Privacy Policy
- Mem0. Powers the app's memory layer, which allows the assistant to remember care context across sessions. Mem0 receives check-in notes and care data to store and retrieve relevant memories. Mem0 Privacy Policy
- Legal requirements. We may disclose data if required to do so by law or in response to valid legal process.
- Business transfer. If Vela Vision is acquired or merges with another company, your data may be transferred as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.
05 Data retention & deletion
We retain your data for as long as your account is active. When you delete your account, we permanently delete your personal information, care data, enrolled face photos, and any associated biometric models within 30 days.
To delete your account, go to Settings → Delete Account in the app. Your data will be permanently removed within 30 days. You can also request deletion by emailing founder@velavision.org with the subject line "Delete my account" and we will confirm within 5 business days.
Aggregated, de-identified usage statistics (with no link to any individual) may be retained indefinitely for product improvement.
06 Security
We take the security of sensitive health and biometric data seriously. Our measures include:
- All data is encrypted in transit using TLS 1.2 or higher
- Data at rest is encrypted on our database servers
- Authentication tokens are short-lived and rotated on each session
- Access to production systems is restricted to core team members
- The glasses use local storage with no unauthenticated remote access
No system is perfectly secure. If you believe your account has been compromised, contact us immediately at founder@velavision.org.
07 Children's privacy
Vela Vision is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.
08 Your rights
Depending on where you live, you may have rights regarding your personal data, including:
- Access. Request a copy of the personal data we hold about you.
- Correction. Ask us to correct inaccurate data.
- Deletion. Ask us to delete your data (see section 5).
- Portability. Request your data in a machine-readable format.
- Objection. Object to certain uses of your data.
To exercise any of these rights, email founder@velavision.org. We will respond within 30 days.
09 Changes to this policy
We may update this policy from time to time. When we make material changes, we will notify you by email or through a notice in the app at least 14 days before the changes take effect. The effective date at the top of this page will always reflect the most recent version.
Continued use of Vela Vision after changes take effect constitutes acceptance of the updated policy.
10 Contact us
If you have any questions about this privacy policy or how we handle your data, please reach out.