Where your data will live

• Contact graph & interactions — Postgres database, target region Frankfurt (Supabase EU-Central). In progress: data currently lives in the Supabase project's original region; migration to EU-Central is scheduled before the European launch.
• Auth identities — Clerk, target region EU. In progress: Clerk instance currently US-default; EU region planned alongside the Supabase migration.
• Payment metadata — Stripe processes payments through Stripe's European entity for EUR-denominated transactions and through Stripe's Swiss/US entities depending on the merchant configuration. Card data never touches Vellaci servers — it stays inside Stripe's PCI-DSS Level 1 perimeter.
• Transactional emails — Resend, target region EU. In progress: Resend account region to be confirmed/migrated.
• AI-drafted reach-out openers — generated through the Vercel AI Gateway with the upstream provider (Anthropic) under Vercel's contractual Zero-Data-Retention mode. The opener text itself is stored in your Vellaci row, not in the model.
• iMessage / Threema / Signal content — never leaves your device. The on-device helper extracts metadata (peer ID, timestamps, counts) locally and ships only that.

Vellaci is built to meet two regimes at once:

• nLPD (Swiss FADP, revised) — the Federal Act on Data Protection in force since 1 September 2023. Applies because Vellaci is offered to Swiss residents and is operated from Switzerland.
• GDPR (EU 2016/679) — applies because we serve EEA residents and our infrastructure is EU-resident.

Switzerland's adequacy decision under the GDPR remains valid as of 2026, so personal data can flow between EU/EEA and Switzerland without additional safeguards. The target Vellaci architecture (see above) keeps your relationship graph inside the Swiss + EU perimeter; until the migration completes, some sub-processors still operate from a non-EU region — see the “in progress” labels in the table above.

• Vercel — application hosting. Functions configured for European regions (fra1 / cdg1).
• Supabase — Postgres database, target region EU-Central. In progress.
• Clerk — authentication, target region EU. In progress.
• Stripe — payments (Stripe entity selected based on the merchant's and the customer's country).
• Resend — transactional email, target region EU. In progress.
• Vercel AI Gateway (Anthropic upstream) — opener drafting, Zero Data Retention enabled via the Gateway.
• PostHog — product analytics, target region EU. In progress. IP truncation enabled.

Once this list reaches its target configuration, any subsequent change will be announced at least 30 days in advance via email to the org admin.

• Access — Settings → Export your data. JSON or CSV. No question asked.
• Rectification — every field is editable in-app. AI-inferred fields are flagged.
• Erasure — Settings → Delete account. Hard-delete immediately; backups rotate within 30 days.
• Portability — your export is a standard JSON document — re-importable into any other tool.
• Objection — turn off AI features entirely in Settings → AI & automation.
• Complaint — Swiss residents can file with the FDPIC (Préposé fédéral à la protection des données et à la transparence); EU residents with their national supervisory authority.

Family or Pro customers acting as data controllers (e.g. a household admin, a small advisory firm) can sign Vellaci's standard DPA on request. It incorporates the EU Standard Contractual Clauses and the FDPIC's Swiss SCC variant where applicable.

• We don't sell your data. There is no advertising business model on top of Vellaci, ever.
• We don't train AI on your data. The only AI in the loop drafts openers from prompts you trigger; the upstream provider is contractually under Zero Data Retention.
• The target Vellaci architecture keeps your data inside the Swiss + EU perimeter (see status above). We will never silently move a sub-processor outside that perimeter once it has been declared EU-resident.

Data protection officer: privacy@vellaci.ch · Postal: Vellaci, c/o the founder, Switzerland (precise address provided in the DPA).