Skip to main content

Privacy Policy

Effective on: 11/11/2025

1. Introduction

Vega Minds ("Firm", "us") values your privacy as our user ("User", "you") and is committed to protecting your personal information. This Privacy Policy outlines how we collect, use, disclose, and protect the information you provide to us when using our AI products and services ("Service"). We understand the importance of safeguarding your data and have implemented comprehensive measures to ensure its security and confidentiality. By accessing or using our services, you consent to the practices described in this Privacy Policy. We encourage you to read this document carefully to understand how business, client, and personal information ("Data") is handled by the Firm and to make informed decisions about your privacy. If you have any questions or concerns regarding our privacy practices, please contact us using the information provided at the end of this policy.

2. Types of data collected

We collect two types of information: information provided during the onboarding process and information collected during product usage.

2.1. Personal data

During the onboarding process, we collect specific information. It includes details such as company name, contact information, preferences, cookies, and any other relevant information necessary to customize the AI experience for the User. The Data collected during onboarding forms the foundation of our product, enabling us to tailor the AI capabilities specifically for each user's needs.

2.2. Usage data

As you use our services, certain information is automatically collected to enhance the user experience and improve our platform. This includes usage patterns, interaction data, preferences, and settings. We may also collect technical information such as IP addresses, device information, browser type, and operating system to ensure optimal functionality and provide technical support.

2.3. Tracking cookies data

We use cookies and similar tracking technologies to track the activity on our Service and we hold certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyze our Service. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service. Examples of cookies we use: session, preference, security and advertising.

3. Use of data collected

Data is collected to serve various purposes:

  • To provide and maintain our Service: we use your personal data to offer a personalized and efficient service;
  • For communications: to notify you about changes to our Service, provide customer support, and send account-related notices;
  • Enhancement of Service: your data helps us analyze usage patterns, identify areas for improvement, and refine our algorithms, ensuring a continually improving user experience;
  • Legal basis: the processing of your data is necessary for the performance of a contract to which you are a party and to pursue our legitimate interests as a controller;
  • To monitor service usage: to understand how our Service is used and identify trends;
  • To detect, prevent and address technical issues: ensuring a secure and uninterrupted user experience;
  • To fulfill any other purpose for which you provide it: tailoring our Service to meet your needs.

4. Data retention

We will retain your Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. We will also retain usage data for internal analysis purposes.

5. Transfer of data

Your Data may be transferred to and processed in computers located outside of your state, province, or country, where data protection laws may differ from those in your jurisdiction. Specifically, we transfer and process data, including personal data, within the United States. Our commitment is to ensure the secure and lawful handling of your data, consistent with this Privacy Policy. This includes implementing adequate safeguards, particularly when transferring data internationally, even if currently we do not engage in contracts with clients in Europe. We adhere to contractual obligations and standard data protection clauses, such as those outlined in Article 46.2(c) of the GDPR, to maintain the integrity and security of your personal information across borders.

6. Disclosure of data

Under certain circumstances, we may disclose your Data:

  • If required to do so by law or in response to valid requests by public authorities;
  • If we or our subsidiaries are involved in a merger, acquisition or asset sale;
  • To our subsidiaries, affiliates or employees when relevant;
  • To contractors, service providers, and other third parties we use to support our business;
  • With your consent in any other cases.

Please note that we do not sell or otherwise share your Data beyond what is described in this Privacy Policy.

6.1 Foundation model and cloud computing providers

Foundation model (FM) providers are integral to our technology. We prioritize privacy and security in our dealings with these providers and continuously monitor their data protection practices. Only essential information is shared with FM providers, and sensitive data is encrypted before transmission to protect client privacy. Our service utilizes enterprise-grade large language models (LLMs) from leading cloud providers, ensuring user data is not used to train third-party FMs or improve other products. The user's data remains within the Vega environment and is not employed to enhance the FMs, which are designed to be stateless. However, for added safety, we recommend using specific functions and fields for sensitive information within our products.

6.2 Integrated platforms

Our service seamlessly integrates with various third-party platforms, including CRMs, calendars, and emails, to enhance user experience. Upon your request, we establish secure connections to these platforms to retrieve and occasionally update information, enriching our service capabilities. All integrations are conducted in strict compliance with each platform's guidelines for login procedures and credential storage, ensuring a high level of security and data integrity.

6.3 Analytics

We may use third-party service providers such as Google Analytics to monitor, analyze and refine our Service.

6.4 Sharing anonymized and aggregated data

Anonymizing the data ensures that individual client information remains protected and unidentifiable. By aggregating the data, we can derive meaningful and generalized insights that help us make informed decisions about platform improvements, performance optimizations, and feature enhancements. The result of such anonymized data manipulation may be presented to third parties or the public.

7. Links to outside sites

Our Service contains links to external sites not operated by us. Clicking on a third-party link will take you to that site, where we recommend reviewing their Privacy Policy. We do not control, and are not responsible for, the content, privacy policies, or practices of any third-party sites or services.

8. Information security

We prioritize the security of your information and have implemented robust measures to protect it from unauthorized access, disclosure, alteration, or destruction. We use industry-standard encryption technologies and regularly update our security practices to ensure the highest level of protection.

Our team undergoes regular training and follows strict security protocols to handle and safeguard your data. We monitor our systems for potential risks and vulnerabilities and have procedures in place to respond promptly to any incidents.

While we take extensive measures to protect your information, no method of transmission or storage can guarantee absolute security. We encourage you to use strong passwords, keep your login credentials confidential, and maintain up-to-date security software on your devices.

9. Payments

We offer paid products/services within our Service, and for payment processing, we use third-party services. Your payment card details are not stored by us but are handled directly by these third-party processors, governed by their Privacy Policies. They comply with PCI-DSS standards set by the PCI Security Standards Council, involving entities like Visa and Mastercard, to ensure secure payment information handling. Our payment processors include:

10. User rights and choices

10.1 California Privacy Protection Act (CalOPPA)

Under the California Consumer Privacy Act, among other rights, California consumers have the right to:

  • Visit our site anonymously;
  • Request that we disclose the categories and specific pieces of personal data that a business has collected about consumers;
  • Request that we delete any personal data about the consumer that we have collected.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us using the information provided at the end of this policy.

10.2 General Data Protection Regulation (GDPR)

If you reside in the European Union (EU) or European Economic Area (EEA), GDPR grants you specific data protection rights. Our goal is to enable you to exercise these rights effectively. These rights include:

  • Right to access: you can request a copy of the personal data held about you;
  • Right to rectification: you have the right to have errors corrected;
  • Right to erasure: you can ask for deletion of your personal data, subject to certain legal exceptions;
  • Right to restrict processing: you can request that we limit the processing of your data;
  • Right to withdraw consent: you can withdraw your consent to the processing of your personal data;
  • Right to lodge a complaint: if you believe the processing of your personal data infringes on GDPR, you have the right to lodge a complaint.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us using the information provided at the end of this policy.

11. Children's privacy

Our services do not address anyone under the age of 18. We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from anyone under the age of 18 without verification of parental consent, we take steps to remove that information from our servers.

12. Policy update

Our latest Privacy Policy is always available at https://vegaminds.com/privacy-policy and the "effective date" at the top of the page is updated. You are advised to review this Privacy Policy periodically. Once posted, the new Privacy Policy shall be effective immediately.

13. Additional questions

If you have any questions regarding this Privacy Policy, feel free to contact us at contact@vegaminds.com or our Data Protection Officer at hugo@vegaminds.com.