Last updated: March 22, 2026
When you create an account, we collect your email address, display name, and (if using Google sign-in) your Google profile information. We store the notes, folders, and attachments you create within the app.
Your data is stored on Supabase (hosted on AWS) with encryption at rest. Database access is protected by row-level security, meaning only you can access your own data through the API.
Vellu.me offers optional end-to-end encryption. When enabled, your notes are encrypted on your device before being sent to our servers. We cannot read or decrypt your encrypted content. The encryption key is derived from your password and never leaves your device.
We use the following third-party services:
If you enable Google Drive sync, we store your Google OAuth tokens to sync notes to your personal Google Drive. You can revoke this access at any time in your Google account settings or within Vellu.me.
We use cookies solely for authentication session management. We do not use tracking cookies, analytics, or advertising cookies.
You may delete your account at any time, which permanently removes all your data from our servers. Individual notes and attachments can be deleted within the app.
We do not sell, rent, or share your personal data with third parties for marketing purposes. We only share data with the third-party services listed above as necessary to operate the service.
We may update this policy from time to time. We will notify users of significant changes via email or in-app notification.
Questions about your privacy? Reach out at hello@vellu.me.