Privacy Policy

Last updated: March 2, 2026

Vera ("we", "us", "our") is a relationship intelligence platform operated by Mukund Kunapareddy as a sole proprietorship in Texas. This Privacy Policy explains how we collect, use, and protect your information when you use our SMS service or web dashboard.

Information We Collect

When you use Vera, we collect:

• Phone number: Used to identify your account and deliver SMS messages.
• Email address (optional): If you choose to link an email for dashboard access.
• Contact information you provide: Names, companies, roles, and other details about people you tell Vera about via text message.
• Message content: The text messages you send to Vera, used to extract and store contact information.
• Google account data (optional): If you connect your Google account, we access your Calendar events and Google Contacts to provide meeting briefs and contact enrichment. Google OAuth tokens are encrypted at rest.
• Forwarded emails (optional): When you set up email forwarding to your unique Vera address, we receive and store forwarded emails to extract relationship intelligence such as sender information, subjects, key dates, and commitments. Email content is processed for signals and not shared with third parties.
• Billing information: If you subscribe to a paid plan, payment is processed by Stripe. We do not store credit card numbers — Stripe handles all payment data.

Information We Do NOT Collect or Store

• Location data: We do not collect or store location data.
• Device identifiers: We do not collect device IDs, advertising identifiers, or browser fingerprints.

How We Use Your Information

• To provide the Vera service: extracting, storing, and retrieving contact information.
• To send you SMS responses, search results, and follow-up reminders.
• To verify your email address via one-time passcode (OTP).
• To improve the service and fix bugs.

Aggregated and Anonymized Data

We may collect and analyze aggregated, anonymized data derived from user interactions to improve our service and develop insights. This data is stripped of all personally identifiable information and cannot be used to identify any individual user. Examples of aggregated data include:

• General meeting frequency patterns (e.g., average number of new contacts saved per week across all users).
• Common industries and roles encountered by users in aggregate.
• Popular feature usage trends (e.g., percentage of users who set reminders).
• Anonymized networking patterns (e.g., average meeting venues, event types).

This aggregated data is used to:

• Improve the accuracy and quality of the Vera service.
• Understand general usage patterns to prioritize features.
• Produce anonymized trend reports and aggregate insights.

We never sell, share, or disclose individual user data. Only aggregated, anonymized data that cannot identify any individual may be used for insights or shared in aggregate form.

Data Storage and Security

• Your data is stored securely using Supabase (hosted PostgreSQL) with row-level security.
• We use HTTPS for all data transmission.
• We use industry-standard security practices including input validation, rate limiting, and cryptographically secure authentication tokens.

Data Sharing

We do not sell, rent, or share your personal information with third parties. Your contact data is yours alone. We use the following third-party services solely to operate Vera:

• Twilio: SMS message delivery.
• Anthropic (Claude): AI processing of your messages to extract contact information. Messages are processed but not stored by Anthropic.
• Resend: Email delivery for verification codes.
• Google: Calendar and Contacts APIs for meeting briefs and contact sync (only when you connect your Google account). Data is accessed via OAuth with encrypted token storage.
• Stripe: Payment processing for paid subscriptions. Stripe receives only the billing data necessary to process payments.
• Brave Search: Web search for publicly available professional context during onboarding. No personal data is shared beyond names and company names.

Data Retention

We retain your personal data for as long as your account is active. If you request deletion of your account, we will delete all associated personal data within 30 days. Anonymized, aggregated data that cannot identify you may be retained indefinitely.

Your Rights

Regardless of your location, you have the following rights regarding your personal data:

• Access: You can request a copy of all personal data we hold about you.
• Correction: You can request correction of inaccurate personal data.
• Deletion: You can request deletion of your account and all associated personal data at any time by emailing mukund@tryvera.com.
• Data portability: You can request your data in a structured, commonly used, machine-readable format.
• Restriction of processing: You can request that we limit how we process your data.
• Objection: You can object to the processing of your personal data for certain purposes, including the creation of aggregated data.
• Opt out of SMS: You can opt out of SMS messages at any time by replying STOP.

To exercise any of these rights, contact us at mukund@tryvera.com. We will respond to your request within 30 days.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know: You can request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purpose for collecting it, and the categories of third parties with whom we share it.
• Right to delete: You can request deletion of your personal information, subject to certain exceptions.
• Right to opt out of sale: We do not sell your personal information. We have never sold personal information and have no plans to do so.
• Right to non-discrimination: We will not discriminate against you for exercising any of your CCPA rights.

To submit a CCPA request, email mukund@tryvera.com with the subject line "CCPA Request." We will verify your identity before processing the request and respond within 45 days.

Data Breach Notification

In the unlikely event of a data breach that affects your personal information, we will:

• Notify affected users via SMS and/or email within 72 hours of becoming aware of the breach.
• Describe the nature of the breach, the types of data involved, and the measures we are taking to address it.
• Provide guidance on steps you can take to protect yourself.
• Notify relevant regulatory authorities as required by applicable law.

SMS Terms

• By texting Vera at (XXX) XXX-XXXX, you consent to receive SMS responses.
• Message frequency varies based on your usage and connected services. Vera may send proactive messages such as morning briefs, meeting reminders, and follow-up nudges.
• Reply STOP to unsubscribe. Reply HELP for assistance.
• Message and data rates may apply.

Children's Privacy

Vera is not intended for use by anyone under the age of 13. We do not knowingly collect information from children. If we learn that we have collected personal information from a child under 13, we will delete that information promptly.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. If we make material changes, we will notify you via SMS or email.

Contact Us

If you have questions about this Privacy Policy, contact us at mukund@tryvera.com.