Effective: 3 March 2026 · Last updated: 25 February 2026
Veyra is a family coordination platform operated by Veyran Systems, Inc., a Delaware corporation (EIN: 41-4006820), trading as Veyra. We are the data controller for the personal data processed through our platform, meaning we determine how and why your data is used.
Registered office: 838 Walker Road, Suite 21-2, Dover, DE 19904, United States
EIN: 41-4006820
Delaware File Number: 10471705
Data protection contact: privacy@veyraone.com
We collect different categories of personal data depending on how you use Veyra. For each category, we set out what we collect, why we collect it, and our lawful basis under UK GDPR for doing so.
When you create a Veyra account, we collect your name, email address, display name, and profile image (via Google sign-in). We process this data to provide you with access to the service. Our lawful basis is performance of a contract (Article 6(1)(b)).
We store your household name, timezone, partner relationships, and member roles (admin, partner, caregiver). This data is necessary to operate the shared family coordination service. Lawful basis: performance of a contract.
If you add children to your household, we store their names, dates of birth, school names, year groups, medical information, dietary requirements, and energy check-in data from Iron Mode. This data is processed on your instruction and authority as their parent or legal guardian. Lawful basis: performance of a contract, supplemented by legitimate interest in child safety. We have had regard to the ICO's Age Appropriate Design Code in designing our children's features.
When you forward emails to your Veyra address, we receive and process the sender name, sender email, subject line, and full email body. If you use voice input, we process the transcribed text. If you scan a document, we process the image. This is the core of Veyra's service — extracting calendar events from unstructured communications. Lawful basis: performance of a contract.
We store event titles, dates, times, locations, categories, assigned family members, and visibility settings. If you connect Google Calendar, we sync event data with Google. Lawful basis: performance of a contract.
We store proposals generated from ingested communications, your approval and rejection decisions, mental load entries tracking which parent handles which tasks, and commitment records. Lawful basis: performance of a contract.
We record your interaction patterns with Veyra, including approval rates and correction rates over time (used by our Trust Gradient system), energy and wellbeing check-in responses, login frequency, and feature usage. Lawful basis: legitimate interest in improving the service (Article 6(1)(f)), supported by a documented balancing test. You may object to this processing at any time.
We automatically collect your IP address, browser type, device type, and session information when you use Veyra. Lawful basis: legitimate interest in security and service operation.
Medical information and dietary requirements stored for children constitutes health data under Article 9 of UK GDPR. We process this data on the basis of your explicit consent as the child's parent or legal guardian, given during onboarding. This data is encrypted at rest, accessible only to household members you have authorised, and is never used for any purpose beyond the coordination service.
Children do not create their own Veyra accounts or provide their own consent. All children's data is entered by, and managed by, a parent or legal guardian with parental responsibility.
Iron Mode, our child-facing interface, is accessed through the parent's authenticated session on a shared household device. Children interact with their schedule and energy check-ins, but all data is stored under the parent's account and subject to the parent's control.
Authorised caregivers (nannies, grandparents) may view children's schedules and relevant medical or dietary information for the current day only. Parents control caregiver access and may revoke it at any time.
You may request deletion of any child's data at any time by removing them from your household in Settings or by contacting us at privacy@veyraone.com.
Veyra uses AI (provided by Anthropic's Claude API) to extract structured event data — dates, times, locations, action items, and categories — from the emails, voice transcriptions, and scanned documents you provide to us.
The AI does not make decisions about your family, profile individuals, or make automated decisions with legal or similarly significant effects within the meaning of Article 22 of UK GDPR. You retain full control: every AI-generated proposal can be reviewed, edited, approved, or rejected.
Events with a confidence score above 90% may be automatically added to your calendar. Events below 50% confidence require your full manual review. These thresholds are adjustable and you may disable auto-approval entirely.
Our Trust Gradient system observes your approval patterns over approximately 8 weeks to calibrate these thresholds to your household's preferences. You may reset or disable the Trust Gradient at any time in Settings.
Morning and evening briefings are generated by AI using only your family's own event data. If you enable voice briefings, the briefing text is sent to ElevenLabs for text-to-speech synthesis. No personal identifiers beyond what appears in the briefing content are shared with ElevenLabs.
We use a number of trusted service providers (sub-processors) to operate Veyra. Each processes only the data necessary for their specific function.
| Provider | Purpose | Data shared |
|---|---|---|
| Supabase | Database hosting, authentication | All application data (EU servers) |
| Vercel | Application hosting | Request data, session tokens |
| Anthropic | AI data extraction | Email content, transcriptions, images |
| ElevenLabs | Voice briefings | Briefing text only |
| Cloudflare | Email routing, DNS | Inbound email headers and body |
| Calendar sync, authentication | Calendar events, OAuth tokens |
We do not sell your personal data. At launch, no data is shared with third parties beyond the service providers listed above. In the future, we may offer an optional, separately consented programme to contribute anonymised, aggregated insights for research purposes. This would require your explicit opt-in consent, separately obtained, and you could withdraw at any time without affecting your use of Veyra.
Your primary data is stored in the European Union (Supabase's Frankfurt region). Some of our sub-processors are based in the United States, including Anthropic, Vercel, and ElevenLabs. Where data is transferred outside the UK, we rely on the UK International Data Transfer Agreement or the EU-US Data Privacy Framework, as applicable. Details of the specific safeguards for each transfer are available on request by contacting privacy@veyraone.com.
We retain your account and household data for as long as your account is active. Ingested email content is retained for 90 days after extraction, after which the raw email body is automatically deleted while the extracted event data is preserved. Children's data is deleted when a child is removed from the household or when the account is deleted. Consent records are retained for 6 years after withdrawal to demonstrate compliance. On account deletion, we provide a 30-day grace period for data export, after which all personal data is permanently deleted.
Under UK GDPR, you have the right to access your personal data, rectify inaccurate data, request erasure, restrict processing, receive your data in a portable format, object to processing based on legitimate interest, and withdraw consent at any time. Most of these rights can be exercised directly within Veyra's Settings: you can export your data, edit your information, and delete your account without contacting us. For any right you cannot exercise through the app, contact privacy@veyraone.com and we will respond within one month.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk/make-a-complaint or by calling 0303 123 1113.
Veyra uses only essential cookies required for authentication and session management. We do not use advertising cookies, third-party tracking pixels, or analytics cookies. No cookie consent banner is required because we use only strictly necessary cookies exempt under the Privacy and Electronic Communications Regulations 2003.
We will notify you of material changes to this policy via email or an in-app notification at least 14 days before the changes take effect. The “Last updated” date at the top of this page reflects the most recent revision.
If you have any questions about this policy or our data practices, please contact us at privacy@veyraone.com.
Veyran Systems, Inc.
838 Walker Road, Suite 21-2, Dover, DE 19904, United States
EIN: 41-4006820 · Delaware File Number: 10471705