1. Who we are and what this policy covers
VellumHold helps families capture the stories behind old photographs. A family member (the “Helper”) sits with an elderly relative (the “Storyteller”), photographs each picture, and records the spoken story attached to it. VellumHold then transcribes the audio, helps tidy it into a readable caption, and keeps the whole archive together.
This policy explains what personal data we collect, why, how we use it, who we share it with, how long we keep it, and the rights you have over it.
The data controller is
- [Legal entity name] (“VellumHold”, “we”, “us”, “our”)
- Registered address: [registered office address]
- Company number: [company number]
- ICO registration reference: [ICO registration number]
- Privacy contact: privacy@vellumhold.com
This policy covers two things
- Our website (the marketing and waitlist site at vellumhold.com), where you can join a waitlist by giving us your email address.
- The VellumHold app (the mobile app and, in due course, the web review application) and the accounts and archives within it.
Where a rule applies to only one of these, we say so.
2. Quick summary
This summary is for convenience only; the detailed sections below govern.
- Website / waitlist: we collect your email address so we can tell you when VellumHold launches. We rely on your consent, and you can withdraw it at any time by unsubscribing.
- App: we process the account, photographs, audio recordings, transcripts, captions, and the names and details of people in the photos that you and your family add — to provide the service to you.
- We do not run facial recognition or voice-identification on your photos or recordings. We do not sell your data, and we do not use your private family content to advertise to you.
- Some processing happens through carefully selected suppliers, including a speech-to-text provider and an AI provider that tidies transcripts. Where these are based outside the UK/EU, we put legal safeguards in place.
- Your family owns its archive: you can export everything at any time, and you can delete your account and data.
- You have strong rights over your data, including the right to complain — both to us and to the regulator.
3. The personal data we collect
3.1 Website and waitlist
| Data | Why we have it |
|---|---|
| Email address | To add you to the launch waitlist and email you when VellumHold is available, and (only if you have agreed) occasional product updates. |
| Basic technical and usage data (e.g. IP address, browser type, pages viewed) | To run and secure the website and understand aggregate traffic. See the Cookies section. |
We do not ask for any other personal data to join the waitlist.
3.2 The app — data you give us directly
- Account data: your name (or display name), email address, and the authentication identifier from your chosen sign-in method (email, Sign in with Apple, or Google). We do not see or store your Apple/Google password.
- Family and membership data: the family account you create or join, and your role within it (owner, editor, or viewer).
- Storyteller and people data: names, and where you choose to add them, biographical details such as approximate birth/death dates, maiden names, and notes, for the storyteller and for people appearing in or mentioned by the photos.
- Session and capture data: the photographs you take (a quick in-session “placeholder” image and, later, a higher-quality scan of the same picture), audio recordings of the stories told, and optional notes such as a location or device label.
- Content derived from the above: verbatim transcripts of the recordings, AI-assisted “cleaned” captions, and tags linking people to photos.
- Payment data (paid plans): handled by our payment processor (Stripe). We receive confirmation of your subscription status and limited billing details; we do not store your full card number.
- Communications: messages you send us (e.g. support requests).
3.3 The app — data we collect automatically
- Device and technical data: device type and operating system, app version, and, for notifications, a push-notification token.
- Diagnostic and usage data: crash reports and basic in-app events, used to keep the app reliable.
- Sync metadata: timestamps used to reconcile offline captures with the server.
3.4 Sensitive categories of data
VellumHold is built around personal memories, so recordings, captions, and notes may incidentally reveal “special category” information under Article 9 of the GDPR — for example a person’s health, religious beliefs, ethnic origin, political opinions, or sexual orientation, where a storyteller happens to mention them.
- We do not ask for this information and we do not seek it out.
- Where this content includes special category data, we rely on your explicit consent to process it for the purpose of building your archive.
- Photographs of faces and recordings of voices are not, by themselves, biometric special category data. They would only become biometric data if we processed them to identify a specific individual technically (for example, by facial recognition). We do not do this.
3.5 Data about other people, including people who are not VellumHold users
A central feature of VellumHold is that a Helper records information about other people — the storyteller, relatives, and people pictured in old photographs. Many of these people are not VellumHold users, and some may have died.
- If you are a Helper adding this information, you are responsible for having a proper basis to do so — typically the storyteller’s involvement and your family relationship. Please only add information you are entitled to record and preserve.
- If your information appears in a VellumHold archive and you want to know what is held, or ask us to change or remove it, contact privacy@vellumhold.com and see “Your rights”. Because archives are private to a family, we will usually work with the family account owner to resolve such requests, balancing your rights with the family’s interest in preserving its history.
- Deceased people: UK and EU data protection law generally does not apply to information about people who have died, although some countries have specific rules and the wishes of the family still matter to us. We handle this content with the same care as everything else in the archive.
4. Where the data comes from
Most data comes directly from you (the account holder and Helpers in your family). Some comes from other people in your family who use the same archive. A small amount comes automatically from your device, and from our sign-in and payment providers (e.g. confirmation that Apple or Google authenticated you, or that Stripe processed a payment).
For people whose information is added to an archive by someone else, the source of that data is the Helper or storyteller who recorded it.
5. How we use your data
Website / waitlist
- To operate the waitlist and notify you about launch.
- To send occasional product updates only if you have agreed.
- To keep the website running and secure.
App
- To create and manage your account and your family’s archive.
- To capture, store, transcribe, and caption your photos and recordings — the core service.
- To process your audio into text, and to tidy transcripts into readable captions using an AI provider. You can always view and restore the original transcript; we keep the raw recording and verbatim transcript alongside any cleaned version.
- To enhance scanned images (e.g. straighten and de-noise) without altering or deleting your originals.
- To sync your offline captures when you reconnect.
- To send you service messages and, where relevant, push notifications (e.g. “your captions are ready”).
- To take payment and manage subscriptions (paid plans).
- To provide support, ensure security, prevent fraud and abuse, keep the service reliable, and meet our legal obligations.
We do not use your private family content to target advertising, and we do not sell your personal data.
6. Our legal bases for using your data
Under the UK and EU GDPR we must have a lawful basis for each use. Ours are:
| What we do | Lawful basis |
|---|---|
| Add you to the waitlist; send launch and (opted-in) marketing emails | Consent (Art. 6(1)(a)). You can withdraw it at any time. |
| Provide the app, store and process your archive, transcribe and caption, sync, support | Performance of a contract with you (Art. 6(1)(b)). |
| Process content that incidentally contains special category data | Explicit consent (Art. 9(2)(a)) for the purpose of preserving your archive. |
| Record information about other living people in the archive | Legitimate interests (Art. 6(1)(f)) — preserving family history — balanced against those people’s rights. |
| Take payment and manage subscriptions | Contract (Art. 6(1)(b)) and legal obligation for tax/accounting records (Art. 6(1)(c)). |
| Keep the service secure, prevent fraud/abuse, keep it reliable | Legitimate interests (Art. 6(1)(f)) in running a safe, working product. |
| Comply with the law | Legal obligation (Art. 6(1)(c)). |
Where we rely on consent, you can withdraw it at any time without affecting processing already carried out. Where we rely on legitimate interests, you can object (see “Your rights”), and you can ask us for our assessment of the balance we have struck.
7. Who we share data with
We do not sell your data. We share it only with service providers who act on our instructions under a written data processing agreement, and only as needed to run VellumHold. Our key providers are:
| Provider | What they do for us | Where data is processed |
|---|---|---|
| Supabase | Primary database, authentication, and original file storage | EU (Dublin) |
| Cloudflare | Content delivery for photos and audio playback | Global edge network |
| Vercel | Hosting and delivery of our web app | United States / global |
| AssemblyAI | Speech-to-text (transcription) of recordings | United States |
| Anthropic (Claude API) | AI assistance to tidy transcripts into captions | United States |
| Inngest | Background job orchestration | United States |
| Stripe | Payment processing and subscription management | United States / EU |
| Apple, Google | Sign-in, app distribution, and push notifications | United States / global |
| Gelato / Lulu (future) | Print-on-demand fulfilment — only if and when you order a book | EU / UK |
We choose providers that process your content solely to deliver the service to us and not for their own purposes such as advertising. We may also disclose data where required by law, to establish or defend legal claims, or to protect the rights and safety of users and the public. If VellumHold is ever involved in a merger, acquisition, or asset sale, your data may transfer to the successor entity under this policy or a successor policy.
8. International data transfers
Your archive is stored in the EU (Dublin). However, some providers above process data in the United States or other countries outside the UK/EEA. When personal data leaves the UK or EEA, we make sure an approved safeguard is in place, such as:
- the provider’s certification under the EU–US Data Privacy Framework and its UK Extension, where applicable; and/or
- the UK International Data Transfer Agreement / Addendum and the EU Standard Contractual Clauses, supported by a transfer risk assessment.
You can ask us for more detail about the safeguard used for any specific transfer by emailing privacy@vellumhold.com.
9. Your rights
Subject to the conditions in the law, you have the right to:
- Be informed about how we use your data (this policy).
- Access the personal data we hold about you.
- Rectify inaccurate or incomplete data.
- Erase your data (“right to be forgotten”).
- Restrict processing in certain circumstances.
- Object to processing based on our legitimate interests, and to direct marketing at any time.
- Data portability — receive certain data in a portable format. VellumHold also offers a full archive export to everyone, including free users.
- Withdraw consent where we rely on it. This does not affect earlier processing.
- Not be subject to solely automated decisions with legal or similarly significant effects. We do not make such decisions about you. Our AI caption tidy-up assists you and never produces such a decision; you can always view and keep the original.
“Preserve everything” and your deletion rights
VellumHold is designed never to silently discard content from a live archive — for example, we keep your original recording alongside any cleaned caption, and we use “soft deletes” so families do not lose history by accident. This product principle does not override your legal rights: if you ask us to delete your account or specific personal data, we will do so in line with the law (subject to limited exceptions such as records we must keep for legal or accounting reasons, and copies that persist briefly in backups).
How to exercise your rights
Email privacy@vellumhold.com. We will respond within one month (extendable by two further months for complex requests, which we will tell you about). We may need to verify your identity first. Exercising your rights is normally free.
Complaints
- You can complain directly to us at privacy@vellumhold.com. We will acknowledge your complaint within 30 days and respond without undue delay.
- You can also complain to the regulator. In the UK this is the Information Commissioner’s Office (ICO) — ico.org.uk, helpline 0303 123 1113. In the EU, you can complain to your local data protection authority. We would, however, appreciate the chance to address your concerns first.
10. How long we keep your data
| Data | Retention |
|---|---|
| Waitlist email (no account created) | Until you unsubscribe, or after 24 months of inactivity, then deleted. |
| Account and archive content (active account) | For as long as your account is active, so your family can keep and use its archive. |
| After you delete your account or specific content | Soft-deleted immediately, then permanently erased within 30 days; residual backup copies removed within 90 days. |
| Lapsed / cancelled subscriptions | Read-only access to existing content is retained, unless you ask us to delete it. |
| Payment and tax records | As required by law, typically 6 years. |
| Support messages and logs | Up to 24 months. |
11. Security
We take the protection of irreplaceable family memories seriously. Our measures include:
- Storing your archive in the EU with strict row-level security, so each family’s data is isolated and accessible only to that family.
- Encryption in transit and at rest.
- Authentication via email, Apple, or Google, with access controlled by family role.
- Originals kept intact (we only ever create derived copies), and soft deletes to reduce accidental loss.
- Access to systems limited to authorised personnel on a need-to-know basis.
No system is perfectly secure. If a personal data breach occurs that is likely to risk your rights and freedoms, we will notify the ICO within 72 hours where required, and we will tell you without undue delay where the law requires it.
12. Children
VellumHold is operated by the Helper, who runs the account on behalf of the family. You must be at least 18 to create a VellumHold account.
Old photographs may show children, including the storyteller as a child. Such images are treated as ordinary archive content under this policy.
Because our service may be accessed by young people, we follow the children’s protection duties in UK data protection law and the ICO’s Age Appropriate Design Code, designing the service with the best interests of children in mind.
If you believe a child’s data has been handled inappropriately, contact privacy@vellumhold.com.
13. Cookies and similar technologies
Our website uses a small number of cookies and similar technologies. Strictly necessary cookies (needed to run the site and remember your choices) do not require consent. Any analytics or non-essential cookies are used only with your consent, which you can give or refuse via our cookie banner and change at any time.
14. Marketing
If you join the waitlist, we will email you about the launch. We will only send other marketing (e.g. product news, tips) if you have agreed, and every marketing email includes an unsubscribe link. You can opt out at any time without affecting the service messages we need to send you (e.g. security or billing notices).
15. Changes to this policy
We may update this policy as the product develops or the law changes. We will post the updated version here and update the version and date. If changes are significant, we will tell you directly (e.g. by email or in-app) before they take effect.