Last updated: 2 April 2026
Arvelo Limited ("Arvelo", "we", "us") operates the arvelo.io platform. This policy explains how we collect, use, and protect your personal data.
When you create an account we collect your name, work email address, company name, and billing information (processed by Stripe — we never store card details).
We collect data about how you use the platform — pages visited, features used, and bot interactions. This helps us improve the product.
When your employees interact with Cleo via Slack or Microsoft Teams, their messages and the bot's responses are processed to resolve their request and, where necessary, create a support ticket. This data is stored in your account and is accessible only to you.
We do not sell your data to third parties. We do not use your data for advertising.
Your data is stored in the European Union on Supabase (PostgreSQL). All data in transit is encrypted via TLS. SSO credentials are encrypted at rest using AES-256-GCM. We apply row-level security so each account's data is isolated from others.
Under GDPR you have the right to access, correct, export, or delete your personal data at any time. To exercise any of these rights, contact us at our contact page. We will respond within 30 days.
We retain your data for as long as your account is active. If you close your account, we delete your personal data within 30 days, except where we are required to retain it for legal or financial compliance purposes (typically 7 years for billing records).
We use cookies for authentication and optional analytics. See our Cookie Policy for details.
For privacy questions, contact our Data Protection contact via our contact page or write to: Arvelo Limited, hello@arvelo.io