Legal

Privacy Policy

Last updated: March 17, 2026

Infinisoft Solutions, operating under the brand name Velisto AI ("Velisto," "we," "us," or "our"), is committed to protecting the privacy of our users. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information when you visit our website at velisto.ai, use the Velisto AI platform at app.velisto.ai, or interact with our services (collectively, the "Services").

By accessing or using our Services, you agree to this Privacy Policy. If you do not agree, please do not use our Services.

1. Information We Collect

1.1 Information You Provide Directly

Account Information: Name, email address, password, phone number, and professional details (brokerage, location, role) when you create an account.

Profile & Brand Kit Data: Agent headshots, logos, brand colors, fonts, contact information, and voice profile preferences you upload or configure.

Listing Data: Property listings you add manually, import via CSV, paste via URL, or sync via the Houzez WordPress plugin, including property photos, descriptions, and details.

Content Data: Captions, social media posts, brochures, video reels, and other marketing content you create or generate through our platform.

Social Account Credentials: OAuth tokens and profile information for social media accounts you connect (Facebook, Instagram, LinkedIn).

Lead Data: Information about leads captured through your marketing activities, including names, emails, phone numbers, and interaction history.

Payment Information: Billing is handled by Paddle (our Merchant of Record). We do not directly store your credit card numbers. Paddle collects and processes payment information per their privacy policy.

Communications: Any messages, feedback, or support requests you send us.

1.2 Information Collected Automatically

Usage Data: Pages visited, features used, content generated, posts scheduled, and actions taken within the platform.

Device & Browser Data: IP address, browser type, operating system, device identifiers, and screen resolution.

Cookies & Tracking: We use cookies and similar technologies to maintain sessions, remember preferences, and analyze usage. See our Cookie Policy for details.

Log Data: Server logs including access times, referring URLs, and error reports.

1.3 Information from Third Parties

Social Media Platforms: When you connect social accounts, we receive profile information, page/account lists, and posting analytics as authorized by your OAuth permissions.

Houzez/WordPress: Listing data synced from your Houzez-powered website via our plugin.

Paddle: Subscription status, billing events, and transaction information from our payment processor.

2. How We Use Your Information

We use your information to:

Provide, maintain, and improve our Services, including AI content generation, visual design, social scheduling, and lead management.

Process your subscription and manage billing through Paddle.

Personalize your experience, including AI-generated topic suggestions based on your agent profile, location, and niche.

Apply your brand kit (colors, logos, headshot, fonts) to generated content and templates.

Publish content to your connected social media accounts at your direction.

Provide customer support and respond to inquiries.

Send transactional emails (account confirmations, billing receipts, scheduled post notifications).

Analyze usage patterns to improve our platform, fix bugs, and develop new features.

Detect, prevent, and address fraud, abuse, and technical issues.

Comply with legal obligations.

3. How We Share Your Information

We do not sell your personal information. We share information only in these circumstances:

Paddle (Merchant of Record): Payment and subscription data is shared with Paddle to process billing, handle taxes, issue invoices, and manage refunds. Paddle acts as the Merchant of Record for all transactions.

Social Media Platforms: When you schedule or publish posts, content is sent to the social platforms you’ve connected (Meta, LinkedIn, etc.) via their APIs.

AI Providers: Content generation prompts (which may include listing data and preferences) are sent to AI providers (Anthropic, OpenAI) for processing. These providers do not use your data to train their models per our agreements.

Cloud Infrastructure: Data is stored on AWS infrastructure with encryption at rest and in transit.

CRM Integrations: If you configure third-party CRM integrations (Follow Up Boss, HubSpot, Zapier), lead data is shared with those services at your direction.

Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request.

Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred.

4. Data Retention

We retain your data for as long as your account is active or as needed to provide Services. If you cancel your subscription, your account enters read-only mode and data is preserved for up to 12 months. After 12 months of inactivity, we may delete your data. You may request earlier deletion by contacting us.

5. Data Security

We implement industry-standard security measures including encrypted PostgreSQL databases on AWS, secure OAuth authentication for social accounts, HTTPS/TLS encryption for all data in transit, and access controls limiting employee access to personal data. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

6. Your Rights & Choices

Depending on your location, you may have the following rights:

Access: Request a copy of your personal data.

Correction: Update inaccurate or incomplete data.

Deletion: Request deletion of your personal data, subject to legal retention requirements.

Portability: Request your data in a portable format.

Opt-Out: Unsubscribe from marketing emails via the link in any email. Transactional emails cannot be opted out of while your account is active.

Cookie Preferences: Manage cookies through your browser settings.

To exercise these rights, contact us at privacy@velisto.ai.

7. GDPR (European Users)

If you are in the European Economic Area (EEA) or UK, we process your data under the following legal bases: contract performance (to provide our Services), legitimate interests (to improve and secure our platform), consent (for optional marketing communications), and legal obligation. You have the right to lodge a complaint with your local data protection authority.

8. CCPA (California Users)

California residents have additional rights under the CCPA, including the right to know what personal information is collected, the right to delete, and the right to opt out of the sale of personal information. We do not sell personal information. To make a request, contact privacy@velisto.ai.

9. Children’s Privacy

Our Services are not directed to individuals under 18. We do not knowingly collect personal information from children. If we learn we have collected such data, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the “Last updated” date. Continued use of our Services after changes constitutes acceptance.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Velisto AI

Email: privacy@velisto.ai

Support: support@velisto.ai

Website: velisto.ai