Legal

Privacy Policy

Last updated: June 13, 2026

Velano Inc (the “Company”), a Delaware corporation and the maker of Velano (“Velano”), operates a commercial website, software platform, and related communications services for dental practices and other healthcare organizations. This Privacy Policy (the “Privacy Policy”) is intended to help you understand how we collect, use, share, and protect the personal information you give us when you visit our website, request a demo, communicate with us, open or manage an account, or otherwise engage with us in a business-to-business or commercial setting.

This Privacy Policy also explains certain processing we carry out on behalf of our healthcare customers when we power outbound calling and texting workflows for them, such as appointment reminders, confirmations, recalls, reactivations, and similar customer-directed messages. For the purposes of this Privacy Policy, “Site” means the Company’s website, available at https://velano.io, and “Service” means the offerings accessed through the Site, through which users operate an AI-powered virtual dental reception assistant. “We,” “us,” and “our” refer to the Company. “You” refers to you, as a visitor to our Site or a user of our Service.

Where we handle protected health information (“PHI”) or other regulated patient data on behalf of a HIPAA covered entity or another healthcare customer, we do so as a service provider, processor, or business associate under our agreement and business associate agreement with that customer. In those cases, the customer’s own notice of privacy practices and its direct relationship with the patient generally govern the collection and use of PHI, while this Privacy Policy governs Velano’s own website, commercial, and direct business-contact processing unless the context clearly indicates otherwise.

This Privacy Policy covers the following topics:

Information We Collect
How We Use and Disclose Information
Data Retention and Security
Your Privacy Rights
Third-Party Sites and Integrations
Changes to This Privacy Policy
Contact Us

I. Information We Collect

We collect personal information directly from you, automatically from your browser or device, from our customers and their authorized users, and from vendors or other third parties acting on our behalf. Depending on the context, the information we collect may include:

Identifiers and contact details, such as name, business email address, phone number, company name, job title, mailing address, and account credentials.
Commercial and account information, such as subscription details, contract history, product interest, support tickets, and onboarding or implementation details.
Internet and device activity, such as IP address, device identifiers, browser type, operating system, usage logs, pages viewed, referring URLs, interactions with the Site, and data collected through cookies or similar technologies.
Communications data, such as emails, chat messages, call recordings, voicemail, SMS or MMS content, transcripts, call metadata, appointment-related messages, opt-in and opt-out records, and communication preferences, including do-not-call and do-not-text preferences where applicable.
Protected health information or similar patient data, but only where a customer directs us to process it through the Service and only to the extent permitted by our agreement, business associate agreement, and applicable law.

Information Collected Automatically

We and our vendors may use cookies, pixels, software development kits, session-replay tools, APIs, logs, and similar technologies to gather information about how the Site and Service are used, including sign-in activity, preferences, pages viewed, feature usage, browser settings, timestamps, and diagnostic data. We rely on this information to run the Site and Service, remember your settings, measure traffic and performance, secure our systems, detect fraud, keep logs, and improve functionality.

Cookie and Browser Privacy Controls. Browser-based “Do Not Track” signals are not handled consistently across the industry. Where applicable law requires it, we honor legally recognized opt-out preference signals, such as Global Privacy Control, for the processing those laws cover. We may also make separate cookie settings or consent tools available on the Site.

Information You Provide to Us

You may give us information when you request a demo, contact sales or support, sign up for communications, enter into a contract, open or manage an account, upload information into the Service, or otherwise communicate with us. This may include your name, business contact details, organization, phone number, email address, scheduling information, and any content you choose to share. If you provide information about other individuals, you confirm that you have the authority to do so.

Information We Process on Behalf of Customers

When our customers use the Service to automate outbound calls and texts, we and our service providers may process customer-supplied contact information, appointment information, communication preferences, call recordings, transcripts, and related data at the customer’s direction. In that role we generally act as a service provider, processor, or business associate, and we process the information only on behalf of, and under the instructions of, the customer, subject to our agreement, any applicable business associate agreement, and applicable law.

Children’s Privacy

The Site is built for business users and is not directed to children under 13. We do not knowingly collect personal information directly through the Site from children under 13. If you believe a child has provided personal information to us through the Site, please contact us at privacy@velano.io so we can review and delete it as appropriate. This section does not limit a healthcare customer’s separate relationship with its own patients or their guardians.

II. How We Use and Disclose Information

Subject to applicable law and, where relevant, our contractual commitments to customers, we may use and disclose personal information for the following purposes:

To provide, maintain, secure, and improve the Site and Service, including onboarding, account administration, customer support, billing, implementation, analytics, troubleshooting, quality assurance, and product development.
To send or enable customer-directed calls, texts, voicemails, emails, appointment reminders, confirmations, recalls, reactivations, and other communications requested by our customers.
To respond to inquiries, schedule demos, market our offerings, and manage our relationships with current and prospective customers, partners, and vendors.
To personalize user experiences, monitor performance, prevent fraud, enforce our agreements, bring or defend legal claims, comply with law, and protect the rights, safety, and security of Velano, our users, customers, and others.
To create aggregated, deidentified, or anonymized information where permitted by law and contract. We will not attempt to reidentify deidentified information except as permitted by law.

Service Providers. We may disclose personal information to service providers, contractors, processors, business associates, professional advisors, cloud and communications vendors, analytics providers, and other third parties that support our operations. We may also disclose information in connection with a corporate transaction, to comply with law, to respond to lawful requests, to protect rights and security, or at your direction or with your consent. We do not sell personal information for monetary consideration. The service providers we use may include:

Google Analytics. To learn how Google handles your personal information, see Google’s Privacy Policy. You can opt out of Google Analytics using the Google Analytics Opt-out Browser Add-on.
Hotjar (session-replay analytics). We use Hotjar’s session-replay analytics, which lets us record and replay an individual’s interaction with the Service. For details, see the “Personal Data collected from a visitor of a Hotjar Enabled Site” section of Hotjar’s Privacy Policy. To opt out, see Hotjar’s Do Not Track page.
LinkedIn Analytics. To learn how LinkedIn handles your personal information, see LinkedIn’s Privacy Policy.
Meta (formerly Facebook) Connect. To learn how Meta handles your personal information, see Meta’s Privacy Policy. You can adjust your choices while signed in to your Meta account.
Mixpanel. We use Mixpanel to understand how you interact with the Service (for example, which pages you visit) so we can improve it. For details, see Mixpanel’s Privacy Policy.

Advertising Partners. We may share your personal information with third-party advertising partners. These partners may set tracking technologies on the Service to collect information about your activity and device (for example, your IP address, cookie identifiers, pages visited, location, and time of day). They may use this information, together with similar information collected elsewhere, to deliver personalized advertisements to you across digital properties in their networks. This practice is commonly called “interest-based advertising,” “personalized advertising,” or “targeted advertising.” The advertising technologies we use may include:

Instagram. To learn how Instagram handles your personal information, see Instagram’s Privacy Policy. You can adjust your choices while signed in to your Instagram account.
Meta (formerly Facebook) Connect. To learn how Meta handles your personal information, see Meta’s Privacy Policy. You can adjust your choices while signed in to your account.
TikTok. To learn how TikTok handles your personal information, see TikTok’s Privacy Policy.
X (formerly Twitter). To learn how X handles your personal information, see X’s Privacy Policy.

Disclosures to Protect Us or Others

We may access, preserve, and disclose information we hold about you to outside parties if we believe in good faith that doing so is required or appropriate to: comply with law enforcement or national-security requests and legal process, such as a court order or subpoena; protect the rights, property, or safety of you, us, or others; enforce our policies or contracts; collect amounts owed to us; or support the investigation or prosecution of suspected or actual unlawful activity.

Disclosure in a Merger, Sale, or Other Asset Transfer

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, receivership, purchase or sale of assets, transition of service to another provider, or other similar transaction, your personal information may be disclosed, sold, or transferred as part of that transaction.

Communications, Calling, and Texting Disclosures

If you provide a mobile number or other telephone number to us, to one of our customers through the Service, or through a form, workflow, or other interaction that clearly anticipates follow-up communications, you or the relevant customer may use that number for informational, transactional, operational, account, support, and, where permitted by law and with any required consent, marketing or promotional calls and texts. These communications may be placed or sent using an automatic telephone dialing system, an artificial or prerecorded voice, AI-generated voice technology, or other automated means where the law allows. Consent to receive automated calls or texts is not a condition of any purchase. Message frequency may vary, and message and data rates may apply. You may opt out of marketing texts by replying STOP, and where offered you may reply HELP for assistance. You may also contact the sender directly to update your preferences.

We maintain records of opt-ins, opt-outs, and related communication preferences where appropriate. Our customers are responsible for establishing the lawful basis for the communications they direct us to send, including obtaining and documenting any consent, honoring revocations, maintaining internal do-not-call requests, and complying with applicable caller-identification, disclosure, time-of-day, content, and campaign rules. Velano may rely on customer instructions and representations about contact permissions except to the extent the law requires otherwise. Calls, emails, web chats, and other communications may be monitored or recorded by Velano or our service providers, and texts or call transcripts may be recorded, stored, reviewed, and disclosed for customer service, quality assurance, training, compliance, security, analytics, and legal purposes, in each case subject to applicable law and contract.

III. Data Retention and Security

We keep personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to deliver the Site and Service, maintain records, honor preferences, resolve disputes, enforce our agreements, and meet legal obligations. Retention periods vary depending on the nature of the information, the context in which it was collected, customer instructions, and applicable law.

We use administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, use, alteration, and disclosure. No method of transmission or storage is completely secure, so we cannot guarantee absolute security. You are responsible for keeping your credentials confidential and for promptly notifying us of any suspected unauthorized access.

IV. Your Privacy Rights

Depending on where you live and subject to applicable law, you may have the right to ask us to:

Confirm whether we process your personal information and provide access to it.
Correct inaccurate personal information.
Delete personal information, subject to legal and operational exceptions.
Provide a portable copy of certain personal information.
Opt out of the sale of personal information, sharing for cross-context behavioral advertising, targeted advertising, certain profiling, or certain uses or disclosures of sensitive personal information, where those laws apply and those activities occur.
Appeal a decision not to act on your request where applicable law provides an appeal right.

You may submit requests by contacting us at privacy@velano.io. We may need to verify your identity before we respond. Where the law allows, you may authorize an agent to submit certain requests on your behalf. We will not discriminate against you for exercising applicable privacy rights. Where we process personal information solely on behalf of a customer, we may direct you to that customer, since it controls the underlying data and the response process.

Marketing Choices. We may use personal information to tailor and deliver marketing and other content to you, as permitted by applicable law.

California Shine the Light. We do not share your personal information with third parties for those third parties’ own direct marketing purposes.

You can opt out of marketing emails using the unsubscribe link in any message you receive. You can opt out of marketing texts by replying STOP where available, and you can ask not to receive future marketing calls or texts by following the instructions in the communication or contacting the sender. We may still send service, transactional, security, and other non-marketing communications.

V. Third-Party Sites and Integrations

As part of the Service, Velano Inc may use or integrate third-party sites and services to enhance Velano’s functionality and user experience, such as Calendly to schedule appointments or demos. These sites and services are governed by their own privacy policies and terms of service, which we encourage you to review. We are not responsible for the privacy practices of those websites or for the information or content they contain.

VI. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will post the updated policy, revise the “Effective Date,” and provide any additional notice required by law.

VII. Contact Us

If you have any questions about this Privacy Policy or the practices of this Site, please email us at privacy@velano.io.