Privacy Policy

00 Overview

By accessing or using the Vaired AI platform — including through our website at vaired.com, mobile applications, or API integrations — you agree to the collection and use of your information as described in this Privacy Policy.

If you do not agree with any part of this policy, you must discontinue use of our services immediately.

01 Who We Are

Vaired AI is operated by Vaired Technologies Private Limited, a company incorporated under the Companies Act, 2013, with its registered office in India.

Vaired AI is an AI-powered marketing creative platform that enables users to generate, enhance, brand, score, and launch advertising campaigns across multiple digital platforms.

For the purposes of applicable data protection laws — including India's Digital Personal Data Protection Act, 2023 (DPDP Act) — Vaired Technologies Private Limited is the Data Fiduciary in respect of personal data processed through our services.

02 Data We Collect

2.1 Account & Registration Data

When you create an account or join our waitlist, we collect:

• Full name
• Work email address
• Company or organisation name
• Phone number (optional)
• Job role or title
• Password (stored as a cryptographic hash — never in plain text)

2.2 Profile & Brand Data

When you set up your brand workspace, we collect:

• Brand name, logo, and visual assets you upload
• Brand color palettes and typography preferences
• Website URL (for Smart Fill analysis)
• Target audience details and campaign objectives

2.3 Content You Generate

When you use Vaired's creative tools, we process and store:

• Text prompts and instructions you input
• Images and creative assets you upload
• AI-generated images, copy, and campaign content
• Campaign configurations, budgets, and targeting parameters
• Engagement scores and analytics data

2.4 Platform Integration Data

When you connect advertising platforms (Meta, LinkedIn, Google Ads, TikTok, YouTube, X/Twitter), we collect and process:

• OAuth access tokens (encrypted at rest)
• Ad account identifiers
• Campaign performance metrics returned by platform APIs
• Audience targeting parameters

We do not store your advertising platform passwords. Access is granted through OAuth 2.0 and you may revoke it at any time.

2.5 Usage & Technical Data

We automatically collect:

• IP address and approximate geographic location
• Device type, operating system, and browser information
• Pages visited, features used, and session duration
• API calls made and credit consumption logs
• Error logs and crash reports

2.6 Payment Data

Payment processing is handled by third-party payment processors (such as Razorpay or Stripe). We do not store full credit card numbers, CVV codes, or banking credentials on our servers. We retain only a transaction reference ID, plan tier, and payment status.

2.7 Communications Data

If you contact us via email, support tickets, or our contact form, we retain the content of those communications and your contact details.

03 How We Use Your Data

We use the personal data we collect for the following purposes:

3.1 Providing Our Services

• Creating and managing your account
• Processing AI-generated content requests
• Managing campaigns and platform integrations
• Delivering analytics, scoring, and performance insights
• Enforcing plan limits, credit balances, and billing

3.2 Improving Our Platform

• Analysing usage patterns to improve features and UX
• Training and improving AI model performance using aggregated, anonymised data
• Identifying and fixing bugs and performance issues

3.3 Communications

• Sending transactional emails (billing receipts, plan changes, security alerts)
• Sending product updates, new feature announcements, and waitlist notifications
• Responding to support queries and feedback

You may opt out of marketing communications at any time by clicking "Unsubscribe" in any email or contacting us directly.

3.4 Legal & Safety

• Complying with applicable laws and regulations
• Detecting and preventing fraud, abuse, or policy violations
• Enforcing our Terms of Service
• Protecting the rights, property, or safety of Vaired AI, our users, or third parties

04 Legal Basis for Processing

Under India's Digital Personal Data Protection Act, 2023 (DPDP Act) and other applicable laws, we process your personal data on the following bases:

• Consent: For marketing communications, optional data collection, and where you have provided explicit consent. You may withdraw consent at any time.
• Contractual necessity: To perform the services you have subscribed to under our Terms of Service.
• Legitimate interests: For platform security, fraud prevention, product improvement, and analytics — where these interests are not overridden by your rights.
• Legal obligation: Where we are required to process data to comply with applicable law.

05 Data Sharing & Disclosure

We do not sell your personal data. We do not share your personal data with third parties for their own marketing purposes. We share data only in the following limited circumstances:

5.1 Service Providers

We engage trusted third-party service providers to help operate our platform, including cloud hosting, AI model APIs, payment processing, analytics, and customer support tools. These providers process data only on our instructions and are bound by confidentiality obligations.

5.2 Platform Integrations

When you connect and use advertising platform integrations (Meta, LinkedIn, Google Ads, TikTok, YouTube, X/Twitter), campaign data and creative assets are transmitted to those platforms on your instruction. Each platform's own privacy policy governs their use of that data.

5.3 Business Transfers

In the event of a merger, acquisition, restructuring, or sale of assets, your data may be transferred to the successor entity, subject to the same privacy protections.

5.4 Legal Requirements

We may disclose your data if required to do so by law, court order, or government authority, or if we believe disclosure is necessary to protect our legal rights or the safety of any person.

5.5 With Your Consent

We may share your data with third parties when you have given us explicit consent to do so.

06 Third-Party Services

Vaired AI integrates with the following categories of third-party services. Each has its own privacy policy which governs their data practices:

• Advertising platforms: Meta (Facebook & Instagram), LinkedIn, Google Ads, TikTok, YouTube, X/Twitter
• AI model providers: Third-party AI API providers for image generation, text generation, and visual analysis
• Cloud infrastructure: Cloud hosting and storage providers
• Payment processing: Payment gateway providers
• Analytics: Usage analytics and error tracking providers
• Email delivery: Transactional email service providers

We encourage you to review the privacy policies of these third-party services before connecting them to your Vaired AI account.

07 AI Processing & Your Content

Vaired AI uses third-party AI model APIs to power image generation, text generation, visual analysis, and engagement scoring features. When you submit prompts or upload images, that content may be transmitted to these AI providers for processing.

7.1 Prompt & Content Data

Text prompts and images you submit are processed by AI models to generate the requested output. We take reasonable steps to ensure our AI providers do not use your specific content to train their models without appropriate safeguards, and we select enterprise-tier API agreements where data usage rights are clearly defined.

7.2 Generated Content Ownership

Subject to applicable law and our Terms of Service, you retain ownership of the creative assets generated using your prompts and inputs on the Vaired AI platform.

7.3 Smart Fill from URL

When you use Smart Fill from URL, our systems make a request to the URL you provide and analyse publicly available content (text and images) from that page to suggest creative parameters. We do not store the full content of third-party websites beyond what is necessary to provide this feature.

7.4 Engagement Scoring

Engagement scores are generated by AI models analysing visual and textual attributes of your creative assets. This analysis is performed on our servers and by our AI providers. Scores and recommendations are stored in your account for your reference.

08 Data Retention

We retain your personal data for as long as your account is active or as needed to provide our services. Specifically:

• Account data: Retained for the duration of your account and for 3 years after account closure, unless a longer retention period is required by law.
• Generated creative assets: Retained in your account until you delete them or close your account.
• Campaign & analytics data: Retained for 2 years after campaign completion.
• Payment records: Retained for 7 years in accordance with applicable financial regulations.
• Usage logs: Retained for 12 months.
• Support communications: Retained for 2 years after resolution.

Upon account deletion, we will delete or anonymise your personal data within 30 days, except where retention is required by law.

09 Security

We implement industry-standard technical and organisational security measures to protect your personal data, including:

• Encryption of data in transit using TLS 1.2 or higher
• Encryption of sensitive data at rest (including OAuth tokens and passwords)
• Row-level security and multi-tenant data isolation in our database
• Role-based access controls limiting employee access to personal data
• Regular security audits and vulnerability assessments
• Incident response procedures for data breach detection and notification

While we take all reasonable precautions, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

In the event of a data breach affecting your personal data, we will notify you and relevant authorities as required by applicable law.

10 Your Rights

Under the DPDP Act 2023 and applicable laws, you have the following rights regarding your personal data:

• Right to access: Request a copy of the personal data we hold about you.
• Right to correction: Request correction of inaccurate or incomplete personal data.
• Right to erasure: Request deletion of your personal data, subject to legal retention requirements.
• Right to data portability: Request your data in a structured, machine-readable format.
• Right to withdraw consent: Withdraw consent for any processing based on consent, at any time.
• Right to grievance redressal: Lodge a complaint with our Grievance Officer (details below) or the Data Protection Board of India once established.
• Right to nominate: Nominate another individual to exercise rights on your behalf in the event of death or incapacity.

To exercise any of these rights, please contact us at support@vaired.com. We will respond within 30 days of receiving your request.

11 Children's Privacy

Vaired AI is not directed at children under the age of 18. We do not knowingly collect personal data from children. If you are under 18, please do not use our services or submit any personal data to us.

If we become aware that we have inadvertently collected personal data from a child under 18, we will take immediate steps to delete that information. If you believe we may have collected data from a child, please contact us at support@vaired.com.

This requirement applies to our website, mobile applications, and all API-connected products.

12 International Data Transfers

Vaired Technologies Private Limited is based in India. Your data may be processed and stored on servers located in India or in other countries where our cloud infrastructure and AI providers operate, including the United States and European Union member states.

Where personal data is transferred outside India, we ensure such transfers are made in compliance with the DPDP Act 2023 and applicable cross-border data transfer regulations. We use appropriate safeguards including standard contractual clauses and data processing agreements with our service providers.

By using Vaired AI, you acknowledge and consent to the transfer of your data to these locations.

13 Cookies & Tracking

We use cookies and similar tracking technologies on our website and platform. These include:

• Essential cookies: Required for the platform to function (authentication sessions, security tokens). Cannot be disabled.
• Functional cookies: Remember your preferences and settings across sessions.
• Analytics cookies: Help us understand how users interact with our platform (page views, feature usage). Data is aggregated and anonymised where possible.
• Marketing cookies: Used to measure the effectiveness of marketing campaigns. Only activated with your consent.

You can control cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the platform. We will request your consent for non-essential cookies on your first visit.

14 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last updated" date at the top of this page
• Send an email notification to registered users
• Display a prominent notice on our platform for 30 days

Your continued use of Vaired AI after any changes constitutes acceptance of the updated Privacy Policy. If you do not agree to the revised policy, you must discontinue use of our services.

15 Contact & Grievance Officer

For any questions, requests, or complaints regarding this Privacy Policy or your personal data, please contact our Grievance Officer as required under the DPDP Act 2023 and IT Act 2000:

If you are not satisfied with our response, you may escalate your complaint to the Data Protection Board of India once it is constituted under the DPDP Act 2023.