When you register for velorinthiqe's forecasting tools, we obtain your contact information, business name, and the sector you operate in. This happens because the system needs to authenticate your account and tailor forecast models to your industry context.

If you request a consultation or contact our team, we capture the content of your message, any documents you attach, and the correspondence thread that follows. This creates a record we can reference when responding to your questions or continuing work on your forecasting requirements.

As you work within the platform—uploading financial data, adjusting forecast parameters, generating reports—those actions create operational logs. The system tracks which modules you've accessed, what data you've entered, and when reports were generated. This isn't surveillance; it's how the application maintains accuracy and allows us to assist you if something goes wrong with your forecast model.

Our servers automatically register technical details when you connect: IP address, browser type, device characteristics, timestamp of access. These emerge from standard internet protocols—your device broadcasts them as part of establishing a connection. We retain this technical layer for security analysis and to identify patterns that might indicate unauthorised access attempts.

If you encounter an error while working in the platform, diagnostic information gets captured automatically. This includes what you were trying to do, which function failed, and the state of your session at that moment. Engineers review these reports to fix bugs and improve system stability.

The primary function is straightforward: your account details allow you to log in; your business context calibrates the forecasting algorithms; your financial inputs feed into projection models; your usage history helps us troubleshoot issues when you contact support.

Beyond immediate service delivery, we analyse aggregated patterns—not individual accounts—to understand which forecasting features get used most frequently, where users encounter difficulties, and which industries show the highest engagement. This informs development priorities when we enhance the platform.

Security monitoring relies heavily on technical metadata. We watch for unusual login patterns, multiple failed authentication attempts, or access from unexpected geographic regions. When anomalies appear, we might temporarily restrict account access and ask you to confirm your identity.

Infrastructure hosting requires that your information resides on servers operated by our cloud service provider. They maintain the physical hardware and network connections, but contractual agreements prevent them from accessing or using your data for their own purposes. They function as a technical service vendor, not a data recipient with independent rights.

Payment processing involves transmission to financial institutions. When you subscribe to premium forecasting features, your payment card details move directly to our payment processor—we never receive or store complete card numbers. Transaction records that identify the purchase come back to us so we can activate your account features.

Email delivery services receive your address and message content when we send you forecast reports, account notifications, or responses to support inquiries. These services function purely as transmission channels; they don't retain copies or analyse content for their own commercial purposes.

Legal obligations occasionally compel disclosure. If Australian regulatory authorities issue a valid request related to financial compliance investigations, or if court orders demand production of records, we provide what's legally required. We don't volunteer information proactively to government entities outside formal legal processes.

Business transitions could alter information custody. If velorinthiqe merges with another company, undergoes acquisition, or sells the forecasting platform, your account information would transfer to the new entity. We'd notify users before such transitions complete, and the receiving organisation would remain bound by the commitments outlined in this framework.

Active account information remains accessible as long as your subscription continues. If you cancel your account, your profile and associated data enter a deactivation period lasting ninety days—enough time to reverse your decision if you change your mind. After that window closes, we initiate permanent deletion.

Financial data you've entered gets treated slightly differently. Since forecasting often involves historical comparison, we retain your input data for two years after account closure, allowing reactivation without complete data re-entry. Once that period expires, the figures get purged from our systems.

Communication records—support tickets, consultation notes, correspondence threads—stay in our archives for five years. This longer retention reflects business necessity: complex forecasting discussions sometimes spawn questions years later, and having access to previous conversations prevents us from making you repeat entire context explanations.

Technical logs and security monitoring data typically persist for eighteen months, then get automatically deleted. We keep them long enough to identify patterns in system abuse or unauthorised access attempts, but not indefinitely.

Ongoing legal matters freeze normal deletion cycles. If your account becomes involved in litigation, regulatory investigation, or dispute resolution, relevant information gets preserved until the matter concludes—regardless of typical retention periods.

Accounting requirements demand we retain transaction records for seven years under Australian financial regulations, even if you close your account much earlier. This applies to payment history, subscription records, and invoice documentation.

Aggregated, anonymised data that no longer identifies specific users might persist indefinitely. Once we've stripped identifying elements and aggregated information into statistical summaries—such as "manufacturing sector users access cash flow projections 40% more frequently than retail users"—it no longer constitutes personal information subject to deletion requests.

Account settings allow you to review and modify most information directly. You can update contact details, change business information, adjust notification preferences, and modify communication settings without needing to contact us.

Data export functionality lets you download copies of information we hold about you. This includes your profile data, financial inputs, generated forecasts, and correspondence history. We provide exports in common formats that work with standard business software.

Deletion requests trigger account closure processes. You can initiate this through account settings or by contacting support directly. Remember that deletion operates according to the retention schedules described earlier—it's not always instantaneous, particularly for information tied to legal or financial record-keeping requirements.

Objections to specific processing activities need to be articulated clearly. If you believe we're handling your information in ways that exceed service necessity or conflict with reasonable privacy expectations, contact us with specifics. We'll assess whether alternative approaches exist that still allow us to deliver forecasting services effectively.

Some information can't be deleted while maintaining service integrity. Your account credentials, for instance, must persist throughout your active subscription—deleting them would make logging in impossible. Transaction records tied to financial compliance obligations can't be removed early, regardless of your preferences.

Technical limitations constrain immediate deletion. Information propagated to backup systems or replicated across server clusters takes time to purge completely. When we confirm deletion, we mean we've initiated the process; complete removal from all systems might take up to thirty days.

Conflicting legal obligations sometimes override privacy requests. If law enforcement agencies have obtained preservation orders for specific account information, we can't delete it even if you request removal. We're required to notify you of such situations when legally permitted.

We protect information through multiple layers: encrypted transmission channels, access controls limiting which staff can reach which data segments, regular security audits identifying vulnerabilities, automated monitoring detecting unusual access patterns, and incident response procedures defining actions when breaches occur.

Financial data receives additional protection through encryption at rest—meaning it's scrambled while stored on servers, not just during transmission. Decryption requires keys held separately from the data itself, reducing risks if someone gains unauthorised server access.

Staff access follows need-to-know principles. Support team members can view your account details when resolving tickets, but they can't access your financial inputs without specific authorisation. Engineers might see anonymised technical logs, but they don't routinely browse user data.

No security framework eliminates all risks. Sophisticated attackers might exploit vulnerabilities we haven't discovered yet. Malicious insiders could abuse legitimate access. Natural disasters might affect data centre operations. Service providers we depend on could suffer their own breaches.

Your own security practices matter significantly. If you reuse passwords across multiple services, save login credentials in insecure locations, or access the platform from compromised devices, those vulnerabilities exist outside our control. We can protect information within our systems, but we can't secure your local environment.

We maintain cyber insurance and incident response capabilities, but these provide damage mitigation, not prevention guarantees. If a breach occurs despite our precautions, we'll notify affected users promptly and take remedial action—but we can't promise absolute immunity from security incidents.