Veevo
Get Started Free

Privacy Policy

Effective: April 4, 2026

1. Who We Are

Veevo ("we", "us", "our") operates the Veevo platform at getveevo.io — a video conferencing and collaboration service designed for schools, districts, and small organizations. Our contact email for privacy matters is support@getveevo.io.

2. Information We Collect

We collect information you provide directly to us when you register or use our platform:

  • Account information: name, email address, password (stored as a secure hash), and organization name.
  • Profile data: role within your organization (administrator, teacher, student, member).
  • Usage data: session start/end times, participant counts, recording metadata, attendance records, poll responses, and chat messages within sessions.
  • Technical data: IP address (collected at login and registration for security purposes), browser type, and device type.
  • Payment information: billing email and Stripe customer ID. We do not store full card numbers — payment processing is handled by Stripe, Inc.
  • COPPA-related data (where applicable): date of birth and parent/guardian email, collected only when an organization has enabled parental consent requirements for student accounts.

3. FERPA Compliance

Veevo operates as a School Official under FERPA (20 U.S.C. § 1232g) when contracted by educational institutions. As such:

  • We use student education records solely to provide the contracted service — we do not sell, share, or use them for advertising.
  • The educational institution (administrator) retains control over student data and is responsible for obtaining any required parental consent.
  • Students and their parents may request access to or deletion of records by contacting their school administrator, who can submit a request to support@getveevo.io.
  • We support configurable data retention periods. When an organization's data retention window expires, session recordings and attendance logs are eligible for automated deletion.

4. COPPA Compliance (Children Under 13)

Veevo does not knowingly collect personal information from children under 13 without verifiable parental consent. When an educational institution enables the parental consent requirement for their account:

  • Students are asked to provide their date of birth during account creation via invitation.
  • Students identified as under 13 must provide a parent or guardian email address before their account is activated.
  • A parental consent notification is sent to the provided email. The account remains in a pending-consent state until consent is confirmed.
  • If consent is not received within 14 days, the student account is automatically deactivated.
  • Parents and guardians may review, update, or request deletion of their child's information by contacting support@getveevo.io.

If your school does not enable the parental consent requirement, you (the administrator) represent that you have obtained all necessary consents and authorizations under applicable law, including COPPA.

5. How We Use Your Information

  • To provide, operate, and improve the Veevo platform.
  • To authenticate users and maintain session security.
  • To generate attendance, session, and analytics reports for your organization.
  • To process billing and subscription management through Stripe.
  • To send transactional emails (invitations, password resets, consent notices).
  • To maintain audit logs for security and legal compliance.

We do not use student data for advertising, profiling, or any purpose other than providing the educational service.

6. Data Sharing and Third Parties

We do not sell your personal information. We share data only with the following categories of service providers, under strict data processing agreements:

  • LiveKit, Inc. — real-time video and audio infrastructure. Session media is processed through LiveKit servers.
  • Stripe, Inc. — payment processing for paid subscriptions.
  • Neon Tech, Inc. — managed PostgreSQL database hosting.

We may disclose information if required by law, court order, or to protect the rights and safety of users.

7. Data Retention

Organization administrators can configure their data retention period from their dashboard settings. By default, session recordings and attendance records are retained for 365 days. After the retention window:

  • Session recordings and attendance logs are deleted automatically.
  • Account and organization data is retained until the organization is deleted or requests deletion.
  • Audit logs are retained for a minimum of 7 years for legal compliance purposes.

8. Your Rights

Depending on your location, you may have the right to:

  • Access the personal information we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data (subject to legal retention obligations).
  • Export your organization's data (available through the dashboard for administrators).
  • Withdraw consent (where processing is based on consent).

To exercise these rights, contact support@getveevo.io. We will respond within 30 days.

9. Security

We implement industry-standard security measures including Argon2id password hashing, TLS encryption in transit, rate limiting on authentication endpoints, account lockout after repeated failed attempts, and IP-based audit logging for all authentication events.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by email and through a notice in the platform. Your continued use after the effective date constitutes acceptance of the updated policy.

11. Contact

For privacy questions, data requests, or COPPA/FERPA concerns, contact us at:

Veevo Privacy Team
support@getveevo.io

Privacy Policy — Veevo | Veevo