Skip to content
vAEO
  • HOME
  • METHOD
  • SERVICES
  • CASES
  • NOTES
  • PARTNERS
BOOK CALL ↗
BOOK ↗
vAEO
  • Home
  • Method
  • Services
  • Cases
  • Notes
  • Partners
Book a call ↗

PRIVACY POLICY · v1.0 · 2026-05-16

Privacy Policy.

Last updated: 2026-05-16 · effective version 1.0 · vaeo.ai

🟡 LEGAL REVIEW PENDING · ДОРАБОТАТЬ

This Privacy Policy is canonical framework awaiting legal counsel sign-off (OQ-WEB-10). Material scope · GDPR + CCPA structure · operational accuracy all verified by founder. Final wording adjustments may apply post counsel review. Operational privacy commitments live as documented.

ANSWER · AEO-EXTRACTABLE

vAEO's data handling on vaeo.ai is minimal by design. We collect what we operationally need · we don't collect what we don't need · we name third-party services we route data through.

What we collect on vaeo.ai:

  • Cal.com booking data (name · email · timezone · brief context · timeslot) for engagement scheduling
  • Email correspondence from direct contact (vlad@vaeo.ai)
  • Basic anonymized analytics (page views · session counts · referrer source · device class — via Cloudflare Web Analytics OR Plausible · privacy-respecting · OQ-WEB-11 vendor pending)
  • AI crawler access logs (Cloudflare) — for L1 Access measurement on the dogfood case

What we don't collect:

  • No contact form data (no contact form exists on vaeo.ai per DEC-WEB-006)
  • No cookies for tracking (only session cookies where strictly necessary)
  • No personal data fingerprinting · no behavioral profiling
  • No newsletter list · no email marketing program at vaeo.ai
  • No third-party advertising pixel placements
  • No payment data on vaeo.ai (Stripe integration deferred к Phase 2)

Third-party services we route data through: Cal.com (booking) · Cloudflare (CDN + analytics) · Resend (transactional email if applicable) · Google Workspace (vlad@vaeo.ai email storage).

Your rights (GDPR + CCPA): access · deletion · portability · opt-out · rectification · restriction · objection · withdraw consent · lodge complaint with supervisory authority.

Contact for privacy inquiries: vlad@vaeo.ai · subject «Privacy Request» · response within 30 days per GDPR Article 12.

P1 · What we collect

Minimal data collection on vaeo.ai by design. We collect only what operational engagement requires:

Cal.com booking data

  • Your name (required by Cal.com for confirmation email)
  • Your email address (required for calendar invite + confirmation)
  • Your timezone (auto-detected · for timeslot rendering)
  • Brief context field (optional · 1-2 sentences about engagement)
  • Selected timeslot

Email correspondence

If you email vlad@vaeo.ai directly · your email and message content are stored in our email infrastructure (Google Workspace · subject to Google's privacy terms applied to workspace data).

Anonymized analytics

Page views · session counts · referrer source · device class · approximate country (NOT precise location). Collected via Cloudflare Web Analytics (privacy-respecting · no cookies · no fingerprinting) OR Plausible (privacy-respecting alternative · OQ-WEB-11 final vendor decision pending).

AI crawler access logs

GPTBot · ClaudeBot · PerplexityBot · Google-Extended · Bingbot · ChatGPT-User · OAI-SearchBot · Applebot-Extended access logs preserved as audit artifact (for the dogfood case measurement only).

P2 · What we don't collect

Explicit non-collection statement:

  • No contact form data · contact form doesn't exist on vaeo.ai (per DEC-WEB-006)
  • No tracking cookies · only session cookies where strictly necessary
  • No advertising cookies · no cross-site tracking
  • No personal data fingerprinting · no behavioral profiling
  • No newsletter list · no email marketing program at vaeo.ai
  • No third-party advertising pixels · no Google Ads tracking · no Facebook Pixel · no LinkedIn Insight Tag
  • No payment data on vaeo.ai · Stripe integration deferred к Phase 2 · payments through invoiced direct payment in interim
  • No data sold к third parties · no monetization through data resale

P3 · How we use the data we do collect

Purpose limitation principle (GDPR Article 5.1.b):

Cal.com booking data

  • Scheduling the engagement call · sending confirmation + calendar invite · pre-call context preparation
  • NOT used for marketing outreach unrelated к the scoped engagement

Email correspondence

  • Responding to your inquiry · operational engagement coordination
  • NOT used to build prospect lists · NOT sold to third parties

Anonymized analytics

  • Aggregate site performance measurement · content priority decisions · technical performance monitoring
  • Anonymized at collection (no PII · no fingerprinting)
  • NOT linked к specific Cal.com bookings or email correspondents

AI crawler logs

  • Dogfood case audit artifact (L1 Access measurement only)
  • NOT linked к visitor identity (crawlers are bots · not people)

P4 · Third-party services we route data through

Per GDPR Article 13 + 14 disclosure obligation:

Cal.com (booking scheduling)

  • Service: meeting booking + calendar coordination
  • Data routed: name · email · timezone · context · timeslot
  • Their privacy: cal.com/privacy
  • DPA: in place (Cal.com is GDPR-compliant · operates EU + US data residency)

Cloudflare (CDN + Web Analytics)

  • Service: site hosting + traffic delivery + anonymized analytics
  • Data routed: HTTP request metadata · anonymized page-view events
  • Their privacy: cloudflare.com/privacypolicy
  • DPA: in place (Cloudflare is GDPR + CCPA compliant)

Resend (transactional email · if applicable)

  • Service: email delivery infrastructure
  • Data routed: email recipient address · email content
  • Their privacy: resend.com/legal/privacy-policy

Google Workspace (email storage)

  • Service: vlad@vaeo.ai email handling (sending · receiving · storage)
  • Data routed: email correspondence in full
  • Their privacy: workspace.google.com/terms/privacy

No other third-party services route data from vaeo.ai. No data brokers · no marketing automation platforms · no CRM that captures site visitor data.

P5 · Your rights

Per GDPR Articles 15-22 + CCPA Section 1798.100-1798.140:

You have the right to

  • Access — request a copy of personal data we hold about you
  • Rectification — request correction of inaccurate data
  • Erasure — request deletion («right to be forgotten» · subject к operational necessity exceptions)
  • Data portability — receive data in machine-readable format
  • Restriction of processing — request we limit how we use your data
  • Objection к processing — opt out of data processing based on legitimate interest
  • Withdraw consent — where processing is consent-based · revoke consent at any time
  • Lodge a complaint with supervisory authority — EU residents: AEPD (Spain) · others: applicable national DPA

California residents (CCPA)

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of sale (vAEO does not sell personal information)
  • Right к non-discrimination for exercising privacy rights

How to exercise rights

Email vlad@vaeo.ai · subject «Privacy Request — [type of request].» Response within 30 days per GDPR Article 12.

P6 · How long we keep data

Retention windows per data category:

Category Retention period
Cal.com booking data (active engagement)Engagement duration + 12 months (warranty/dispute window)
Cal.com booking data (no engagement followed)6 months (lead-cycle window)
Email correspondence (active engagement)Engagement duration + 24 months (operational + contract reference)
Email correspondence (no engagement)12 months
Anonymized analytics24 months rolling window
AI crawler logs (dogfood case artifact)Indefinite (audit artifact · part of published case documentation)

After retention period · data deleted permanently · no recovery possible. Earlier deletion available on request (GDPR Article 17 right to erasure).

P7 · When we update this policy

This policy versions independently. Updates reflect:

  • New third-party services integrated (rare · we add services slowly + transparently)
  • Regulatory change (GDPR amendments · CCPA replacements · new jurisdiction additions)
  • Operational change in data handling

Version history: linked from this page footer. Material changes notified к active engagements via email 30 days before effective date. Non-material changes (typo fixes · clarifications) versioned without notification.

Current version: 1.0 · effective 2026-05-16.

P8 · Contact us about privacy

All privacy inquiries route to Vlad directly as data controller:

vlad@vaeo.ai

Subject line «Privacy Request — [request type]»

Response within 30 days per GDPR Article 12. Most requests resolved within 5 business days.

Data Protection Officer: not required for vAEO's data processing scale (no large-scale processing of special categories · no large-scale systematic monitoring). All data protection inquiries handled directly by Vlad as data controller.

Company
  • About
  • Partners
  • Contact
Services
  • Diagnose
  • Optimize
  • Dominate
Learn
  • Methodology
  • Field Notes
  • Cases
Engage
  • LinkedIn ↗
  • llms.txt
  • Privacy
  • Terms
verifiable /ˈvæ.i…oʊ/ BARCELONA · BALI · REMOTE LinkedIn ↗