DRAFT — Pending legal review. This privacy policy is a working template. It has not been reviewed by privacy or data-protection counsel and may not be fully compliant with all applicable jurisdictions (e.g., GDPR, CCPA/CPRA, state laws). Do not rely on it as final until reviewed by counsel.
Vyzora

Privacy Policy

Effective date: [TBD on counsel sign-off] · Version: 1.0-draft
Plain-language summary

1. Who we are

Vyzora ("Vyzora," "we," "us") operates the Vyzora Lens publication and related websites at vyzora.ai and vyzora.io. This Privacy Policy describes how we collect, use, store, and disclose information about subscribers and visitors.

2. Information we collect

2.1 Information you provide directly

2.2 Information collected automatically

3. How we use your information

4. Third-party data processors

Vyzora uses the following service providers, each acting as a data processor on our behalf. They handle your data subject to their own privacy policies and to data-processing addenda with us where required.

ProcessorPurposeRegion
Google Cloud (Firebase Authentication, Firestore, Cloud Run, Secret Manager)Account auth, user records, application hosting, secret storage, and — for phone sign-in — the delivery of the one-time SMS verification code to the number you provideus-central1 (United States)
Stripe, Inc.Subscription billing, payment processing, Customer PortalUnited States
Cloudflare, Inc.DNS, email routing for @vyzora.ai/@vyzora.io, edge protectionUnited States and global edge
Polygon.io, Finnhub, E*TRADEMarket data sources for the Lens dashboard (they do not receive your personal data — only Vyzora's API requests)United States

5. Cookies and similar technologies

The Vyzora Service uses browser localStorage and sessionStorage rather than persistent tracking cookies. The values we set are:

If you clear browser storage, you will be signed out and the disclaimer modal will reappear.

6. How we disclose information

We share your information only with:

We do not sell or rent your personal information and we do not share it with advertisers.

7. Data retention

8. Your rights

Subject to applicable law (including the California Consumer Privacy Act / CPRA, GDPR for EEA users, and similar state laws), you have the right to:

To exercise any of these rights, email privacy@vyzora.ai. We will respond within 30 days.

8a. SMS / TCPA notice

If you elect to sign in with a mobile phone number, Vyzora will send you one SMS message per sign-in attempt, containing only a 6-digit verification code. Consent to receive this SMS is collected at the phone-entry screen before any message is sent. Vyzora does not send marketing, promotional, or transactional SMS of any kind — the only SMS Vyzora originates is the one-time authentication code.

You can revoke your consent at any time by:

Standard message and data rates from your mobile carrier may apply. Vyzora does not charge for the SMS itself. The SMS is generated and delivered by Google Cloud (Firebase Authentication) as our processor; see §4 above.

9. Security

We use industry-standard security controls: TLS 1.2+ for all data in transit; Google-managed encryption at rest for data in Firestore and Secret Manager; least-privilege IAM bindings; and access logging. No system is perfectly secure — if you suspect a vulnerability, please contact security@vyzora.ai.

10. International transfers

The Service is hosted in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States, which may have different data-protection laws than your country of residence. By using the Service, you consent to this transfer.

11. Children

The Service is not directed to children under 18, and we do not knowingly collect personal information from anyone under 18. If you believe we have collected such information, contact privacy@vyzora.ai and we will delete it.

12. Changes to this Policy

We may update this Privacy Policy from time to time. Material changes will be notified by email and/or by prominent notice in the Service. The "Effective date" at the top reflects the most recent version.

13. Contact

Privacy inquiries: privacy@vyzora.ai
Security disclosures: security@vyzora.ai
General support: support@vyzora.ai