velin

Terms of Service

Last updated: 23 June, 2026 · Effective: 23 June, 2026

1. Agreement

These Terms of Service (“Terms”) are a binding agreement between Velin (“Velin”, “UseVelin”, “we”, “us”) and the person or organisation using the Velin service (“you”, “Customer”). By creating an account or using the service you accept these Terms. If you accept on behalf of an organisation, you confirm you are authorised to bind it.

2. The service — what Velin is and is not

Velin is an evidence-management platform. It helps you produce cryptographically verifiable evidence packs that record what data was deleted, retained, or held under a legal exception, for compliance frameworks such as ISO 27001 Annex A 8.10, GDPR Articles 17 and 5(1)(e), SOC 2, and DORA.

Important — what Velin does not do. Velin does not delete data from your systems, does not connect to or hold credentials for your production systems, and does not perform any destructive action on your behalf. You are solely responsible for performing your own deletions, for the truth and accuracy of the information and evidence you record in Velin, and for your own compliance determinations. Velin records and attests to what you assert; it does not independently verify the underlying facts.

The cryptographic verification Velin provides proves that an evidence pack has not been altered since it was signed and that it was signed with Velin’s published key. It does not warrant that the underlying deletion occurred, that your evidence is accurate, or that any pack satisfies a particular auditor or regulator.

3. Accounts and security

You must provide accurate information, keep your credentials confidential, and enable the multi-factor authentication the service requires. You are responsible for activity under your account and for your workspace members. Notify us promptly of any unauthorised access at security@usevelin.com.

4. Acceptable use

You will not: use the service unlawfully or to store unlawful content; upload malware or attempt to compromise the service or other tenants; reverse-engineer or resell the platform except as permitted; or misrepresent evidence in a way intended to deceive an auditor or regulator. We may suspend accounts that breach this section.

5. Subscriptions, billing, and Paddle

Our order process and payments are conducted by our reseller and merchant of record, Paddle (Paddle.com Market Ltd / Paddle.com Inc., as applicable). Paddle is the seller of record for your purchase, handles billing, and is responsible for collecting and remitting applicable taxes (e.g. VAT). Your purchase is also subject to Paddle’s Buyer Terms and Conditions (paddle.com/legal/checkout-buyer-terms).

  • Plans and fees are as shown on our pricing page (/pricing) at the time of purchase. Paid plans renew automatically (monthly or annually) until cancelled.
  • Trials. Trial workspaces receive elevated entitlements for a limited period; at the end of the trial, unless you subscribe, the workspace moves to a read-only state (see §6).
  • Cancellation. You may cancel at any time through your account or Paddle. Cancellation takes effect at the end of your current paid period; you retain access to your paid plan until then.
  • Failed payments. If a payment fails, we may downgrade the workspace to a read-only state after a grace period.
  • Refunds. Governed by our Refund Policy (/legal/refunds).
  • Taxes. Prices may be shown exclusive of tax; Paddle applies tax at checkout based on your location.

6. Plan limits and read-only state

Each plan carries limits (e.g. seats, cases per year, frameworks). When a subscription ends — by cancellation past the paid period, by an unrecovered failed payment, or by trial expiry — the workspace moves to a read-only state: you keep access to your existing data and can view and export your evidence, but cannot create new cases or add members until you resubscribe. We never delete your evidence on cancellation; see §10 for deletion.

7. Your data and intellectual property

Your content. You retain all rights to the data, evidence, and files you upload (“Customer Content”). You grant us a limited licence to host and process Customer Content solely to provide the service and as set out in our Data Processing Agreement (/legal/dpa).

Our platform. We retain all rights in the Velin platform, software, branding, and the cryptographic signing system. Nothing here transfers those rights to you.

The verifier. The open-source verification tool (@usevelin/verify) and Velin’s published public keys are provided so that anyone can independently verify your packs. The verifier is licensed under its own open-source licence. Your evidence packs remain verifiable without any ongoing dependency on Velin.

8. Service availability and changes

We aim to provide a reliable service but do not guarantee uninterrupted availability except where an SLA is expressly agreed in writing for your plan. We may modify or discontinue features, with reasonable notice for material adverse changes.

9. Warranties and disclaimers

The service is provided “as is” and “as available”, without warranties of any kind to the maximum extent permitted by law, including any implied warranties of merchantability, fitness for a particular purpose, or that the service will meet any specific legal, audit, or regulatory requirement. You are responsible for determining whether the service and your evidence meet your compliance obligations. Nothing in these Terms excludes liability that cannot be excluded under applicable law.

10. Termination and data

Either party may terminate for material breach not cured within 30 days, or you may terminate by cancelling. On termination you may export your data for a window of 30 days, after which we may delete it. You may also request earlier deletion (see our Privacy Policy / DPA). We may retain limited records as required by law.

11. Limitation of liability

To the maximum extent permitted by law, neither party is liable for indirect, incidental, special, or consequential damages, or loss of profits, data, or goodwill. Our total aggregate liability arising out of or relating to the service is limited to the fees you paid to us (via Paddle) in the 12 months before the event giving rise to the claim. This section does not limit liability for death or personal injury caused by negligence, fraud, or any liability that cannot be limited by law.

12. Indemnity

You will indemnify us against third-party claims arising from your Customer Content, your use of the service in breach of these Terms, or your violation of law or third-party rights.

13. Confidentiality

Each party will protect the other’s confidential information and use it only to perform under these Terms.

14. Changes to these Terms

We may update these Terms. Material changes will be notified by email or in-app, with the updated date shown above. Continued use after changes take effect constitutes acceptance.

15. Governing law and disputes

These Terms are governed by the laws of Ireland, and the courts of Ireland have exclusive jurisdiction, without prejudice to any mandatory consumer protections available to you.

16. Contact