Back to home

Privacy Policy

Last updated: April 9, 2026

Overview

Veld Portfolio is a portfolio analytics platform for real estate investors, operated by an individual doing business as Veld Portfolio ("we," "our," or "us"). This privacy policy explains what data we collect, how we use it, and your rights regarding your information. We are US-focused for now and do not target EU users specifically.

Data We Collect

We collect information you provide directly (e.g., property details, mortgage information, financial summaries) and data necessary to operate the service (e.g., account credentials, email, name). When you use our contact form, we collect your email, subject, and message to respond to your inquiry; we do not use this data for marketing. We use third-party services that process data on our behalf:

  • Clerk — Authentication. Handles sign-in, sign-up, and account management. We receive your email, name, and Clerk user ID. Clerk uses cookies to store session tokens so you stay signed in; these cookies are required for the service to function and do not contain personally identifiable information by default.
  • Stripe — Payments. When you subscribe, we process your payment through Stripe. We receive Stripe customer IDs and subscription status. Stripe handles card details; we do not store full payment card numbers.
  • RentCast — Rent and value estimates. When you use "Estimate rent" or "Estimate value," we send property addresses to RentCast for market data. We do not share your identity with RentCast.
  • Vercel — Hosting and optional web analytics. Our application runs on Vercel. Vercel may log requests and IP addresses for operational purposes. If you accept optional analytics in the cookie banner, we also enable Vercel Web Analytics in the browser (page views and visitors, similar to basic site analytics); until you accept, that script does not load.
  • Neon — Database. We store your portfolio data (properties, mortgages, deals) in a PostgreSQL database hosted by Neon. Data is encrypted in transit and at rest.
  • Resend — Transactional email. When you use our contact form or we send account-related emails, we send messages through Resend. Resend receives email addresses and message content needed to deliver the email; we use it only to send service and support communications, not for marketing lists unless you opt in separately.
  • Sentry — Error monitoring. When something fails in our servers or in your browser (when our client SDK is enabled), we may send error details to Sentry, including error type, stack traces, and request URLs. We configure Sentry to reduce sensitive data. Server-side error reporting is separate from the optional PostHog / Google analytics cookies described below.
  • PostHog — Product analytics (e.g. page views, signup events). In the browser: we initialize PostHog in anonymous memory mode on page load to support basic product analytics (for example page views). Before optional cookies are accepted, we do not persist a cross-session identifier in browser storage and do not associate browser analytics with your signed-in identity. If you accept optional cookies, PostHog can persist identifiers across sessions and we may attach user identity for richer product analytics. On the server: we send product and lifecycle events to PostHog from our backend using your stable user ID, independent of the browser cookie banner. This includes events such as subscription changes, trial lifecycle, account creation, cron-driven monthly reports, and email engagement outcomes. These events are used for product analytics and operational monitoring; they are not used for advertising.
  • Google Maps Platform (Places) — When you type a property address, we send partial address text and place lookups to Google's Places API to provide address autocomplete suggestions. We send only the characters you type; we do not send your account identity to Google for this feature. See Google's Privacy Policy.
  • Google Ads — When Google Ads is configured and you accept optional analytics/ads cookies, we load Google's tag (gtag.js) for measurement and conversion reporting. If you reject optional cookies, we do not load this tag. Google may use cookies or similar storage when the tag runs; see Google's Privacy Policy and how Google uses cookies in advertising.

Cookies

Essential. Our auth provider (Clerk) sets session cookies when you sign in so you remain signed in. These are required for the service and are not used for advertising analytics.

Optional (analytics and ads measurement). We may set a first-party cookie recording your choice (accept or reject optional tracking). PostHog can run in anonymous memory mode before consent, but optional acceptance enables persistent identifiers and richer attribution/identity analytics. If you accept, we also load Vercel Web Analytics and, when configured, Google Ads measurement scripts as described above. If you reject optional tracking, Vercel and Google scripts do not load, and PostHog remains non-persistent in memory mode only. You can change your choice anytime via the cookie banner (footer or Settings).

How We Use Your Data

We use your data to provide the service, including calculating metrics, displaying charts, managing subscriptions, and responding to support requests. We do not sell your data to third parties. We may use aggregated, anonymized data for analytics or product improvement.

Data Retention

We retain your data while your account is active. If you deactivate your account, we retain it until you request permanent deletion, as described in our Terms of Service. If you permanently delete your account, we remove your data from our systems and request deletion from Clerk.

Your Rights

You can access, update, or delete your data through the app. You can export your portfolio data from Settings. You can deactivate your account (soft delete) or permanently delete it at any time. For requests we cannot fulfill in-app, contact us at the support email listed in the app footer.

Security

We use industry-standard security practices: encryption in transit (HTTPS), secure storage of credentials, and access controls. We rely on our providers (Clerk, Stripe, Neon, Vercel) for their security commitments.

Changes

We may update this policy from time to time. We will post the updated policy on this page and update the "Last updated" date. Continued use of the service after changes constitutes acceptance.

Contact

For privacy-related questions, contact us at the support email listed in the app footer.