Log In

Veskr Privacy Policy

Last updated: March 2026

1. Who We Are

Veskr is operated by Wiredcoyote Digital ("we", "us", "our"), a web application development business based in Cheshire, United Kingdom.

If you have any questions about this privacy policy or how we handle your data, contact us at privacy@veskr.com

2. What This Policy Covers

This policy explains what personal data we collect, why we collect it, how we use it, who we share it with, and what rights you have. It applies to all users of Veskr at app.veskr.com and veskr.com, regardless of where you are located.

We act as a data controller for the personal data you provide when you create an account and use our services.

3. What Data We Collect

Account Data

When you register, we collect your name, email address, and a hashed password. If you complete your business profile, we also collect your business name, address, phone number, VAT/tax number, and logo.

Client Data

If you use the Client Book feature, you store your clients' names, company names, email addresses, phone numbers, addresses, and billing details. This data is entered by you and stored on your behalf.

Financial Data

Invoices, quotes, expenses, revenue entries, and project records you create within Veskr. This data is entered by you and stored on your behalf.

Payment Data

When you subscribe to Veskr Pro, your payment is processed by Stripe. We do not store your full card number. We store only your Stripe customer ID, card type, and last four digits for display purposes. All payment processing is handled by Stripe in accordance with PCI DSS standards. You can review Stripe's privacy policy at https://stripe.com/privacy.

Usage Data

We collect basic server access logs including IP addresses, browser type, pages visited, and timestamps. These are used solely for security monitoring and troubleshooting.

Cookies

Veskr uses only essential cookies required for the application to function - specifically session cookies and CSRF protection tokens. We do not use analytics cookies, advertising cookies, or any third-party tracking. Because we use only strictly necessary cookies, we do not require cookie consent under UK, EU, or US regulations.

4. Why We Collect Your Data (Lawful Basis)

Under UK GDPR and EU GDPR, we must have a lawful basis for processing your personal data. Our lawful bases are:

Contract performance - We process your account data, client data, and financial data because it is necessary to provide you with the Veskr service you have signed up for. Without this data, we cannot deliver the tools you are using.

Legitimate interests - We process usage data (server logs) for security monitoring, fraud prevention, and troubleshooting. Our legitimate interest in keeping the service secure and operational does not override your privacy rights.

Legal obligation - We may retain certain data where required by law, for example to comply with tax or accounting obligations.

We do not rely on consent as a lawful basis for any core processing. If we ever introduce optional features that require consent (such as a marketing newsletter), we will ask for your explicit opt-in at that time and you will be able to withdraw consent at any time.

5. How We Use Your Data

We use your data solely to:

  • Provide and operate the Veskr service
  • Process your subscription payments via Stripe
  • Generate invoices, quotes, and other documents you request via the tools you use
  • Store your client records, expenses, and project data on your behalf
  • Send you essential service communications (password resets, subscription confirmations)
  • Monitor and protect the security of the service
  • Comply with legal obligations

We do not use your data for:

  • Advertising or ad targeting
  • Selling or sharing with data brokers
  • Profiling or automated decision-making
  • Training AI models
  • Any purpose other than operating the Veskr service

6. Who We Share Your Data With

We share your data only with the following third parties, and only to the extent necessary to operate the service:

Stripe — Payment processing. Stripe receives the data necessary to process your subscription payment. Stripe acts as an independent data controller for payment data. See https://stripe.com/privacy.

Hosting provider - Our servers are hosted by Hostinger. They provide the infrastructure on which Veskr runs. They do not access your data except as necessary to maintain the server hardware and network.

We do not share, sell, rent, or trade your personal data with any other third parties. Other than tracking data for site performance reasons, we do not use any external analytics services, advertising networks, or social media tracking pixels.

7. International Data Transfers

Our servers are located in the European Economic Area. If you access Veskr from outside the EEA, your data will be transferred to and stored within the EEA.

Payment data is processed by Stripe, which operates globally. Stripe is certified under the EU-US Data Privacy Framework and maintains appropriate safeguards for international transfers. See Stripe's data processing agreement for details.

8. How Long We Keep Your Data

Account data - Retained for as long as your account is active. If you delete your account, we will delete your personal data within 30 days.

Client data, financial data, and project data - Retained for as long as your account is active. Deleted when you delete your account or when you delete individual records.

Payment records - Subscription transaction records are retained for 7 years after the end of your subscription to comply with UK tax and accounting requirements.

Server logs - Retained for a maximum of 90 days, then automatically deleted.

Testimonials - Public testimonial submissions are retained until you delete them or delete your account.

9. Your Rights

Depending on your location, you have the following rights regarding your personal data:

For all users

  • Access - You can request a copy of all personal data we hold about you.
  • Correction - You can update or correct your data at any time through your account settings, or by contacting us.
  • Deletion - You can delete your account and all associated data at any time. You can also delete individual records (clients, invoices, expenses, etc.) within the application.
  • Data portability - You can request your data in a commonly used, machine-readable format.
  • Objection - You can object to our processing of your data where we rely on legitimate interests as the lawful basis.
  • Restriction - You can request that we restrict processing of your data in certain circumstances.

Additional rights for UK and EU residents (UK GDPR / EU GDPR)

  • Right to withdraw consent - Where we process data based on consent, you can withdraw that consent at any time. Note that we do not currently rely on consent for any core processing.
  • Right to lodge a complaint - You have the right to lodge a complaint with your local data protection authority. In the UK, this is the Information Commissioner's Office (ICO) at https://ico.org.uk. In the EU, contact your national data protection authority.

Additional rights for California residents (CCPA/CPRA)

  • Right to know - You can request details of what personal information we have collected about you in the past 12 months.
  • Right to delete - You can request deletion of your personal information.
  • Right to opt-out of sale - We do not sell your personal information. We never have and never will.
  • Right to non-discrimination - We will not discriminate against you for exercising your privacy rights.

Additional rights for Canadian residents (PIPEDA)

  • You have the right to access your personal information, challenge its accuracy, and withdraw consent for non-essential processing.

Additional rights for Australian residents (Privacy Act 1988)

  • You have the right to access your personal information, request correction of inaccurate data, and make a complaint to the Office of the Australian Information Commissioner (OAIC).

To exercise any of these rights, contact us at privacy@veskr.com. We will respond within 30 days (or sooner where required by applicable law).

10. Data Security

We take the security of your data seriously and implement appropriate technical and organisational measures, including:

  • All data transmitted between your browser and our servers is encrypted using TLS (HTTPS)
  • Passwords are hashed using bcrypt and are never stored in plain text
  • Database access is restricted to the application server only
  • Regular server security updates and patches
  • Access to the production server is restricted to authorised personnel only

While we implement strong security measures, no system is completely secure. If we become aware of a data breach that is likely to result in a risk to your rights, we will notify you and the relevant supervisory authority within 72 hours as required by GDPR.

11. Children's Privacy

Veskr is not intended for use by anyone under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child under 16, we will delete that data promptly.

12. Do Not Track

Our service does not track users across third-party websites and therefore does not respond to Do Not Track (DNT) signals. As noted above, we do not use any third-party tracking, analytics, or advertising cookies.

13. Changes to This Policy

We may update this privacy policy from time to time. If we make significant changes, we will notify you by email or by displaying a notice within the application. The "last updated" date at the top of this policy indicates when it was most recently revised.

We encourage you to review this policy periodically.

14. Contact Us

If you have any questions, concerns, or requests regarding this privacy policy or our data practices, please contact us at: privacy@veskr.com

For UK residents, you may also contact the Information Commissioner's Office: Website: https://ico.org.uk Phone: 0303 123 1113