Skip to main content

How We Protect Your Data

Your privacy and security matter. Here is how Vela Photo protects wedding data for photographers and couples.

Encryption

  • In transit: All data is encrypted with TLS/HTTPS. Every request between your browser and our servers is encrypted.
  • At rest: Our database is encrypted at rest. Supabase (our hosting provider) uses industry-standard encryption for stored data.
  • PII Shield: Phone numbers, addresses, and names are encrypted at the field level before storage. Only the application can decrypt them with a secure key. A database breach would not expose this sensitive data in readable form.

Access Control

  • Row-Level Security: Photographers see only their own weddings. Couples see only their wedding via a secure, time-limited link. No cross-account access.
  • Authentication: Sessions use HTTP-only cookies. Passwords are hashed and never stored in plain text.
  • Family contacts: Visible only to you and the couple for that wedding. Not shared with third parties.

What We Don't Do

  • We do not sell your data.
  • We do not share contact info with third parties for marketing.
  • Payment data stays with Stripe. We never see or store full credit card numbers.

If Something Goes Wrong

We follow GDPR and CCPA breach notification requirements. In the event of a data breach affecting your information, we will notify you within 72 hours where required by law. We maintain an incident response plan and conduct regular security reviews.

Questions? Contact us at privacy@velaphoto.com

Your Rights

You have the right to access, correct, delete, export, and restrict processing of your data. For full details, see our Privacy Policy.

For Photographers and Couples

Photographers: Your business info and client data are protected. Family contacts are visible only to you and the couple for that wedding.

Couples: Your names, addresses, and phone numbers are encrypted. Only your photographer and you (via your secure link) can access your wedding details.