Data Breach Notification Policy
Purpose
This policy describes, at a high level, how Velira Finance prepares for and responds to a security incident that may compromise the confidentiality, integrity, or availability of personal information. It is a statement of practice and does not limit our obligations under applicable law.
Detection and response
We maintain logging and monitoring designed to help detect incidents, and an internal process to triage, contain, investigate, and remediate suspected incidents. On confirming an incident, we work to stop it, assess the scope and the information involved, and take steps to prevent recurrence.
Notifying affected individuals
If we determine that a breach has affected your personal information in a way that requires notice, we will notify you without undue delay and within the timeframes required by applicable law, using the contact information associated with your account or another reasonable method. The notice will describe, to the extent known, what happened, the information involved, what we are doing, and steps you can take.
Notifying regulators and others
Where required, we will also notify relevant authorities — such as state attorneys general, applicable regulators, and, where the GDPR applies, the relevant supervisory authority — within the deadlines the law sets. Exact recipients and timelines depend on jurisdiction and the data involved and are being mapped with counsel.
Your part and contact
Keep your account contact information current so we can reach you, and report anything suspicious about your account to security@velirafinance.com. Questions about this policy can be directed to the same address.
Questions about this document? Contact us at hello@velirafinance.com.