top of page
Judge Holding Gavel

Privacy Policy

Effective date: December 01, 2025
Last updated: December 01, 2025

1) Who we are

Vee the Firefly LLC (“Company,” “we,” “us,” “our”) provides websites, books, downloads, videos, communities, memberships, and related services (the “Services”). This Privacy Policy explains how we collect, use, share, and protect information about you when you use the Services, and what choices you have.

 

If you have questions, contact us at info@veethefirefly.com.

Human summary (not a contract):
We collect only what we need to run this space, improve it, and keep it safe. we never sell your personal info for cash. you can access, correct, or delete your data. this space is educational/peer support, not therapy.

 

2) Who this policy covers (age & eligibility)

Our Services are intended for adults 18 years or older. If you are under 18, please do not use the Services. If we learn we collected personal information from someone under 18, we will delete it.

 

3) What we collect (by category)

We collect information in three ways: (a) you give it to us, (b) it’s collected automatically, and (c) we receive it from third parties (like payment processors).

A) Information you provide

  • Account / Profile: name, email address, password, time zone, avatar, short bio.

  • Purchases / Subscriptions: name, email, billing zip/postcode. (Payment card data is processed by our payment processor and never stored on our servers.)

  • Community posts & messages: text, images, reactions, replies, event RSVPs.

  • Support: emails, chat messages, and attachments you send to support.

  • Surveys / forms / contests: responses you choose to provide.

  • Testimonials / media: if you consent to share them.

B) Information collected automatically

  • Device & usage data: IP address, device type, operating system, browser, pages visited, actions taken, referring/exit URLs, crash logs.

  • Cookies & similar tech: small files to remember your preferences, keep you logged in, measure usage, and personalize content.

C) Information from third parties

  • Payments: limited billing info and transaction confirmations from [Stripe/PayPal/Lemon Squeezy/ThriveCart].

  • Email platform: subscriber status and campaign analytics from [Beehiiv/ConvertKit/Mailchimp].

  • Analytics / advertising: aggregate metrics (e.g., page views, conversion events) from [Google Analytics/Meta/TikTok/YouTube] if used.

  • Single sign-on (if enabled): email and basic profile from the provider you choose.

We do not intentionally collect sensitive personal information (e.g., health diagnoses). If you post sensitive information in the community, you do so voluntarily.

 

4) Why we collect it (purposes & examples)

We use your information to:

  1. Provide the Services: create/manage your account, deliver purchases and downloads, run the community and events, send service emails.

  2. Improve the Services: troubleshoot, secure, test features, analyze what helps users succeed.

  3. Communicate with you: send onboarding emails, newsletters (with your consent), membership updates, reminders, and support replies.

  4. Personalize your experience: remember preferences, recommend content, show relevant materials.

  5. Safety & compliance: protect against spam/abuse, enforce our Terms, meet legal obligations (e.g., tax records).

  6. Marketing (respectfully): show you our own offers and content we think you’ll like. For paid advertising, we use aggregated or pseudonymous data.

 

5) Legal bases we rely on (for GDPR/UK GDPR users)

If you are in the EU/EEA/UK, we process your data on these legal bases:

  • Contract: to provide Services you requested (e.g., membership access).

  • Legitimate interests: to operate, secure, and improve Services; to send relevant updates (you can opt out).

  • Consent: for things like marketing emails and certain cookies (you can withdraw).

  • Legal obligation: e.g., tax and accounting records.

 

6) Cookies & similar technologies

We use:

  • Strictly necessary cookies (log-in, security, carts).

  • Performance cookies (analytics—how many visitors saw a page).

  • Functional cookies (remember choices).

  • Marketing/advertising cookies (if used; to measure our own campaigns).

You can control cookies via our cookie banner and your browser settings. Disabling some cookies may limit features.

Do Not Track: Most browsers offer a “DNT” signal; there is no consistent industry response. Where required by law, we honor Global Privacy Control (GPC) signals for “sale/share” opt-outs.

 

7) When we share information (and with whom)

We share information only as needed to run the Services, or if you ask us to:

  • Service providers / “processors”: email platform, payment processors, hosting providers, analytics tools, customer support tools, community platform. They are bound by contracts and can only use data to provide services to us.

  • Legal & safety: to comply with law, respond to lawful requests, or protect rights, safety, and property (yours, ours, or others).

  • Business transfers: if we merge, sell, or reorganize, your data may transfer as part of the deal, subject to this Policy.

  • With your direction: e.g., you connect a third-party app, or publish content publicly.

 

We do not sell your personal information for money. Under some state privacy laws, sharing for targeted advertising can be deemed a “sale” or “share.” See Your Privacy Rights below to opt out.

 

8) Data retention (how long we keep it)

We keep your information only as long as necessary to provide the Services, comply with our legal obligations, resolve disputes, and enforce agreements. Typical examples:

  • Account & community content: until you delete it or request deletion, or for up to [X months/years] after your account is inactive.

  • Transaction records: [7] years for tax/audit.

  • Support emails: [24] months for reference and quality.

We may anonymize data (so it can no longer identify you) and use it for analytics.

 

9) Security (how we protect it)

We use technical and organizational measures: encryption in transit (HTTPS), limited access controls, secure password hashing, and vetted vendors. No system is 100% secure. If we experience a data incident, we will investigate and notify you and/or regulators where required by law.

 

10) Your privacy choices & rights

A) Email preferences

  • Unsubscribe at the bottom of any non-transactional email.

  • Service and transactional emails (receipts, critical updates) may still be sent.

B) Browser & device controls

  • Adjust cookie preferences via our cookie banner and your browser settings.

  • Use Global Privacy Control (GPC) in supported browsers to signal “Do Not Sell/Share.”

C) Access, correct, delete, or port your data

You may request to:

  • Access the personal data we hold about you.

  • Correct inaccurate data.

  • Delete your data (subject to legal retention needs).

  • Export/port your data.

Contact [privacy@yourdomain.com] with “Privacy Request” in the subject. We will verify your identity and respond within the timeframe required by law.

D) Opt out of sale/share (CPRA and similar)

We do not sell personal information for money. Where our advertising/analytics could be deemed a “sale” or “share,” you may opt out via our “Do Not Sell or Share My Personal Information” link in the site footer and/or by enabling GPC in your browser.

11) State & country-specific disclosures

 

California (CPRA)

We provide the following categories of personal information to service providers for business purposes: identifiers (name, email, IP), commercial information (purchases), internet activity (usage), and geolocation (coarse, via IP). We do not knowingly sell or share data of consumers under 16. You have the rights to know, delete, correct, and opt out of sale/share, and to not be discriminated against for exercising rights.

 

Virginia/Colorado/Connecticut/Utah & other U.S. state laws

If you reside in a state with a comprehensive privacy law, you may have similar rights (access, correct, delete, portability, and opt-out of targeted advertising/profiling). Use the contact in Section 1, and tell us your state of residence.

 

EEA/UK/Switzerland (GDPR/UK GDPR)

You have rights to access, correct, delete, restrict, object to processing (including direct marketing), and data portability. You may withdraw consent at any time where processing is based on consent. You may lodge a complaint with your local supervisory authority.

 

Data transfers: When we transfer your data outside the EEA/UK (e.g., to the U.S.), we rely on lawful mechanisms such as Standard Contractual Clauses (SCCs) and additional safeguards. Details available on request.

 

12) International transfers

We are a U.S.-based company. If you access the Services from outside the U.S., your data may be transferred to and processed in the U.S. or other countries with different privacy laws. We use appropriate safeguards (like SCCs) where required.

 

13) Community conduct & safety reminder

This is an educational, peer-support space. Do not post content that violates your school policies, privacy laws, or others’ rights. Do not share anyone’s private information without consent. If you or someone else is in immediate danger, call local emergency services (U.S.: 911; mental health crisis: call or text 988).

 

14) Third-party sites & services

The Services may link to third-party sites (e.g., YouTube, TikTok, Instagram) or embed third-party content. Their privacy practices are not ours; review their policies before using.

 

15) Changes to this policy

We may update this Policy from time to time. When we do, we’ll change the “Last updated” date. Material changes will be posted on this page or communicated by email where appropriate. Your continued use of the Services means you accept the updated Policy.

 

16) Contact us

Data Controller: Vee the Firefly LLC
Email: info@veethefirefly.com
 

17) Full category mapping (transparency addendum)

This table shows what we collect, why, and typical retention.

18) Words we use

  • “Personal information / personal data” means information that identifies or can reasonably identify an individual.

  • “Processing” means doing anything with personal data (collect, store, use, etc.).

  • “Controller” is the entity that decides how and why personal data is processed (that’s us).

bottom of page