Legal · Transparency Report
Transparency Report
This page reports the cumulative count of government data requests Vaely has received, the responses produced, and the related disclosures we believe a privacy-claiming app should publish. The numbers below are intentionally small. Most are zero. We expect most of them to remain zero, because the architecture of the App leaves Vaely with nothing to produce.
Reporting period
Inception (2026-05-06) — present
- 0 Government data requests received subpoenas, court orders, national-security letters, foreign-government requests
- 0 Records produced in response we have not produced records because we have no records to produce
- 0 Account terminations at government request and there are no Vaely accounts to terminate
- 0 Gag orders received orders that would prevent us from telling you about a request
- 0 Voluntary disclosures to law enforcement not done, would not be done outside the procedures in our privacy policy
Updated quarterly. Last updated .
1. What this report counts
A government data request is any formal demand from a government, court, regulator, law-enforcement agency, prosecutor, or equivalent body for information about a Vaely user. It includes subpoenas, search warrants, court orders, civil investigative demands, national-security letters, FISA orders to the extent we may report on them, requests under mutual legal-assistance treaties, requests under the U.S. CLOUD Act, requests under Article 18 of the European Union LGAMA, and equivalent processes in every jurisdiction where Vaely is available.
A record produced is any document, communication, log file, database extract, or other artifact we have transmitted to a government in response to such a request.
2. Why most of these numbers will remain zero
The Vaely iOS App does not transmit your journal entries, AI-generated content, doctor PDFs, encrypted backups, settings, or any other content to Vaely. Vaely operates no servers that receive that content. The information that we hold and that a government could meaningfully request is limited to:
- Correspondence you have voluntarily sent us through the contact form or by email.
- Records of fulfilled data-subject requests, retained for compliance documentation.
- Routine website-hosting log data held by our hosting provider for short periods.
A subpoena directed at Vaely seeking your journal entries cannot be answered, because we do not have your journal entries. A subpoena seeking the AI summaries Vaely "produced about you" cannot be answered, because we did not produce AI summaries about you — your phone did, locally, and we never received them.
This is the difference between a privacy promise and a privacy architecture. The architecture forecloses the production. We can publish a zero on this page because a zero is the literal answer.
3. What we would do if a request did arrive
If a request did arrive seeking the limited categories of data described in Section 2, we would:
- Independently verify the request is legitimate, authorized by the issuing body, and not a phishing attempt.
- Determine whether we have any responsive data at all. (Most requests, even legitimate ones, would return "no responsive records.")
- Where applicable law and the request's terms allow, notify the user before production. Where the request includes a gag order or non-disclosure provision that prohibits notification, we would honor the legal obligation and reflect this on this report in aggregate (e.g., increment the gag-order counter while complying with the underlying order).
- Produce only the minimum scope required, never more.
- Object to overbroad requests where appropriate, including by motion to quash.
- Update the figures on this page in the next quarterly update.
4. Warrant canary
As of the last-updated date at the top of this page, Vaely has not received any government data request that would compel disclosure under a non-public or gag-ordered process. Vaely has not been issued a national-security letter or any equivalent under any jurisdiction's law. Vaely has not been required to install any backdoor, tap, or remote-access mechanism in the App or in our infrastructure.
The continued presence of this paragraph, in this exact phrasing, on this page, with a current last-updated date, is itself a positive signal. Removal or material modification of this paragraph in a future update should be interpreted as a signal requiring further inquiry.
5. Quarterly update commitment
We commit to update this page at least once per calendar quarter even when no requests have been received, so that the last-updated date remains current and the warrant canary in Section 4 carries information. If we miss a quarterly update for any reason, that is itself a signal worth investigating.
6. What this page is not
This page is a transparency report about government data requests. It is not:
- A bug-bounty leaderboard. (Vaely does not currently run a bug-bounty program.)
- A breach-notification page. (We will notify you in accordance with the law if a breach affecting your personal data ever occurs; this is described in Section 14 of the Privacy Policy.)
- A public log of every operational event at Vaely. (That would be both impossible and unhelpful.)
- A complete record of every communication Vaely has with regulators. (Routine regulatory engagement is governed by ordinary correspondence rules, not by this report.)
7. How to verify the claims on this page
The most important verification is technical: install the App, monitor its network behavior, and confirm that it does not transmit user content. The second is reviewing the App's binary or source-code attestations available through Apple's review process and through any code-level attestations we publish. The third is checking this page on a regular cadence — divergence between published numbers and reality, if it ever occurred, would be the kind of thing the security community would notice and flag.
8. Contact
For any question about this report, or to report a discrepancy, write to tezaapps@gmail.com with the subject line "Transparency Report".
Effective 6 May 2026. Version 1.0.0. Updated quarterly. The next scheduled update is approximately three months from the date above. If this page has not been updated in more than four months from the date above, write to us — that gap is itself information.
The architecture is the point.
The legal documents above describe what we do, what we never do, and the rights you have. The proof is in the App Store privacy label and the source code, not the paragraphs.