Trust & Security

Designed for healthcare professionals who require uncompromising privacy and reliability

At Vaelara, security and privacy are not add-ons, they are foundational to our architecture. We serve healthcare professionals by providing a secure communication environment that respects clinical workflows, protects patient confidentiality, and complies with rigorous data protection standards.

Last Updated: November 2025

End-to-End Encrypted Consultations

All consultations on Vaelara are protected with robust end-to-end encryption. This ensures that only the participants in a session can access the audio and video content. No third party, including Vaelara, can view or intercept the communication.

Encryption keys are generated and managed in a way that prevents exposure during transmission or storage, and are never accessible to our systems once a session ends.

Controlled and Verified Access

To ensure consultations are only joined by the intended participant, Vaelara employs a two-step verification process:

  • Healthcare professionals initiate a secure session and share a unique, time-limited authentication link directly with their patient via email, messaging, or other secure channels.
  • Before joining, the patient must provide a pre-agreed verification code, established during a prior in-person or other secure interaction, which confirms their identity to the clinician.

The clinician retains full control and must explicitly approve entry before any communication begins. This layered approach significantly reduces the risk of unauthorised access.

Minimal Data, Maximum Protection

We adhere to a strict data minimisation principle:

  • We collect only the information necessary to authenticate users and facilitate secure communication.
  • No clinical, diagnostic, or personal health information is collected, stored, or processed by our platform.
  • Session metadata required for call connection is retained only for the duration of an active consultation, or a maximum of 48 hours of the creation of the call, after which it is permanently deleted.
  • We do not use, sell, or share user data for advertising, analytics, or any commercial purpose beyond delivering the service.

Compliance & Oversight

  • Registered with the UK Information Commissioner’s Office (ICO): ZB980653.
  • Fully compliant with both ICO and GDPR and aligned with international best practice for healthcare data protection.
  • Our platform is not classified as a medical device, allowing us to focus exclusively on secure communication without providing clinical decision support.

Intended Use and Audience

Vaelara is a professional telehealth communication platform designed for licensed healthcare providers and their patients:

  • The service is provided free of charge to patients.
  • The platform is licensed to healthcare professionals, clinics, and organisations for professional use.
  • Consultations may occur between a clinician and a patient, or between clinicians. Direct patient-to-patient sessions are not supported.

Security & Compliance Enquiries

We welcome inquiries from healthcare institutions, compliance teams, and data protection officers to validate our security posture.

Please contact our privacy team at: [email protected]

Built for Trust, Designed for Healthcare

Vaelara combines clinical usability with enterprise-grade security, so you can focus on patient care, not platform risk.

Contact Our Privacy Team