@tknapek Vivaldi's normal minor update cadence is weekly, in sync with the upstream Chromium version; Occasionally, if we have important fixes we may release a second one in a week.
In relation to the releases in the past week (which was unusually hectic), after our normally scheduled release last Wednesday, we received important upstream security updates for vulnerabilities that were being actively exploited in the wild (known as zero-days) not just once, but three (3) times. The third one actually arrived just in time to be included in today's regularly scheduled weekly update. (For reference, the normal number of Chromium zero-day-issues in a week is ... ummm ... zero, the next number is one (1) , and usually months apart. Two in a week are virtually unheard of, especially as separate announcements, and off the top of my head I can't remember seeing three in a week before, ever.)
One could put it this way: If our minor version announcement includes a text like CVE-<year>-<number> (such as today's announcement), then users shouldn't amiably dawdle, but run, towards the update button.
The update check occurs, as mentioned, on startup (but at a slight delay, so as to not overload or block other important network traffic, and the download probably also takes a little while), then every 24 hours.