Privacy Policy

Personal Information

• Email address (required for account creation)
• Full name
• Phone number (optional)
• Profile image (optional)
• Account type and permissions
• Program and startup associations

Authentication Data

• Passkeys for passwordless authentication
• Password (encrypted, never stored in plain text)
• Session tokens stored in secure cookies
• IP addresses and user agents (for session security)
• Login count and timestamps

File Uploads

• Deliverable submissions (documents, presentations, etc.)
• Collaborative documents and notes
• Profile pictures and other uploaded media

Usage Data

• AI request tracking (endpoints, tokens used, costs)
• Activity logs (startup activities, appointments, milestones)
• Push notification subscriptions
• Document access and sharing activity

Browser Storage

• Secure cookies for session management
• localStorage for UI preferences and draft data
• sessionStorage for temporary data during your session

Database

All structured data (user accounts, programs, submissions, etc.) is stored in secure cloud-hosted databases. This includes all personal information, authentication data, and usage logs.

File Storage

Uploaded files (deliverables, documents, images) are stored in secure cloud storage. Files are organized for efficient access and management.

Session Storage

Session tokens are stored in secure cookies. These cookies are encrypted and protected against unauthorized access, providing protection against security attacks.

Data Retention

We retain your data for as long as your account is active or as needed to provide services. You can request deletion of your account and associated data at any time (see Your Rights section below).

Database Hosting

Our database is hosted by trusted cloud infrastructure providers. These providers process and store your data according to their privacy policies and security standards.

File Storage

Files you upload are stored in secure cloud storage services. These services process files according to their privacy policies and security standards.

Email Delivery

We use email service providers to send transactional emails (notifications, password resets, etc.). These providers process email data according to their privacy policies.

Push Notifications

We use push notification services to deliver notifications to your devices. These services process notification data according to their privacy policies.

Hosting and Analytics

Our platform is hosted on cloud infrastructure, which also provides analytics about platform usage. These services process data according to their privacy policies.

Authentication Services

We use secure authentication services for account management and session handling. Authentication data is processed according to industry-standard security practices.

Right to Access

You can access and view your personal data through your account settings. You can also request a copy of all data we hold about you.

Right to Rectification

You can update or correct your personal information at any time through your account settings.

Right to Deletion

You can request deletion of your account and all associated data. We will delete your data within 30 days of your request, except where we are required to retain data for legal or compliance purposes.

Right to Data Portability

You can request a copy of your data in a machine-readable format. We will provide your data in JSON format within 30 days of your request.

Right to Opt-Out

You can opt-out of non-essential data collection, such as analytics tracking, through your account settings or by contacting us.

Right to Withdraw Consent

If you have provided consent for specific data processing, you can withdraw that consent at any time. This may affect your ability to use certain features.

Essential Cookies (Required)

Session Cookies: HTTP-only, secure cookies that store your authentication session. These are essential for the platform to function and cannot be disabled. They expire when you log out or after 7 days of inactivity.

Local Storage

We use localStorage to store UI preferences (theme, sidebar state) and draft data. This data is stored locally on your device and is not transmitted to our servers.

Session Storage

We use sessionStorage to store temporary data during your session, such as chat history and form drafts. This data is automatically cleared when you close your browser.

Analytics

We use analytics services to understand how users interact with our platform. This helps us improve performance and user experience. Analytics data is anonymized and aggregated, and does not include personal information.

Password Security

Passwords are encrypted before storage using industry-standard encryption methods. We never store passwords in plain text, and they cannot be recovered if forgotten (you must reset your password).

Secure Authentication

We support passkeys for passwordless authentication, which provides stronger security than traditional passwords. Session tokens are stored in secure cookies to prevent security attacks.

Data Encryption

All data is encrypted in transit using secure protocols. This ensures that data transmitted between your device and our servers is protected from interception.

Access Controls

We implement role-based access controls to ensure users can only access data they are authorized to view. Authentication and authorization checks are performed on every request.

Regular Security Updates

We regularly update our platform and dependencies to address security vulnerabilities. We monitor for security threats and respond promptly to any incidents.