Privacy Policy

Last updated January 11, 2025

Your privacy matters to us. This policy explains what information we collect, how we use it, and your rights regarding your personal data.

1. Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Name
  • Password (stored securely using encryption)
  • Profile information you choose to provide

Usage Information

When you use StartupKit, we automatically collect:

  • Log data (IP address, browser type, device information)
  • Pages visited and features used
  • Time and date of your visits
  • Referring website or source

Payment Information

When you make a purchase, payment information is processed by our payment providers. We do not store full credit card numbers on our servers. We receive only limited information such as the last four digits of your card and billing address.

Cookies

We use essential cookies to keep you logged in and remember your preferences. We may also use analytics cookies to understand how people use our service. You can control cookies through your browser settings.

2. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve StartupKit
  • Process transactions and send related information
  • Send you technical notices, updates, and support messages
  • Respond to your comments, questions, and requests
  • Monitor and analyze trends, usage, and activities
  • Detect, investigate, and prevent fraudulent or unauthorized activity
  • Comply with legal obligations

3. How We Share Your Information

We do not sell your personal information. We may share your information with:

  • Service providers: Companies that help us operate our service (hosting, email, analytics, payment processing)
  • Legal requirements: When required by law, court order, or governmental authority
  • Business transfers: In connection with a merger, acquisition, or sale of assets
  • With your consent: When you explicitly agree to share information

Third-Party Services

We use the following types of third-party services:

  • Cloud hosting and infrastructure
  • Email delivery services
  • Payment processing
  • Analytics (to understand how our service is used)

4. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you services. If you delete your account, we will delete your personal data within 30 days, except where we need to retain it for legal, accounting, or security purposes.

5. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data:

  • Right to access: You can request a copy of the personal data we hold about you.
  • Right to rectification: You can ask us to correct inaccurate or incomplete data.
  • Right to erasure: You can request that we delete your personal data.
  • Right to restrict processing: You can ask us to limit how we use your data.
  • Right to data portability: You can request your data in a structured, machine-readable format.
  • Right to object: You can object to our processing of your data in certain circumstances.
  • Right to withdraw consent: Where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (HTTPS/TLS)
  • Encryption of sensitive data at rest
  • Regular security assessments
  • Access controls and authentication
  • Secure data centers with physical security

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

8. Children's Privacy

StartupKit is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us and we will delete that information.

9. Changes to This Policy

We may update this privacy policy from time to time. When we make significant changes, we will notify you via email or through the service. We encourage you to review this policy periodically.

Your continued use of StartupKit after changes take effect constitutes your acceptance of the updated policy.

10. Contact Us

If you have questions about this privacy policy or our data practices, please contact us:

You also have the right to lodge a complaint with your local data protection authority if you believe we have not handled your personal data appropriately.