At VALIDATE OR DIE, we're brutal about feedback, but we're protective of your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal information and business ideas.
1. Information We Collect
Personal Information
When you use our services, we collect:
- Contact Information: Name, email address
- Business Ideas: Detailed descriptions you submit for validation
- Payment Information: Processed securely through third-party processors
- Communication Data: Emails, messages, and feedback exchanges
Technical Information
We automatically collect:
- Website Usage: Pages visited, time spent, clicks
- Device Information: Browser type, operating system, IP address
- Analytics Data: Google Analytics and advertising tracking
- Cookies: For functionality and tracking purposes
2. How We Use Your Information
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Provide validation services | Name, email, business idea | Contract performance |
| Communication about services | Email, name, service history | Contract performance |
| Payment processing | Payment details, name, email | Contract performance |
| Website improvement | Analytics, usage patterns | Legitimate interest |
| Marketing (with consent) | Email, preferences | Consent |
3. Business Idea Protection
Confidentiality Measures
- Non-Disclosure: We never share your specific business ideas
- Team Access: Only assigned analysts see your full submission
- Secure Storage: Encrypted databases and secure file systems
- Data Minimization: We only collect what's needed for validation
- Retention Limits: Business ideas deleted after project completion + 1 year
What We May Use (Anonymized)
We may use anonymized, aggregated data for:
- Industry trend analysis (no specific ideas revealed)
- Case studies with all identifying details removed
- Service improvement and methodology development
- Marketing materials showing our expertise areas
4. Data Sharing & Third Parties
We DO NOT sell your personal data. Ever.
Limited Sharing for Service Delivery
We may share data with trusted service providers:
- EmailJS: For form submissions and communication
- Google Analytics: For website performance analysis
- Payment Processors: For secure payment handling
- Cloud Storage: For secure data storage and backup
Legal Requirements
We may disclose information if required by:
- Court orders or legal proceedings
- Government investigations
- Protection of our rights or safety of others
- Prevention of fraud or illegal activities
5. Data Security
Technical Safeguards
- Encryption: Data encrypted in transit and at rest
- Access Controls: Multi-factor authentication for team accounts
- Regular Updates: Security patches applied promptly
- Monitoring: Continuous security monitoring and alerts
- Backups: Secure, encrypted data backups
Human Safeguards
- Background checks for team members with data access
- Confidentiality agreements with all staff and contractors
- Regular security training and awareness programs
- Clear data handling procedures and protocols
6. Your Privacy Rights
Under GDPR, CCPA, and other privacy laws, you have the right to:
Access & Portability
- Access: Request copies of your personal data
- Portability: Receive your data in a machine-readable format
- Transparency: Understand how we process your information
Control & Correction
- Rectification: Correct inaccurate personal data
- Deletion: Request deletion of your personal data ("right to be forgotten")
- Restriction: Limit how we process your data
- Objection: Object to processing based on legitimate interests
Consent Management
- Withdrawal: Withdraw consent for marketing communications
- Opt-out: Unsubscribe from non-essential communications
- Cookie Control: Manage cookie preferences in your browser
To exercise your rights: Email privacy@validateordie.com with your request.
7. Data Retention
| Data Type | Retention Period | Reason |
|---|---|---|
| Business ideas | Project completion + 1 year | Support and follow-up services |
| Contact information | 3 years after last contact | Customer relationship management |
| Payment records | 7 years | Legal and tax requirements |
| Website analytics | 26 months (Google default) | Performance analysis |
| Marketing emails | Until unsubscribed + 30 days | Compliance and suppression |
8. International Data Transfers
Your data may be transferred to and processed in countries outside your region:
- Adequacy Decisions: We transfer to countries with adequate protection
- Safeguards: Standard contractual clauses for other transfers
- Service Providers: Cloud services may store data internationally
- Your Control: You can object to international transfers
9. Cookies & Tracking
Essential Cookies
- Functionality: Form submissions, user preferences
- Security: Protection against attacks and fraud
- Session Management: Maintain your session across pages
Analytics & Marketing
- Google Analytics: Website performance and user behavior
- Google Ads: Conversion tracking and remarketing
- Performance Monitoring: Site speed and error tracking
Cookie Control: You can disable cookies in your browser settings, though this may affect functionality.
10. Children's Privacy
Our services are not intended for individuals under 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, contact us immediately.
11. Updates to This Policy
We may update this Privacy Policy to reflect:
- Changes in our services or business practices
- New legal requirements or regulations
- Enhanced security measures or technologies
- Feedback from users and privacy advocates
Notification: We'll notify you of material changes via email or website notice 30 days before they take effect.
12. Contact Information
Privacy Questions
- Email: privacy@validateordie.com
- Response Time: Within 72 hours
- Data Protection Officer: dpo@validateordie.com
Supervisory Authority
If you're not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with your local data protection authority.