Privacy Policy

We collect information you provide directly, including startup ideas, product descriptions, and target audience details entered into our analysis engines. We also collect session identifiers, IP addresses (hashed for privacy), and usage analytics to improve our service. We do not require account creation to use the core features. If you choose to create an account, we collect your email address and any profile information you voluntarily provide.

Your input data is used solely to generate AI-powered analysis results using our intelligence engines. We do not sell, rent, or share your startup ideas with third parties. Analysis inputs are processed by Anthropic's Claude API under their data processing agreement. We retain anonymized usage logs for product improvement and security monitoring.

Analysis results are stored in your session for the duration of your browser session. If you have an account, saved analyses are retained until you delete them or close your account. IP addresses are stored in hashed form (non-reversible) for rate limiting and abuse prevention. Raw IP data is never stored.

StartupX AI uses the following third-party services: • Anthropic Claude API — for AI analysis and content generation. Governed by Anthropic's Privacy Policy. • Supabase — for database storage. Data is stored in encrypted databases in the EU/US regions. • Vercel — for hosting and edge infrastructure. Governed by Vercel's Privacy Policy. We do not use advertising networks, tracking pixels, or third-party analytics beyond what is strictly necessary for product operation.

We use minimal, necessary cookies only: • Session cookies to maintain your analysis state • Security cookies to prevent CSRF attacks • Preference cookies if you customize display settings We do not use advertising cookies, retargeting pixels, or invasive tracking technologies.

We take security seriously. Measures include: • All data in transit encrypted with TLS 1.3 • API keys stored as server-side environment variables only — never exposed client-side • Input validation and sanitization on all form submissions • Rate limiting to prevent abuse • Security headers (HSTS, CSP, X-Frame-Options) on all responses • IP addresses stored as one-way hashes only

You have the right to: • Access any personal data we hold about you • Request deletion of your data • Export your analysis history (for account holders) • Opt out of anonymized product analytics • Lodge a complaint with your local data protection authority To exercise these rights, contact us at privacy@startupxai.com

StartupX AI is not directed at children under 13 years of age. We do not knowingly collect personal information from children. If you believe a child has provided personal information, contact us immediately at privacy@startupxai.com.

We may update this Privacy Policy periodically. We will notify users of material changes via email (for account holders) and by posting a notice on our website. Continued use of the service after changes constitutes acceptance of the updated policy.

For privacy-related questions or requests: Email: privacy@startupxai.com Support: startupxai.com/support We aim to respond to all privacy inquiries within 48 hours.