Menu
Sign In

Startinbox Privacy Policy

Effective Date: November 2025|Last Updated: November 2025|Owner: Startinbox

1. Introduction

Welcome to Startinbox — an AI-powered platform that helps founders, students, and creators validate startup ideas, generate launch content, and connect with startup resources.

This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our services. By using Startinbox, you agree to this Privacy Policy.

2. Information We Collect

A. Information You Provide

  • Personal details: name, email address, WhatsApp number, and payment information (when applicable).
  • Idea submission details: text or descriptions entered into our validation forms.
  • Payment details: processed securely through third-party payment gateways (Paystack and Flutterwave). We do not store full card details.
  • Newsletter information: email address and consent to receive marketing emails.
  • Reviews/testimonials: your name (optional), feedback text, and rating.

B. Automatically Collected Data

  • Device information: browser, operating system, IP address.
  • Usage data: pages visited, time spent, actions taken.
  • Cookies for analytics and user experience improvements.

3. How We Use Your Information

  • Deliver AI-generated idea validation reports and content.
  • Process your payments securely.
  • Communicate your results via email and WhatsApp.
  • Send newsletters, product updates, and educational content (if you opt in).
  • Display reviews/testimonials (only with your explicit consent).
  • Improve our services and customer experience.
  • Respond to inquiries, feedback, and support requests.
  • Meet our legal and financial reporting obligations.

4. Newsletter and Marketing Communications

  • You may subscribe to our newsletter voluntarily.
  • We will only send content after you opt in.
  • Every email includes an unsubscribe link that instantly removes you from the list.
  • We may use trusted third-party providers such as SendGrid or MailerLite to manage newsletter delivery. These providers comply with GDPR and NDPR.

5. Reviews and Testimonials

  • By submitting a review, you grant Startinbox permission to display it publicly.
  • Reviews include your first name, rating, and feedback. Including your startup name is optional.
  • You can request removal or modification of your testimonial at any time by contacting us.

6. Cookies and Tracking Technologies

We use cookies to enhance your experience, analyze traffic, and remember preferences.

You can adjust your browser settings to refuse cookies, but some features may not function properly without them.

7. Data Storage and Security

  • All data is stored securely using encrypted databases (PostgreSQL, Google Cloud).
  • We use HTTPS (SSL encryption) for all communication.
  • We never sell, rent, or share your data with unauthorized third parties.
  • We comply with GDPR and NDPR standards.

8. Payment Information

  • Payments are processed by Paystack and Flutterwave, both PCI-DSS compliant.
  • Startinbox does not store or have access to your complete card information.
  • We only retain transaction references, amounts, and timestamps for record-keeping.

9. Legal Basis for Processing (GDPR Compliance)

Under the GDPR, we process your personal data on the following bases:

  • Contractual necessity: To provide services you request.
  • Consent: For newsletters, marketing, and public reviews.
  • Legitimate interest: To improve our platform and prevent fraud.
  • Legal obligation: To comply with applicable tax and financial laws.

10. Your Data Rights

As a user, you have the right to:

  • Access your personal data.
  • Request correction of inaccuracies.
  • Request deletion of your data (“Right to Be Forgotten”).
  • Withdraw consent for newsletter or marketing communications.
  • Request export of your data (data portability).
  • File a complaint with a data protection authority.

To exercise these rights, email us at startinbox489@gmail.com .

11. Data Retention

  • Idea submissions and reports are deleted after 12 months of inactivity.
  • Newsletter and user account data are retained until you unsubscribe or request deletion.
  • Backup copies may persist securely for up to 90 days.

12. International Data Transfers

We may process data using cloud services that store information outside Nigeria. All transfers comply with Standard Contractual Clauses (SCCs) under GDPR for secure cross-border data protection.

13. Children’s Privacy

Startinbox is not intended for users under 18 years old. We do not knowingly collect or store personal data from minors. If such data is identified, it will be deleted immediately upon notice.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users via email or in-app notice when significant changes occur. The updated version will be available at www.startinbox.tech/privacy-policy.

15. Contact Information

If you have questions, requests, or complaints about this Privacy Policy or your data, please contact us:

startinbox489@gmail.com