HTSS

Privacy Policy

This Privacy Policy explains how HowToStartaStartup ("we," "us," or "our") collects, uses, and protects your personal information when you use our platform.

Quick Summary

  • We only collect data needed to provide our services
  • We never sell your personal data
  • Payments are processed securely via PayPal
  • You can request data deletion anytime
  • We comply with GDPR, CCPA, and Indian data laws

1. Information We Collect

Account Information

  • Name and email address
  • Profile information you choose to provide
  • Authentication data (managed by Clerk)

Payment Information

  • Payments are processed by PayPal
  • We do NOT store credit card numbers
  • We receive: Transaction ID, payment status, and email from PayPal

Usage Data

  • Pages visited and features used
  • Device and browser information
  • IP address (for regional compliance)

2. How We Use Your Information

  • To provide and improve our services
  • To process payments and subscriptions
  • To send service-related communications
  • To provide customer support
  • To comply with legal obligations

3. Data Sharing

We share data only with:

  • PayPal: For payment processing
  • Clerk: For authentication
  • Supabase: For data storage (encrypted)
  • Vercel: For hosting

We never sell your data to third parties.

4. Your Rights by Region

🇪🇺 European Union (GDPR)

  • Right to access your data
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to data portability
  • Right to withdraw consent

🇺🇸 United States (CCPA)

  • Right to know what data we collect
  • Right to delete your data
  • Right to opt-out of data sale (we don't sell)
  • Right to non-discrimination

🇦🇪 Middle East

  • Right to access your data
  • Right to correction
  • Right to deletion
  • Compliance with UAE PDPL & Saudi PDPL

🇮🇳 India (DPDP Act)

  • Right to access information
  • Right to correction and erasure
  • Right to grievance redressal
  • Right to nominate

5. Data Security

  • All data is encrypted in transit (HTTPS/TLS)
  • Data at rest is encrypted using AES-256
  • Regular security audits and monitoring
  • Access controls and authentication

6. Data Retention

  • Account data: Until you delete your account
  • Payment records: 7 years (legal requirement)
  • Usage logs: 90 days
  • Support tickets: 2 years

7. Contact Us

For privacy-related questions or to exercise your rights:

🌐 Available Languages

This policy is available in: English • Deutsch • Español • Português • العربية

In case of discrepancy, the English version prevails.

Last updated: January 10, 2026

Questions? Contact us at legal@howtostartastartup.live