Privacy Policy

Your privacy is our priority

Effective Date: May 1, 2026

1. Information We Collect

Personal Information:

• Name: Your first and last name for profile creation and networking
• Email Address: For account registration, authentication, and communication
• Location: City and state/region for location-based entrepreneur matching
• Profile Photos: Images you upload for your entrepreneur profile
• Business Information: Industry, skills, experience, business stage, and goals

User-Generated Content:

• Community Posts: Business updates, milestones, and insights you share
• Match Messages: Chat conversations with matched entrepreneurs
• Comments and Interactions: Engagement with community content
• Business Insights: Contributions to our Q&A hub
• Idea Hub Content: Business ideas, project descriptions, collaboration requests, and chat messages exchanged with collaborators
• Founders Room Participation: RSVP records and attendance data for live group video sessions

Technical Information:

• User IDs: Unique identifiers for account management
• Device IDs: For push notifications and security
• Search History: Search queries within the app for finding entrepreneurs, experts, and content
• Usage Data: App interactions, feature usage, and navigation patterns
• Performance Data: App launch times, response rates, and stability metrics
• Google Calendar OAuth Tokens: Refresh tokens stored securely to enable automated calendar event creation for expert consultation bookings (only when you connect your Google Calendar)

Financial Information:

• Subscription Payments: Billing details for free and premium subscription plans (processed by Stripe)
• Expert Consultation Payments: Payment details for booking expert sessions (processed by Stripe)
• Expert Payout Information: Bank account details for experts receiving payouts via Stripe Connect
• Purchase History: Subscription and consultation transactions and billing records

Support Data:

• Customer Support: Help requests, feedback, and bug reports you submit

2. How We Use Your Information

App Functionality:

• User authentication and account management
• Entrepreneur matching and networking features
• Chat and messaging between matched entrepreneurs
• Community feed and business insights
• Idea Hub collaboration matching and collaborator chat
• Founders Room live group sessions (RSVP management, Zoom session access)
• Expert consultation booking, scheduling, and payment processing
• Google Calendar event creation for confirmed consultation bookings
• Subscription management and premium features
• Security measures and fraud prevention
• Customer support and technical assistance

Product Personalization:

• Customized match recommendations based on location and business interests
• Personalized community feed content
• Relevant business insights and Q&A suggestions
• Tailored notification preferences

Analytics and Improvement:

• Understanding user engagement and app performance
• Evaluating feature effectiveness
• Planning new features and improvements
• Measuring subscription conversion and business metrics
• Technical diagnostics and performance analysis

3. Data Sharing and Disclosure

We May Share Data With:

• Service Providers: Trusted third-party services operating under Data Processing Agreements (Firebase/Google, Stripe, Stripe Connect, Zoom, Google Calendar API, Brevo)
• Legal Requirements: When required by law, court order, or to protect rights and safety
• Business Transfers: In connection with mergers, acquisitions, or asset sales — we will notify you at least 30 days in advance
• Consent: When you explicitly agree (e.g., Google Calendar integration)
• Experts: When you book a consultation, your name and email are shared with the expert for session coordination only

Visible Within the App:

• Your profile information is visible to other entrepreneurs for networking and matching
• Community posts, comments, and public Idea Hub content you publish are visible to other users
• Note: Public Idea Hub posts may constitute prior public disclosure and could affect patent rights — see our Terms of Service for details
• Business insights and Q&A contributions in our knowledge hub
• Expert profiles and availability visible to users booking consultations
• Founders Room: Your RSVP status is visible to other confirmed attendees; Zoom session links are provided only to confirmed attendees

4. Data Security

We implement multiple layers of security to protect your information:

• Encryption: All data is encrypted in transit (TLS 1.2+) and at rest
• Firestore Security Rules: Role-based access controls ensure users can only access their own data and permitted shared content
• HMAC Request Signing: Server-to-server API requests authenticated with HMAC-SHA256 signatures and timestamp expiry to prevent replay attacks
• Stripe PCI Compliance: Payment data handled exclusively by Stripe (PCI DSS Level 1 certified) — we never store raw card numbers
• Zoom Session Gating: Founders Room Zoom links are accessible only to users with confirmed RSVP status
• Firebase Authentication: Secure token-based authentication with automatic session management
• Admin Access Controls: Platform configuration and sensitive data restricted to authorized administrators
• Automated Monitoring: Security event detection and alerting

Despite these measures, no internet transmission is 100% secure. If you believe your account has been compromised, contact us immediately at hello@venturoo.live.

5. Your Rights and Choices

Account Management:

• Access and update your profile information
• Control privacy settings and notification preferences
• Delete posts and contributions
• Manage subscription and billing information
• Connect or disconnect Google Calendar at any time via Profile → Settings → Connected Accounts

Data Rights:

• Access: Request a copy of your personal data
• Correction: Update inaccurate or incomplete information
• Deletion: Request deletion of your account and data
• Portability: Export your data in a common format
• Objection: Opt out of certain data processing activities

Communication Preferences:

• Control push notifications in app settings
• Manage email communications
• Adjust marketing preferences

6. Data Retention

We retain your information as long as:

• Your account is active
• Needed to provide services
• Required for legal or business purposes
• You have outstanding subscriptions or transactions

When you delete your account, we remove personal information while retaining anonymized analytics data for business purposes. Google Calendar OAuth tokens are deleted immediately when you disconnect via Profile → Settings → Connected Accounts, or upon account deletion.

7. Children's Privacy

Venturoo welcomes entrepreneurs of all ages, including young founders. Users must be at least 14 years of age to register.

Ages 14-17 (Young Entrepreneurs):

• A parent or legal guardian must provide verifiable consent before a user aged 14-17 can register
• Parental consent: By registering as a Young Entrepreneur (age 14-17), the user confirms that their parent or guardian has reviewed and agreed to our Terms of Service and Privacy Policy on their behalf. We may implement additional verification steps in jurisdictions that require it
• Young Entrepreneur profiles display a badge identifying their age group
• We do not sell or share minors' personal data for advertising purposes
• Parents or guardians may request access to, correction of, or deletion of their child's data by contacting us at hello@venturoo.live
• We comply with COPPA (US Children's Online Privacy Protection Act) for users in the United States, GDPR Article 8 for EU/UK users, and applicable local laws governing children's privacy in other jurisdictions

Under 14 Years Old:

• We do not knowingly collect personal information from children under 14
• If we discover we have collected data from a user under 14, we will delete their account and all associated data immediately
• Parents or guardians who believe their child under 14 has registered should contact us immediately at hello@venturoo.live - we will act within 48 hours

8. International Data Transfers

Venturoo operates globally, and your information may be transferred to and processed in countries other than your own, including the United States. We ensure appropriate safeguards are in place to protect your data during such transfers, including:

• Standard Contractual Clauses (SCCs): EU-approved contractual safeguards for transfers outside the EEA
• Adequacy Decisions: Where applicable, we transfer data to countries recognized as providing adequate data protection
• Data Processing Agreements: Binding agreements with all third-party processors requiring equivalent privacy protections
• Encryption: All data is encrypted in transit and at rest regardless of jurisdiction
• Data Minimization: We only transfer the minimum data necessary for the specific processing purpose

For EU/EEA users, transfers to the United States are conducted under the EU-U.S. Data Privacy Framework where applicable, or Standard Contractual Clauses. For Brazilian users, international transfers comply with LGPD Article 33 requirements. You may request details about the safeguards applied to your data transfers by contacting us at hello@venturoo.live.

9. Third-Party Services

Integrated Services:

• Firebase/Google: Authentication, database, cloud functions, and analytics
• Apple/Google: In-app purchases and authentication
• Stripe & Stripe Connect: Subscription billing, expert consultation payments, and expert payouts
• Zoom: Founders Room live group video sessions (40-minute sessions; Zoom processes session data per its own privacy policy)
• Google Calendar API: Automated calendar event creation for confirmed expert consultation bookings (only when you connect your Google Calendar)
• Brevo (Sendinblue): Transactional email delivery (welcome emails, booking confirmations, support responses)

Social Media:

Links to social media platforms are governed by their respective privacy policies.

10. Cookies and Tracking

We use essential technical cookies and identifiers for:

• User authentication
• App functionality
• Security and fraud prevention
• Performance analytics (Google Analytics on our website)

We do not use tracking cookies for advertising purposes.

11. Changes to This Privacy Policy

We may update this policy periodically. We will:

• Notify you of significant changes via email or app notification
• Post the updated policy with a new effective date
• Provide options to review and accept changes

Continued use of the app after changes constitutes acceptance of the updated policy.

12. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, you have rights under the General Data Protection Regulation (GDPR) and equivalent local laws. Venturoo acts as the data controller for your personal data.

• Right of Access (Art. 15): Obtain a copy of your personal data and information about how it is processed
• Right to Rectification (Art. 16): Correct inaccurate or incomplete personal data
• Right to Erasure / "Right to be Forgotten" (Art. 17): Request deletion of your personal data under certain conditions
• Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format
• Right to Object (Art. 21): Object to processing based on legitimate interests or for direct marketing
• Right to Restrict Processing (Art. 18): Limit how we process your data in certain circumstances
• Rights Related to Automated Decision-Making (Art. 22): Not be subject to solely automated decisions with significant effects

Our legal bases for processing include: contract performance (account and subscription management), legitimate interest (security, fraud prevention, matching algorithms), consent (Google Calendar integration, marketing communications), and legal obligation.

You can contact our Data Protection Officer at hello@venturoo.live for any GDPR-related inquiries. We will respond to all requests within 30 days as required by law.

When we transfer data outside the EEA, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, the EU-U.S. Data Privacy Framework, or adequacy decisions. You may request a copy of these safeguards by contacting us at hello@venturoo.live.

13. California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).

Categories of personal information we collect include:

• Identifiers: Name, email address, unique user IDs, device identifiers
• Commercial Information: Subscription and consultation purchase history
• Internet/Electronic Activity: App usage data, feature interactions, search history, browsing history within the app
• Geolocation Data: City and region for matching purposes
• Professional Information: Industry, skills, experience, business stage
• Inferences: Entrepreneur compatibility scores derived from profile data

Your rights include:

• Right to Know: Request disclosure of what personal information we collect, use, share, or sell
• Right to Delete: Request deletion of your personal information
• Right to Correct: Request correction of inaccurate personal information (CPRA)
• Right to Opt-Out of Sale/Sharing: We do not sell or share personal information for cross-context behavioral advertising
• Right to Limit Use of Sensitive Personal Information: We do not use sensitive personal information for purposes beyond those necessary to provide the service
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights

Submit a verifiable consumer request by emailing hello@venturoo.live with the subject line "CCPA Request." We will verify your identity before processing. You may also designate an authorized agent to submit requests on your behalf. We will respond within 45 days as required by law.

In the preceding 12 months, we have not sold any personal information. We have disclosed personal information for business purposes to service providers including cloud hosting, analytics, and payment processors.

14. Brazil Privacy Rights (LGPD)

If you are located in Brazil, you have rights under the Lei Geral de Proteção de Dados (LGPD — General Data Protection Law, Law No. 13,709/2018). Venturoo acts as the controlador (controller) of your personal data.

Your rights under LGPD include:

• Confirmation: Confirm whether we process your personal data
• Access: Access your personal data
• Correction: Correct incomplete, inaccurate, or outdated data
• Anonymization, Blocking, or Deletion: Of unnecessary or excessive data or data processed in non-compliance with the LGPD
• Portability: Transfer your data to another service provider
• Deletion: Delete personal data processed with your consent
• Information: Receive information about public and private entities with which we have shared your data
• Opposition: Object to processing based on other legal bases when non-compliant
• Withdrawal of Consent: Withdraw consent at any time

Our Encarregado can be reached at hello@venturoo.live. We will respond to all LGPD requests within 15 days as required by law.

15. Additional Regional Privacy Rights

Canada — PIPEDA / Quebec Law 25:

• You have the right to access, correct, and withdraw consent for use of your personal information
• We obtain meaningful consent before collecting, using, or disclosing personal information
• You may file complaints with the Office of the Privacy Commissioner of Canada (OPC)
• Quebec residents have additional rights under Law 25, including the right to data portability and the right to be forgotten

Australia — Privacy Act 1988:

• We comply with the Australian Privacy Principles (APPs)
• You have the right to access and correct personal information we hold about you
• You may file complaints with the Office of the Australian Information Commissioner (OAIC)

Singapore — PDPA (Personal Data Protection Act):

• You have the right to access and correct your personal data
• You may withdraw consent for the collection, use, or disclosure of your data
• You may file a complaint with the Personal Data Protection Commission (PDPC)

Japan — APPI (Act on the Protection of Personal Information):

• We specify and disclose the purpose of use of your personal information
• You have the right to request disclosure, correction, suspension, or deletion of your data
• International transfers are conducted with appropriate safeguards
• You may file complaints with the Personal Information Protection Commission (PPC)

India — DPDPA (Digital Personal Data Protection Act, 2023):

• We process personal data for lawful purposes with your consent or under other legitimate bases
• You have the right to access, correct, and erase your personal data
• You may nominate another person to exercise your rights on your behalf
• You may file grievances with us or the Data Protection Board of India

South Korea — PIPA (Personal Information Protection Act):

• We collect and process personal information in compliance with PIPA
• You have the right to access, correct, delete, and suspend processing of your data
• We obtain separate consent for international data transfers
• You may file complaints with the Personal Information Protection Commission (PIPC)

Other US State Privacy Laws:

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), Montana (MCDPA), and other states with comprehensive privacy laws have similar rights including:

• Right to access, correct, and delete personal data
• Right to data portability
• Right to opt out of targeted advertising (we do not engage in targeted advertising)
• Right to opt out of the sale of personal data (we do not sell personal data)
• Right to appeal a denial of a privacy request

16. How to Exercise Your Rights

Regardless of your location, you can exercise your privacy rights through any of the following methods:

• In-App: Navigate to Settings → Privacy → Data Request to submit access, correction, or deletion requests
• Email: Send a request to hello@venturoo.live with your full name, email address associated with your account, and the specific right you wish to exercise
• Account Deletion: Use the in-app account deletion feature or visit venturoo.live/delete-account

We will verify your identity before processing any request. Response times vary by jurisdiction (see specific regional sections above) but we aim to respond within 30 days or sooner as required by applicable law.

17. DMCA and Copyright Policy

Venturoo respects intellectual property rights and complies with the Digital Millennium Copyright Act (DMCA). We will respond promptly to notices of alleged copyright infringement.

To submit a DMCA takedown notice, contact our designated agent:
Email: hello@venturoo.live (Subject: "DMCA Takedown Request")

Your notice must include:

• Your physical or electronic signature
• Identification of the copyrighted work claimed to be infringed
• Identification of the allegedly infringing material with sufficient detail to locate it
• Your name, address, telephone number, and email address
• A statement of good faith belief that the use is not authorized by the copyright owner, its agent, or the law
• A statement under penalty of perjury that the information is accurate and you are authorized to act on behalf of the copyright owner

Counter-Notification:

If your content was removed in error, submit a counter-notification to the same address. We will restore eligible content consistent with DMCA Section 512(g) unless the complainant seeks a court order. Repeat copyright infringers will have their accounts terminated.

18. Professional Advice Disclaimer

Venturoo is a networking and collaboration platform — not a provider of professional advice.

Connections made through Venturoo — including entrepreneurs, experts, and community members — are independent individuals and businesses. Their views and recommendations do not represent Venturoo.

Expert Consultations: Experts listed on Venturoo are independent professionals. Sessions are educational and informational in nature. Venturoo does not verify expert credentials, licenses, or professional standing beyond what experts self-report in their profiles. Always conduct your own due diligence and consult qualified, licensed professionals for matters requiring professional advice.

19. Contact Us

For privacy-related questions, requests, or concerns:

• Privacy & Data Protection Inquiries: hello@venturoo.live
• General Support: hello@venturoo.live
• CCPA Requests: hello@venturoo.live (Subject: "CCPA Request")
• GDPR Requests: hello@venturoo.live (Subject: "GDPR Request")
• LGPD Requests: hello@venturoo.live (Subject: "LGPD Request")
• Mailing Address: Venturoo LLC, United States
• Response Time: We aim to respond within 30 days, or sooner as required by your local privacy law.

This privacy policy was last updated on May 1, 2026.