Privacy Policy

Athanor Market, Inc., a Delaware corporation, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information.

1. Information We Collect

Information You Provide

• Account Information: Email address, password, name, profile details
• Profile Data: Bio, expertise, role, social links, avatar image
• Idea Submissions: Business ideas, team information, financial data, market analysis, uploaded documents
• Payment Information: Processed and stored securely by Stripe (we do not store credit card details)
• Communications: Messages sent through the platform or to our support team

Automatically Collected Information

• IP address and approximate location
• Device information (browser, operating system, device type)
• Usage data (pages visited, features used, time spent)
• Cookies and similar tracking technologies
• Performance and error data

2. How We Use Your Information

We use collected information to:

• Provide the Service: Process evaluations, manage accounts, deliver reports
• AI Processing: Analyze your startup ideas using our GemSeeker AI system
• Communications: Send verification emails, evaluation notifications, important updates
• Payments: Process transactions and manage GemScore Pass credits
• Improvement: Analyze usage patterns to improve our AI models and platform features
• Security: Detect fraud, abuse, and manipulation attempts
• Compliance: Meet legal and regulatory obligations
• Support: Respond to inquiries and provide customer service

3. Data Sharing - We Do Not Sell Your Data

We only share information with:

Essential Service Providers

• AI Services: Multiple AI providers including OpenAI, Anthropic, DeepSeek, and others for evaluation processing
• MongoDB Atlas: For secure data storage
• Stripe: For payment processing
• Mailgun: For transactional email delivery
• Intercom: For customer support chat (if you use it)
• Cloud Infrastructure: Google Cloud Platform, Fly.io, and related services

Legal Requirements

• When required by law, court order, or government request
• To protect our rights, property, or safety
• To enforce our Terms of Service
• In connection with fraud investigation or prevention

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owner, subject to this Privacy Policy.

Your startup ideas remain confidential and are NEVER shared with other users, competitors, or third parties without your explicit written consent.

4. AI Processing & Data Usage

AI Service Providers

Your startup ideas are processed using advanced language models from multiple leading AI providers including OpenAI, Anthropic, DeepSeek, and others. We select the most appropriate models for each analysis task:

• Data sent to AI providers is subject to their respective API terms and privacy policies
• Most AI API providers do not use your data to train their public models per their API terms
• Data is transmitted securely over encrypted connections (HTTPS/TLS)
• We only share information necessary for evaluation
• We continuously evaluate and integrate the best-performing AI technologies

Custom Model Training

We fine-tune custom models on our proprietary datasets to improve domain-specific accuracy:

• All personally identifiable information is removed before training
• Startup ideas are anonymized and aggregated
• We study patterns to improve evaluation accuracy
• Individual ideas are never exposed or identifiable
• Training data is securely stored and protected

Note: We may update AI providers and models without notice to ensure you always receive the most accurate and up-to-date evaluations. The core evaluation methodology and confidentiality protections remain constant regardless of the underlying AI technology.

5. Data Security

We implement comprehensive security measures:

• Encryption: TLS/SSL for data in transit, AES-256 for data at rest
• Authentication: Bcrypt password hashing, JWT tokens, email verification
• Access Controls: Role-based access, principle of least privilege
• Monitoring: Security logging, anomaly detection, intrusion prevention
• Infrastructure: Secure cloud hosting with MongoDB Atlas and GCP/Fly.io
• Audits: Regular security reviews and vulnerability scanning

Note: No system is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Your Privacy Rights

You have the right to:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your data (subject to legal retention requirements)
• Export: Download your data in a portable format
• Opt-Out: Unsubscribe from marketing emails (service emails still sent)
• Object: Object to certain data processing activities
• Restrict: Request restriction of data processing

To exercise these rights, contact us through our contact form.

GDPR & CCPA Rights

EU and California residents have additional rights under GDPR and CCPA:

• Right to know what data we collect and why
• Right to deletion (with exceptions for legal compliance)
• Right to non-discrimination for exercising privacy rights
• Right to opt-out of data sales (which we don't do anyway)

7. Cookies and Tracking

We use cookies for:

• Essential: Authentication, session management, security
• Functional: Remember preferences and settings
• Analytics: Understand how the Service is used (anonymized)
• Performance: Monitor and improve system performance

You can control cookies through your browser settings. Disabling cookies may limit Service functionality.

8. Data Retention

We retain data as follows:

• Account Data: Retained while account is active
• Evaluation Results: Retained indefinitely unless you request deletion
• Payment Records: Retained for 7 years for tax and legal compliance
• Logs: Retained for 90 days for security and debugging
• Deleted Accounts: Data deleted within 30 days (except legal requirements)

9. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect information from children under 18. If we discover we have collected such information, we will delete it immediately.

10. International Data Transfers

Your information may be transferred to and processed in the United States or other countries where our service providers operate. These countries may have different data protection laws than your jurisdiction.

By using the Service, you consent to such transfers. We ensure appropriate safeguards are in place, including:

• Standard contractual clauses
• Privacy Shield compliance (where applicable)
• Adequate data protection agreements

11. Third-Party Services

Our Service integrates with third-party providers. Each has their own privacy policy:

• AI Providers: OpenAI, Anthropic, DeepSeek, and other leading AI service providers (visit their respective websites for privacy policies)
• Stripe: stripe.com/privacy
• MongoDB Atlas: mongodb.com/legal/privacy-policy
• Mailgun: mailgun.com/legal/privacy-policy
• Intercom: intercom.com/legal/privacy
• Cloud Hosting: Google Cloud Platform, Fly.io

Note: The specific AI providers and services we use may change as we continuously optimize for the best evaluation quality and performance. All providers are carefully vetted for security and privacy compliance.

12. Marketplace Privacy

When you interact with Marketplace listings:

• We may track views and interactions for analytics
• Contact information (e.g., Telegram handles) belongs to advisors
• Direct communications with advisors are not monitored by us
• Transactions occur directly between you and advisors (we are not a party)

13. Data Breach Notification

In the unlikely event of a data breach affecting your personal information, we will:

• Notify affected users within 72 hours
• Describe the nature of the breach
• Explain remedial actions taken
• Provide guidance on protective measures
• Notify relevant authorities as required by law

14. Your Control Over Data

You can:

• Edit: Update your profile and account information anytime
• Delete: Delete specific ideas or your entire account
• Export: Request a complete copy of your data
• Restrict: Limit certain data processing
• Unsubscribe: Opt-out of promotional emails

Note: Some data may be retained for legal compliance even after account deletion.

15. Analytics & Improvement

We analyze aggregated, anonymized data to improve our Service:

• Which features are most used
• Common patterns in successful vs unsuccessful ideas
• AI accuracy and performance metrics
• User experience improvements

This analysis never exposes individual ideas or identifies specific users.

16. Changes to Privacy Policy

We may update this Privacy Policy periodically. Material changes will be notified via:

• Email notification to registered users
• Prominent notice on the Service
• Updated "Last Updated" date at the top of this policy

Continued use after changes constitutes acceptance of the updated policy.

17. Contact Us

For any privacy-related questions, concerns, or requests:

Athanor Market, Inc.
Registered in Delaware, United States
Contact Us | Troubleshooting

For all matters including privacy inquiries, data protection requests, and GDPR/CCPA compliance, please use the email above.