CivStart Ventures Privacy Policy
CivStart Ventures, Inc. ("CivStart Ventures," "we," "our," or "us") values the privacy of all individuals who access our platforms and related services.
This Privacy Policy applies to all CivStart Ventures products and services (collectively, the "Services"), including:
GovFit — our vendor-facing B2G platform connecting technology companies with government procurement opportunities; and
Clarity AI by CivStart — our government-facing research and discovery platform for defining and aligning on organizational challenges.
Where a practice applies only to one product, it is identified as such. Where no product is specified, the practice applies to both.
This Privacy Policy explains how we collect, use, and disclose information from users ("Users" or "you"). By using any of the Services, you agree to the practices described here. Your use is also governed by the applicable Terms of Service for the product you are using: GovFit Terms of Service | Clarity AI Terms of Service.
1. Information We Collect
A. Information You Provide
Registration and Profile. When you create an account on either platform, we collect your name, email address, organization, and job title, and optionally your LinkedIn profile. If you sign in via Google or another third-party login, we receive basic profile information (name, email, avatar). For Clarity AI users, your organization must be a public-sector entity; we collect your official work email and public-sector affiliation as part of eligibility verification.
GovFit only — Organization Data. Admins may add or invite users within their startup account; we store their contact details.
GovFit only — Payment Information. Payments are processed by our third-party provider (Stripe or successor); we do not store complete card numbers. Clarity AI is provided free of charge; no payment information is collected from government users.
GovFit only — KPI and Program Data. Startups submit quarterly key-performance metrics and deal-status updates; these may include contract values, markets, and financial details.
Clarity AI only — Challenge Data. Government users may input challenge definitions, stakeholder information, organizational context, constraints, and related content ("Challenge Data") to define and refine their organizational challenges. Challenge Data is voluntary; users are not required to complete any particular field to use the platform. We strongly advise users not to submit personally identifiable information of residents, businesses, or staff, or any protected health information, into the platform. See Section 2 for how Challenge Data is used.
Communications. If you contact us or participate in chat or email support on either platform, we collect the information you provide and metadata (timestamps, attachments).
B. Information Collected Automatically
Device and Usage Data. We log IP address, browser type, operating system, pages viewed, session duration, and actions such as credit spending or KPI submission.
Cookies and Tracking. We and our analytics partners (e.g., Google Analytics) use cookies, pixels, and SDKs to understand engagement and improve Services.
Location Data. We infer general location (city/region) from IP address.
Messages and Interactions. When you request a Connection or send a message through our Services, we retain that activity record for auditing and quality control.
Device and Usage Data. We log IP address, browser type, operating system, pages viewed, session duration, and actions such as credit spending or KPI submission.
Cookies and Tracking. We and our analytics partners (e.g., Google Analytics) use cookies, pixels, and SDKs to understand engagement and improve Services.
Location Data. We infer general location (city/region) from IP address.
Messages and Interactions. When you request a Connection or send a message through our Services, we retain that activity record for auditing and quality control.
C. Information from Third Parties
We may receive business contact information or enrichment data from public sources, partners, or integrations (e.g., Google Workspace, CRM APIs) to enhance accuracy and relevance.
2. How We Use Information
We use information to:
Provide, maintain, and improve the Services and credit functionality.
Match startups with appropriate government Signals and manage Connections.
Personalize recommendations and dashboards.
Communicate with you, deliver updates, invoices, and support responses.
Verify eligibility, prevent fraud or misuse, and enforce our Terms of Service.
Analyze aggregated KPI and usage data to develop new products and market reports.
Send administrative and occasional promotional communications (you may opt out).
Comply with legal obligations and respond to lawful requests.
For any other purpose disclosed at collection or with your consent.
3. How We Disclose Information
Vendors and Service Providers: payment processors, analytics, email and hosting vendors acting under contract.
Other Users: limited profile information (name, organization, role) may be visible to other accepted startups or public-sector contacts during Connection workflows.
Business Partners & Sponsors: only in aggregated form unless you opt in to named recognition (e.g., case study or investment support).
Aggregation Standard: Any aggregated or anonymized data derived from Client information shall be processed such that Client cannot reasonably be identified, directly or indirectly, and such data shall not be capable of reverse identification.
Legal and Safety: to comply with law or protect rights, property, or safety of CivStart Ventures, users, or others.
Corporate Transactions: in connection with a merger, acquisition, financing, or sale of assets, subject to continued protection consistent with this Policy.
With Your Consent: when you direct us to share information or connect with a third party.
No Competitive Use: CivStart shall not use Client data, KPI data, or derived insights in a manner that is intended to competitively disadvantage Client or materially benefit a direct competitor of Client.
Vendors and Service Providers: payment processors, analytics, email and hosting vendors acting under contract.
Other Users: limited profile information (name, organization, role) may be visible to other accepted startups or public-sector contacts during Connection workflows.
Business Partners & Sponsors: only in aggregated form unless you opt in to named recognition (e.g., case study or investment support).
Aggregation Standard: Any aggregated or anonymized data derived from Client information shall be processed such that Client cannot reasonably be identified, directly or indirectly, and such data shall not be capable of reverse identification.
Legal and Safety: to comply with law or protect rights, property, or safety of CivStart Ventures, users, or others.
Corporate Transactions: in connection with a merger, acquisition, financing, or sale of assets, subject to continued protection consistent with this Policy.
With Your Consent: when you direct us to share information or connect with a third party.
No Competitive Use: CivStart shall not use Client data, KPI data, or derived insights in a manner that is intended to competitively disadvantage Client or materially benefit a direct competitor of Client.
4. Your Choices and Rights
Marketing Emails: unsubscribe via the link in any email. Operational notices will still be sent.
Cookies: adjust browser settings or use industry opt-out tools ( NAI opt-out, DAA opt-out).
Access / Correction / Deletion: You may update or delete your profile information in-app, or submit a written deletion request to compliance@civstart.com. We will respond within thirty (30) days and confirm deletion in writing. Certain records may be retained as described in Section 5.
Credit and Connection Data: deleting your account removes personally identifying data but retains anonymized statistics.
Marketing Emails: unsubscribe via the link in any email. Operational notices will still be sent.
Cookies: adjust browser settings or use industry opt-out tools ( NAI opt-out, DAA opt-out).
Access / Correction / Deletion: You may update or delete your profile information in-app, or submit a written deletion request to compliance@civstart.com. We will respond within thirty (30) days and confirm deletion in writing. Certain records may be retained as described in Section 5.
Credit and Connection Data: deleting your account removes personally identifying data but retains anonymized statistics.
5. Data Retention and Security
We keep personal data as long as your account is active or required to provide Services, meet legal obligations, or resolve disputes.
Upon written request submitted to compliance@civstart.com, CivStart will delete or cause to be deleted your personal data within thirty (30) days of receiving the request, and will confirm completion in writing. Following termination or expiration of an account, CivStart will delete or anonymize personal and account-level data within thirty (30) days of the later of: (a) the account termination date; or (b) the expiration of any applicable legal hold or retention obligation. Data retained in routine encrypted backup systems will be purged in the ordinary course of the backup rotation cycle. The following categories of data are not subject to this deletion obligation: (i) anonymized and aggregated data that cannot reasonably be re-identified; (ii) data required to be retained by applicable law, regulation, or a legitimate legal hold; and (iii) data that the Recipient establishes is independently necessary to resolve an existing dispute or enforce an existing agreement.
We use administrative, technical, and physical safeguards appropriate to our business. No system is completely secure; use our Services at your own risk.
6. Children’s Privacy
GovFit is intended for professional users age 18 and older. We do not knowingly collect personal data from minors. If you believe a minor has provided data, contact compliance@civstart.ventures and we will delete it.
7. International Users
The Services are hosted in the United States. By using GovFit from outside the U.S., you consent to transfer and processing in the U.S. and acknowledge that U.S. laws may differ from those in your country.
8. Changes to This Policy
We may update this Privacy Policy periodically. Material changes will be announced via in-app notice or email 30 days before they take effect. Continued use after notice means acceptance.
9. Contact Us
CivStart Ventures, Inc.
1123 Winchester Rd, Lexington, KY 40502 USA
Email: compliance@civstart.ventures
For general support: admin@civstart.ventures