Legal

Privacy Policy

Last updated: May 13, 2026

1. Introduction

StartupPulse ("we," "us," or "our") is committed to protecting your personal data and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services, in compliance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (DPDPA) of India.

2. Information We Collect

We may collect the following types of information:

2.1 Personal Data (provided voluntarily)

  • Full name, email address, and company name (during sign-up or contact form submission)
  • Google account information (name, email, profile picture) when authenticating via Google OAuth
  • LinkedIn URL, Twitter handle, and professional role (for founder directory submissions)
  • Messages and content posted in community channels or direct messages

2.2 Automatically Collected Data

  • Device information (browser type, operating system)
  • Log data (IP address, access times, pages viewed)
  • Cookies and similar tracking technologies (see Section 7)

3. Purpose and Legal Basis for Processing

We process your personal data for the following purposes under lawful bases as defined by the DPDPA 2023:

  • Consent: When you sign up, subscribe to our waitlist, or submit your founder profile
  • Legitimate Interest: To operate, maintain, and improve the platform; to send relevant communications
  • Contractual Obligation: To provide the services you have requested
  • Legal Compliance: To comply with applicable Indian laws and regulations

4. Data Storage and Security

Your data is stored securely on Supabase (hosted on AWS infrastructure). We implement industry-standard security measures including:

  • Row Level Security (RLS) policies on all database tables
  • Encrypted data transmission (TLS/SSL)
  • OAuth 2.0 authentication (no passwords stored)
  • Regular security audits and vulnerability assessments

As required under the IT Act 2000 and DPDPA 2023, we implement reasonable security practices and procedures to protect your Sensitive Personal Data or Information (SPDI).

5. Data Sharing and Disclosure

We do NOT sell your personal data. We may share data only in the following cases:

  • Service Providers: Supabase (database), Vercel (hosting), Google (authentication)
  • Legal Requirements: When required by law, court order, or government authority under Indian law
  • Publicly Shared Content: Messages posted in community channels are visible to all authenticated users

6. Your Rights (DPDPA 2023)

Under the Digital Personal Data Protection Act, 2023, you have the right to:

  • Right to Access: Request a summary of your personal data and processing activities
  • Right to Correction: Request correction of inaccurate or incomplete personal data
  • Right to Erasure: Request deletion of your personal data (subject to legal retention requirements)
  • Right to Grievance Redressal: Lodge a complaint with our Data Protection Officer or the Data Protection Board of India
  • Right to Nominate: Nominate another person to exercise your rights in case of death or incapacity

To exercise any of these rights, please contact us at privacy@startupulse.space.

7. Cookies Policy

We use essential cookies for authentication session management. These cookies are necessary for the platform to function and cannot be disabled. We do not use advertising or tracking cookies.

8. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. If you request account deletion, we will erase your data within 30 days, except where retention is required by Indian law.

9. Cross-Border Data Transfer

Your data may be transferred to and processed in countries outside India (where our cloud infrastructure providers operate). Such transfers are made in compliance with Section 16 of the DPDPA 2023 and only to jurisdictions not restricted by the Central Government of India.

10. Children's Privacy

StartupPulse is not intended for users under the age of 18. We do not knowingly collect personal data from children. If we become aware that a child has provided us with personal data, we will take steps to delete such information.

11. Grievance Officer

In accordance with the Information Technology Act, 2000 and the DPDPA 2023, the Grievance Officer for StartupPulse can be contacted at:

Email: grievance@startupulse.space

Response Time: Within 30 days of receiving a complaint

12. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically.

๐Ÿ“ง Questions about this policy? Contact us at privacy@startupulse.space