TechValuator

Privacy Notice

Last updated: May 15, 2026

1. Who we are

TechValuator ("we", "us") operates the TechValuator service. We act as the data controller for the personal data described in this notice.

2. What we collect

  • Account data: email address, display name, password hash (or Google OAuth identifier).
  • Profile data: avatar URL if provided by your sign-in provider.
  • Valuation inputs: the technology descriptions, categories, market notes and other fields you submit to generate a report.
  • Valuation outputs: the AI-generated report stored under your account.
  • Usage data: timestamps, request metadata, error logs, and device/browser information collected automatically for security and product improvement.
  • Order metadata: a record that you completed a purchase (transaction ID, amount, date, environment). Card details are processed by Paddle and never reach our systems.

3. Why we use it (purposes & legal bases)

  • To create your account, authenticate you, and provide the Service — performance of contract.
  • To generate, store, and display your valuation reports — performance of contract.
  • To prevent fraud, abuse, and security incidents — legitimate interest.
  • To improve the Service (aggregated diagnostics, error logs) — legitimate interest.
  • To respond to your support inquiries — performance of contract / legitimate interest.
  • To comply with legal obligations (tax, accounting, lawful requests) — legal obligation.

4. Who we share it with

We share personal data only with categories of recipients required to operate the Service:
  • Paddle, our Merchant of Record, for the sale of the product, payment processing, tax compliance, invoicing, and refund handling.
  • Hosting and infrastructure providers that store the database and serve the application.
  • AI inference provider(s) used to generate valuation reports from your inputs.
  • Authentication providers (e.g. Google) if you sign in via OAuth.
  • Professional advisers (legal, accounting) where strictly necessary.
  • Authorities where required by law.

5. International transfers

Some recipients may be located outside your country. Where data leaves the UK/EEA, we rely on Standard Contractual Clauses or equivalent safeguards to protect it.

6. How long we keep it

We retain account and valuation data for as long as your account is active. If you delete your account or ask us to remove your data, we delete or anonymize it within a reasonable period, except where retention is required by law (e.g. tax records).

7. Your rights

Depending on where you live, you may have the right to access, correct, delete, restrict, or port your personal data; to object to processing; to withdraw consent; and to complain to your local data protection authority. UK/EEA users have these rights under the UK GDPR / EU GDPR and we will respond within one month. To exercise any right, contact us via the Paddle.net buyer portal or your account settings.

8. Security

We use appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, and audit logging. No system is perfectly secure; we cannot guarantee absolute security.

9. Cookies

We use cookies that are strictly necessary to operate the Service (session cookies, security cookies). We do not currently set advertising cookies. If we add analytics or marketing cookies in the future, we will update this notice and provide a way to manage your preferences.

10. Changes

We may update this notice from time to time. Material changes will be communicated through the Service.