Privacy Policy

ValueArchitect.ai — Effective April 2026 — Alpha Phase

This Privacy Policy describes how Soft Solutions Partners LLC ("we," "us," or "our") collects, uses, and protects information submitted through ValueArchitect.ai ("the Service"). By using the Service, you agree to the practices described in this policy.

1. Information We Collect

Account Information: When you register or are invited to use the Service, we collect your name, work email address, and organizational role.

Organization Data: Data you and your team members enter into the Service, including AI program strategies, initiatives, use cases, KPIs, risks, financial data, and team information. This data belongs to your organization.

Usage Data: We collect logs of actions taken within the Service (pages visited, features used, data created or modified) for security, audit, and service improvement purposes. We do not sell usage data.

Communications: If you contact us by email or through our contact form, we retain that correspondence.

We do not intentionally collect: Protected Health Information (PHI), Social Security Numbers, payment card numbers, or other highly sensitive personal data. Users are responsible for ensuring they do not enter such data into the Service during the alpha phase.

2. How We Use Your Information

To provide, operate, and improve the Service
To authenticate your identity and enforce access controls
To generate AI-powered reports and analysis using your organization's data
To send service-related communications (account setup, security notifications)
To respond to your support requests
To maintain security and audit logs

We do not use your organization's data to train AI models, and we do not sell your data to third parties.

3. AI Processing

When you use AI-powered features (report generation, readiness assessments, brand monitoring), your organization's data is transmitted to Anthropic's API (Claude) to generate the requested output. This data is processed in accordance with Anthropic's API terms of service and is not used by Anthropic to train their models. Data sent to Anthropic is not retained by Anthropic beyond the duration of the API call.

We do not share your data with any other AI provider.

4. Data Sharing

We do not sell your personal information or your organization's data. We share data only in the following limited circumstances:

Infrastructure providers: Supabase (database hosting) and Netlify (application hosting) process data as part of delivering the Service. Both providers are bound by their own privacy and security terms.
AI processing: Anthropic processes data as described in Section 3.
Legal requirements: We may disclose data if required by law, court order, or governmental authority.
Business transfers: If Soft Solutions Partners LLC is acquired or merged, your data may transfer to the acquiring entity, with notice provided to users.

PENDING LEGAL REVIEW: The business transfers clause and legal requirements clause should be reviewed by counsel to ensure appropriate protections for users in regulated industries.

5. Data Retention

We retain your account and organization data for as long as your account is active. If you request account deletion, we will delete your data from our production systems within 10 business days and from backups within 30 days.

Audit logs are retained for a minimum of 90 days for security purposes.

6. Your Rights

You have the right to:

Access: Request a copy of all data we hold about you and your organization
Correction: Request correction of inaccurate data
Deletion: Request deletion of your data
Export: Request a machine-readable export of your organization's data
Objection: Object to certain uses of your data

To exercise any of these rights, contact us at hello@softsolutionspartners.com. We will respond within 5 business days.

PENDING LEGAL REVIEW: If EU users are anticipated, this section should be expanded to explicitly address GDPR rights and include a lawful basis for processing. If California users are anticipated, CCPA-specific language should be added.

7. Data Security

We implement technical and organizational measures to protect your data, including database-level access controls, encryption at rest and in transit, and access logging. See our Security page for full details.

No method of transmission or storage is 100% secure. While we take reasonable measures to protect your data, we cannot guarantee absolute security.

8. Cookies

The Service uses cookies and browser local storage to maintain your authenticated session. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. You can clear your browser storage at any time, which will sign you out of the Service.

9. Children's Privacy

The Service is intended for professional use by adults. We do not knowingly collect data from individuals under 18 years of age.

10. Changes to This Policy

We may update this Privacy Policy as the Service evolves. We will notify active users of material changes by email at least 14 days before they take effect. The date of the most recent revision appears at the top of this page.

11. Contact

For privacy-related questions or requests, contact us at:
Soft Solutions Partners LLC
hello@softsolutionspartners.com
www.softsolutionspartners.com