Privacy Policy
2.1. Scope and Applicability
This Privacy Policy outlines how Validaze collects, processes, stores, and protects personal data from users of the Service, in compliance with applicable data protection laws including GDPR, CCPA, and Indonesia’s PDP.
2.2. Information We Collect
2.2.1. Account registration details (name, email), billing information, uploaded financial reports, and user-generated reports.
2.2.2. Interaction logs, IP addresses, device information, and performance metrics.
2.2.3. We do not collect sensitive data such as health, race, religion, or biometric identifiers.
2.3. Information We Collect
2.3.1. We authenticate users, facilitate data uploads, perform AI-driven analysis, and generate insights with capabilities scaled according to your subscription plan ranging from Free User to our various Premium User. This ensures that each user receives a level of service and functionality appropriate to their chosen plan.
2.3.2. To send system notifications, policy updates, and support responses, with priority support for paid plans
2.3.3. To analyze usage patterns for feature enhancements, troubleshooting, and security monitoring, ensuring compliance with plan-specific quotas.
2.4. Legal Bases for Processing
2.4.1. Where required by law for marketing communications.
2.4.2. Processing is necessary to perform our obligations under the Terms.
2.4.3. Improving service performance and preventing fraud, provided such interests do not override user rights.
2.5. Data Sharing and Disclosure
2.5.1. We do not engage external vendors for data processing.
2.5.2. May disclose data to law enforcement or regulators if required by law or court order.
2.5.3. In the event of a merger, acquisition, or sale of assets, user data may be transferred under confidentiality obligations.
2.6. Data Retention, Correction, and Deletion
2.6.1. Personal data is retained for the duration of the user’s account plus one year, unless a longer period is required by law.
2.6.2. Users can update their profile and account settings at any time.
2.6.3. Users may request complete deletion of personal data by contacting contact@validaze.com. We will comply within 30 days or as required by jurisdictional law.
2.7. Data Retention, Correction, and Deletion
2.7.1. Access and obtain a copy of your data.
2.7.2. Rectify inaccuracies in your personal data.
2.7.3. Erase your personal data (‘right to be forgotten’).
2.7.4. Restrict or object to processing.
2.7.5. To exercise these rights, please contact contact@validaze.com.
2.8. International Data Transfers
We transfer data across borders in compliance with GDPR’s adequacy decisions, Standard Contractual Clauses, or other legal mechanisms ensuring equivalent data protection levels.
