How we handle your data.

Last updated: April 2026

Who this applies to

This policy covers data submitted through the Seed Innovation portal at portal.seedinnovation.io (and the same portal at seedinnovation.io/app/). It applies to startups who submit a readiness assessment, partners who use the portal to evaluate startups, and to anyone who creates an account.

What we collect

When you create an account, we collect: your name, email address, and (for startup users) your company name. We also store a securely hashed version of your password.

When you submit a readiness assessment, we collect the answers you provide in the intake form. This includes information about your company's strategy, traction, team, capital position, and US market entry plans. If you upload supporting documents (pitch deck, financial model, supporting docs), we store those files in our object storage provider (Cloudflare R2) and extract their text contents for the AI evaluator to read.

When a Seed Innovation partner runs a "quick scan" on your behalf (typically after meeting you at an event), they may capture your company name, website, founder email, and a pitch deck. The quick scan is partner-internal until you claim it.

We do not collect: payment information, social security numbers, government identification numbers, medical records, or any data we don't need to evaluate the readiness of your company.

How we use it

Your submitted data is used for one purpose: to generate a readiness evaluation against the Seed Innovation rubric, and to inform Seed Innovation partners about whether and how they can help you enter the United States market.

Specifically:

• We send your intake answers (and any extracted document text) to Anthropic's Claude API as the system that generates your evaluation. Anthropic processes this data under their own privacy policy and does not use it to train their models.
• We send transactional emails (account verification, password reset, partner notifications, founder invites) via SendGrid under their privacy policy.
• Seed Innovation partners (currently Jason Seed, Steve, Damien) read the full evaluation and the original intake. They do not share it with anyone outside Seed Innovation without your permission.

Where it lives

Account data, intake answers, and AI evaluations are stored in a Postgres database hosted by Railway in the United States. Uploaded files are stored in Cloudflare R2. All data is encrypted in transit (HTTPS / TLS) and at rest (Cloudflare R2 encrypts objects at rest by default; the Postgres database uses Railway's encrypted volume).

API keys and other runtime secrets stored on our side are encrypted with AES-256-GCM in the application database before being written to disk.

How long we keep it

We retain submitted evaluations and uploaded files for 24 months after the most recent activity on your account (login, submission, or status change). After that, evaluations and files are automatically and permanently deleted.

You can request deletion of your data at any time before that — see "Your rights" below.

Your rights

You have the right to:

• Access the data we hold about you. Email hello@seedinnovation.io and we'll send you a copy within 30 days.
• Correct inaccurate data. You can edit your account info in the portal, or email us for changes you can't make yourself.
• Delete your data. You can request deletion from your account settings, or by emailing hello@seedinnovation.io. Deletions are processed within 30 days. Once processed, your account, your evaluations, your notes, and your files are permanently removed. Partner notes that reference your evaluation are anonymised but not deleted.
• Export your data in a machine-readable format. Email us.

What we never do

• We never sell your data to third parties.
• We never use your evaluation data to train AI models.
• We never share specific evaluations or documents with anyone outside Seed Innovation without your written permission.
• We never use cookies for advertising or third-party tracking. The only cookies we set are session cookies that keep you logged in.

Cookies

The portal sets one HttpOnly cookie (seed_session) when you log in. It contains a session token, expires after 30 days, and is used only to keep you authenticated. We don't use any third-party cookies, advertising trackers, or analytics scripts on the portal.

Children

The portal is for businesses. We don't knowingly collect data from anyone under 18.

Changes

If we make material changes to this policy, we'll notify portal account holders by email. Minor wording changes will be noted in the "Last updated" date above.

Contact

Questions, concerns, or data requests: hello@seedinnovation.io.

Seed Innovation is based in Palo Alto, California. We're subject to United States privacy law. If you're an Australian or EU resident submitting data to us, you're consenting to that data being processed in the United States.