Legal

Privacy Policy

Last updated 2026-06-01


This Privacy Policy explains how Valcour Ad-Targeting (“we,” “us”) handles information when you use our website, APIs, and the targeting assistant (the “Service”).

1. Data we collect

2. How we use it

We use the information above to answer your questions to the assistant, prevent abuse and rate-limit requests, comply with legal obligations, and improve the Service. We do not sell personal information, and we do not use the questions you ask the assistant to train third-party models.

3. Third-party processors

We rely on the following sub-processors. Each is bound by contractual data-protection commitments:

4. Data retention

Access to the assistant requires an organization account. Your conversations are tied to your account so you can return to them; you can export or delete your conversation data at any time, and deleted data is hard-purged after a 30-day window. Diagnostic logs (including the IP-derived rate-limit data above) are kept for 30 days and then deleted. If you contact us by email, we retain that correspondence for as long as needed to handle your request, subject to legal record-keeping obligations.

5. Your rights

Depending on where you live, you may have the right to access, correct, delete, or export your personal information; to object to or restrict certain processing; and to lodge a complaint with a supervisory authority.

6. Security

All traffic is encrypted in transit with TLS 1.2 or higher. Data at rest is encrypted using the underlying provider’s managed keys (AWS KMS, Neon storage encryption). Access to production systems is restricted to a small number of named engineers, gated by SSO with hardware-token MFA, and audited. Backups are encrypted and retained on a rolling 30-day window.

7. International transfers

Our infrastructure is located in the United States. If you access the Service from outside the U.S., you understand that your information will be transferred to and processed in the U.S. Where required, we rely on the EU Standard Contractual Clauses or equivalent transfer mechanisms.

8. Children

The Service is intended for use by adults in a professional capacity. We do not knowingly collect information from anyone under 16. If you believe a child has provided us information, contact us and we will delete it.

9. Changes

We may update this Policy from time to time. Material changes will be announced by email or in-product notice at least 14 days before they take effect.

10. Contact and data requests

To exercise any of the rights above, or to ask any other question about this Policy, email ads@valcour.ai. We respond to verified requests within 30 days.


This document is a starting point. It is not legal advice. We recommend reviewing it with your own counsel before relying on it for an active engagement, especially if you operate in jurisdictions with sector-specific privacy regimes (HIPAA, GLBA, COPPA, state biometric laws).

Privacy Policy · Valcour Ad-Targeting