PRIVACY POLICY

1. Who We Are

Startup Food Biz ("Startup Food Biz," "SFB," "we," "us," or "our") operates StartupFoodBiz.com, an educational platform providing compliance information, resources, and subscription-based tools for food, beverage, and dietary supplement businesses.

Our services include:

  • Free educational content and articles

  • Compliance Vault (subscription-based templates, videos, and training)

  • Downloadable resources and tools

  • Email newsletters and updates

Startup Food Biz is affiliated with:

  • USImports.us (import compliance services)

  • Morsel Law, PLC (legal services)

Each affiliated entity operates under separate privacy policies. This Privacy Policy applies only to StartupFoodBiz.com and Compliance Vault services.

This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you:

  • Visit our website

  • Purchase services or digital products

  • Subscribe to emails

  • Access client portals

  • Interact with us online or offline

If you do not agree with this Privacy Policy, please do not use our services.

2. Information We Collect

We collect the following categories of personal information:

A. Information You Provide Directly

  • Name

  • Business name

  • Email address

  • Phone number

  • Billing address

  • Payment information (processed by third-party providers)

  • Company formation details

  • Product information submitted for regulatory review

  • Communications with us

B. Account Information

If you create an account, we may collect:

  • Login credentials

  • Account activity

  • Service history

  • Subscription status

C. Subscription Information

If you subscribe to Compliance Vault, we collect:

  • Subscription tier (Essentials or Pro)

  • Billing cycle (monthly or annual)

  • Payment information (processed by Stripe/Podia)

  • Subscription status and history

  • Content access and download history

  • Video viewing activity

  • Template downloads

  • Support inquiries

Note: Compliance Vault is hosted on Podia, a third-party platform. Information collected through your Compliance Vault account is subject to both this Privacy Policy and Podia's Privacy Policy. See Section 6.1 for details on how we share information with Podia.

D. Automatically Collected Information

When you visit our website, we may collect:

  • IP address

  • Device information

  • Browser type

  • Pages visited

  • Referral source

  • Usage data

  • Cookie identifiers

We use cookies and similar technologies for analytics, functionality, and marketing.

E. Business Information You Provide

As part of using Compliance Vault or requesting consultation, you may voluntarily provide:

  • Product formulations

  • Ingredient lists

  • Proprietary business information

  • Trade secrets

We treat all client business information as confidential and protect it with appropriate security measures. We do not share this information except as necessary to provide services or as required by law.

F. Sensitive Personal Information

We do not intentionally collect sensitive personal information such as Social Security numbers or government IDs. If such information is provided voluntarily as part of a regulatory filing, it is processed solely for that purpose and protected with appropriate safeguards.

3. How We Use Your Information

We use personal information to:

  • Provide consulting and compliance services

  • Process payments

  • Manage subscriptions and accounts

  • Deliver digital products

  • Respond to inquiries

  • Improve website functionality

  • Conduct analytics

  • Send marketing communications (where permitted)

  • Comply with legal obligations

  • Enforce contracts

We do not sell personal information for monetary compensation.

4. Legal Bases for Processing (For EEA/UK Users)

If you are located in the European Economic Area or United Kingdom, we process your data under the following legal bases:

  • Performance of a contract

  • Legitimate interests

  • Consent

  • Legal obligation

5. Cookies and Tracking Technologies

We use:

  • Essential cookies (required for site functionality)

  • Analytics cookies (e.g., Google Analytics - tracks usage)

  • Marketing cookies (if applicable)

Cookie Consent:

When you first visit our website, you will see a cookie banner asking for your consent to non-essential cookies. You may accept, reject, or customize your preferences. You may also control cookies through your browser settings

6. How We Share Information

We share personal information with trusted third-party service providers who assist us in operating our business:

Website and Hosting:

  • Squarespace (website hosting and analytics)

  • Domain registrar services

Subscription Management:

  • Podia (Compliance Vault subscription platform)

  • Stripe (payment processing)

6.1 Compliance Vault Platform (Podia). Compliance Vault subscriptions are managed through Podia, a third-party subscription management platform. When you subscribe to Compliance Vault:

  • You create an account on Podia's platform

  • Podia processes your payment information via Stripe

  • Podia hosts your subscription content (videos, templates, member dashboard)

  • Your use of Podia is subject to Podia's Privacy Policy: https://www.podia.com/privacy

Information Shared with Podia: We share with Podia the information necessary to provide your subscription service:

  • Name and email address

  • Subscription tier selected (Essentials or Pro)

  • Payment information (processed directly by Podia/Stripe; we do not see your full payment details)

Information We Receive from Podia: Podia shares with us:

  • Your name and email

  • Subscription status (active, cancelled, paused)

  • Payment status (successful, failed)

  • Content access logs (which templates you've downloaded, videos you've watched)

  • Support inquiries submitted through the platform

We do not receive your full credit card number or bank account details. These are processed and stored by Stripe, Podia's payment processor. Podia's privacy practices are governed by their privacy policy, which we encourage you to review before subscribing.

Email and Communications:

  • ConvertKit, Mailchimp

Analytics:

  • Google Analytics (website analytics)

Cloud Storage:

  • Google Drive

Professional Services:

  • Legal and accounting professionals (as needed)

  • Compliance consultants (as needed)

Government and Legal:

  • Government agencies when required by law

  • Law enforcement pursuant to valid legal process

All third-party service providers are contractually obligated to protect your personal information and use it only for the purposes we specify.

Affiliated Entities:

We do not automatically share your information with USImports.us or MorselLaw.com. If you separately engage with those entities, their respective privacy policies apply.

We do not sell personal information. We do not knowingly share personal information for cross-context behavioral advertising without required disclosures or opt-out rights.

7. Data Retention

We retain personal information as follows:

Account Information:

  • Active accounts: Duration of relationship

  • - Cancelled accounts: 30 days after cancellation (or longer if required for tax/legal purposes)

Subscription Data:

  • Billing records: 7 years (tax compliance)

  • Downloaded templates: You retain; we delete access logs after 90 days of cancellation

  • Video viewing data: Deleted 30 days after cancellation

Marketing Communications:

  • Email list: Until you unsubscribe

  • Unsubscribe records: Permanently retained to honor opt-out

Legal Obligations:

  • As required by tax laws, accounting standards, or contractual obligations

When no longer required, personal information is securely deleted or anonymized.

8. Data Security

We implement reasonable administrative, technical, and physical safeguards, including:

  • SSL encryption in transit

  • Access controls

  • Secure cloud storage

  • Limited internal access

Contractual confidentiality requirements

No system can guarantee absolute security.

9. Your Privacy Rights

Depending on your jurisdiction, you may have the right to:

  • Access personal information

  • Correct inaccurate data

  • Request deletion

  • Obtain a copy of your data

  • Opt-out of marketing communications

  • Limit use of sensitive personal information

  • Object to processing (where applicable)

To exercise your rights, contact: info@startupfoodbiz.com. We may verify your identity before processing requests.

Email Marketing Opt-Out:

You will receive marketing emails only if you:

  • Subscribe to our newsletter

  • Create a Compliance Vault account

  • Download resources that require email signup

Every marketing email contains an "Unsubscribe" link. You may also opt out by emailing: info@startupfoodbiz.com

Note: Even after opting out of marketing emails, you will still receive:

  • Transactional emails (billing, account security)

  • Service updates (Compliance Vault content releases)

  • Emails you specifically request

To stop all emails, you must close your account.

Data Portability:

You have the right to receive your personal information in a structured, commonly used format. We will provide:

  • Account information (PDF or CSV)

  • Subscription history

  • Downloaded template list

  • Email communication history (if requested)

Templates and videos you've downloaded are already in portable formats (Word, PDF, MP4) and are yours to keep.

10. U.S. States Privacy Rights

If you are a California resident under California Privacy Rights Act (CPRA), you have the right to:

  • Know what personal information we collect

  • Request deletion

  • Request correction

  • Optout of sale or sharing of personal information

  • Limit use of sensitive personal information

  • Not be discriminated against for exercising rights

We do not sell personal information. Requests may be submitted to: info@startupfoodbiz.com. We will respond within legally required timeframes.

Virginia, Colorado, Connecticut, Utah (VCDPA, CPA, CTDPA, UCPA):

Residents of these states have similar rights to California residents. Contact info@startupfoodbiz.com to exercise your rights. We will verify your identity and respond within legally required timeframes (typically 45 days).

11. Do Not Track Signals

Our website does not currently respond to browser “Do Not Track” signals.

12. Third-Party Links

Our website may contain links to third-party sites. We are not responsible for their privacy practices.

13. Children’s Privacy

Our services are intended for business owners and adults. We do not knowingly collect personal information from children under 16.

14. International Data Transfers

If you access our services outside the United States, your information may be transferred to and processed in the United States. We implement appropriate safeguards where required by law.

15. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised “Last Updated” date.

16. Contact Us

Startup Food Biz: 8401 Mayland Dr Ste S, Richmond, VA 23294

Email: info@startupfoodbiz.com

Website: www.startupfoodbiz.com

17. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significant impacts on you.

Updated 2/19/26