Legal
Privacy Policy
Last updated: June 2025
Overview
Valence OS (“we”, “us”, or “our”) is committed to protecting your personal data. This Privacy Policy explains what information we collect, how we use it, and your rights in relation to that data.
Valence OS is currently in private beta. Data collection is minimal and limited to what is necessary to provide the matching service.
1. Data We Collect
We collect the following categories of personal data:
- Prospect / client data: Name, email address, company name, and situational context submitted through the intake briefing form.
- Operator data: Professional CV and background information provided directly by operators who apply to join the Valence OS network. This data is stored securely and anonymized before being shown to any third party.
- Usage data: Standard server logs (IP address, browser type, pages visited) retained for security and operational purposes.
We do not collect payment card numbers, government IDs, or sensitive personal data.
2. How We Use Your Data
We use the data we collect for the following purposes:
- Matching client companies to relevant operators based on stated inflection points and situation types.
- Communicating with you about your request, match status, or platform updates.
- Improving the platform and refining our matching algorithms during the beta phase.
- Complying with legal obligations.
We will not use your data for automated decision-making that produces legal or similarly significant effects without your knowledge.
3. Operator Anonymization
Operator profiles displayed on the platform are anonymized by default. No personally identifiable information (PII) about an operator — including full name, employer history, or contact details — is shared with client companies without that operator’s explicit prior consent. Operators are identified by system tags (e.g., OPERATOR-CFO-942) until a mutual introduction is approved.
4. Data Sharing
We do not sell, rent, or trade your personal data to third parties. We may share data in the following limited circumstances:
- Service providers: Infrastructure and tooling providers (listed below) who process data on our behalf under contractual data processing agreements.
- Legal requirements: If required by law, regulation, court order, or governmental authority.
5. Data Storage and Security
Your data is stored on Supabase, a managed database platform with infrastructure hosted in the EU and/or US (Amazon Web Services). Supabase is SOC 2 Type II compliant and encrypts data at rest and in transit.
We implement reasonable technical and organisational measures to protect your data against unauthorised access, loss, or disclosure. No system is entirely secure; we will notify you promptly in the event of a breach that affects your personal data.
6. Cookies
Valence OS uses minimal cookies. We use session-only cookies necessary for platform functionality (e.g., authentication state). We do not use third-party advertising cookies or cross-site tracking cookies. A dismissal preference for the beta banner is stored in your browser’s localStorage, not as a cookie.
7. Your Rights (GDPR)
If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights under the GDPR:
- Right of access: Request a copy of the personal data we hold about you.
- Right to rectification: Request correction of inaccurate or incomplete data.
- Right to erasure: Request deletion of your personal data, subject to legal retention obligations.
- Right to restriction: Request that we limit how we process your data.
- Right to data portability: Request your data in a structured, machine-readable format.
- Right to object: Object to processing based on legitimate interests.
To exercise any of these rights, contact us at nessykalvo@gmail.com. We will respond within 30 days.
8. Data Retention
We retain your data only as long as necessary to fulfil the purposes described in this policy, or as required by law. You may request deletion of your data at any time by contacting us.
9. International Transfers
Data may be processed or stored in the United States and the European Union. Where data is transferred outside the EEA, we ensure appropriate safeguards are in place consistent with GDPR requirements.
10. Contact
For data-related requests, questions, or concerns, contact: nessykalvo@gmail.com