ValidateDispatch

Privacy Policy

Effective date: May 14, 2026

1. Who we are

ValidateDispatch is operated by DCP3 Enterprises (“we,” “us,” or “our”). We provide an AI-powered platform for answering security questionnaires and RFPs. If you have questions about this policy, contact us at dcp3enterprises@gmail.com.

2. Information we collect

We collect information you provide directly and information generated through your use of the service:

  • Account information: name, email address, and organisation details provided at sign-up (managed via Clerk).
  • Content you upload: documents, questionnaires, and other files you add to your Knowledge Base.
  • Usage data: pages visited, features used, and actions taken within the platform.
  • Communications: messages you send us via email or contact forms.
  • Payment information: billing details processed by Stripe — we never store raw card numbers.

3. How we use your information

  • To provide, operate, and improve the ValidateDispatch service.
  • To generate AI-drafted answers from your Knowledge Base documents.
  • To send transactional emails (account setup, run completion, submission notifications).
  • To process payments and manage your subscription.
  • To respond to support requests and inquiries.
  • To comply with legal obligations and enforce our Terms of Service.

4. How we share your information

We do not sell your personal data. We share information only in the following circumstances:

  • Service providers: Vercel (hosting), Neon (database), Clerk (authentication), Resend (email), Stripe (payments), and Anthropic / OpenAI (AI processing). Each is bound by data processing agreements.
  • Legal requirements: when required by law, court order, or to protect the rights and safety of our users.
  • Business transfers: in connection with a merger, acquisition, or sale of assets, with advance notice.

5. Data retention

We retain your data for as long as your account is active or as needed to provide the service. You may request deletion of your organisation’s data at any time through Settings → Data & Privacy, or by emailing dcp3enterprises@gmail.com. We will process deletion requests within 30 days.

6. Security

We use industry-standard security measures including encryption in transit (TLS), encryption at rest, strict tenant data isolation, and role-based access controls. API keys are stored as SHA-256 hashes — we never store the raw key. We are pursuing SOC 2 Type II certification.

7. Your rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your data (right to erasure).
  • Object to or restrict certain processing.
  • Data portability — export your data in JSON format via Settings.

To exercise these rights, email us at dcp3enterprises@gmail.com.

8. Cookies

We use essential cookies for authentication and session management (via Clerk). We do not use third-party advertising or tracking cookies.

9. Children

ValidateDispatch is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe we have collected such data, contact us immediately.

10. Changes to this policy

We may update this policy from time to time. We will notify you of material changes by email or by posting a notice in the application. Your continued use of the service after changes take effect constitutes acceptance of the updated policy.

11. Contact

For privacy-related questions or requests, contact us at dcp3enterprises@gmail.com.