ValmockValmock

Privacy Policy

Last Updated: January 2026

We respect your privacy. This policy explains what data we collect, how we use it, and your rights.

TL;DR: We don't sell your data, ever.

1. What Data We Collect

Account information:

  • Email address (required)
  • Username (optional)
  • Password (encrypted, we can't see it)
  • Payment details (stored by Stripe, not us)

Usage data:

  • Projects you create
  • Credits used
  • Pages visited
  • Login times
  • Device/browser info (anonymous)

Generated content:

  • Your project descriptions
  • Generated mockups, videos, landing pages
  • Waitlist emails (if people sign up)

Analytics:

  • Page views on your validation pages
  • Signup conversion rates
  • (We don't track individual visitors)

2. How We Use Your Data

To provide the service:

  • Generate your mockups and videos
  • Host your landing pages
  • Process payments
  • Send transactional emails (confirmations, receipts)

To improve Valmock:

  • Understand which features are used
  • Fix bugs and errors
  • Optimize generation quality

To communicate with you:

  • Product updates (you can opt out)
  • Security alerts (you can't opt out)
  • Support responses

3. What We Don't Do

We NEVER:

  • Sell your data to third parties
  • Use your projects to train AI models (your ideas stay yours)
  • Share your email with marketers
  • Track you across other websites
  • Show you targeted ads

4. Cookies & Tracking

We use minimal cookies:

  • Authentication — keep you logged in
  • Analytics — Plausible, privacy-friendly, no personal data
  • Preferences — remember your settings

We don't use:

  • Facebook Pixel
  • Google Analytics (we use privacy-focused Plausible)
  • Third-party ad trackers

5. Third-Party Services

We share data with:

Stripe (payments)

Card details, billing address. They're PCI-DSS compliant, we never see your card.

OpenAI (image generation)

Your product descriptions (to generate mockups). They don't use your data for training (per our enterprise agreement).

Runway (video generation)

Your product descriptions. Same privacy protections as OpenAI.

Supabase (data storage)

All your project data. Encrypted at rest, SOC 2 compliant.

Vercel (hosting)

Your landing pages. GDPR compliant.

6. Data Storage & Security

Where your data is stored:

  • US and EU servers (Supabase, Vercel)
  • Encrypted in transit (HTTPS) and at rest (AES-256)

Security measures:

  • Passwords hashed with bcrypt
  • Regular security audits
  • Automatic backups
  • SOC 2 Type II compliance (target: Q3 2026)

Breach notification:

  • If there's a breach, we'll email you within 72 hours
  • We'll notify authorities as required by law

7. Your Rights (GDPR/CCPA)

You have the right to:

Access your data

Download all your projects (Settings → Export Data)

Delete your data

Delete account (Settings → Delete Account). All data purged within 30 days.

Correct your data

Update email, display name anytime

Object to processing

Opt out of marketing emails (unsubscribe link)

Data portability

Export as JSON (machine-readable)

For EU residents:

For California residents (CCPA):

8. Children's Privacy

We don't knowingly collect data from users under 18.

If you're under 18:

If we learn a user is under 13, we'll delete their account immediately (COPPA compliance).

9. Changes to Policy

We may update this policy:

  • Changes posted 30 days before taking effect
  • Material changes: We'll email you
  • Continued use = acceptance

Version history:

  • v1.0: January 2026 (launch)

10. Contact

Privacy questions:

Email: support@valmock.com

Response time: 7 business days

Data protection officer (DPO):

Email: support@valmock.com

⚖️These terms were last reviewed on January 2026. We recommend consulting your own lawyer for your specific situation. For questions, email support@valmock.com