Privacy Policy
YOUR PRIVACY MATTERS
We believe in radical transparency. This policy explains exactly how we collect, use, and protect your data.
Last Updated: January 1, 2026
1. Information We Collect
We collect information to provide, improve, and protect our services. Here's what we gather:
Account Information
• Name, email address, and password when you create an account
• Institutional affiliation (college/university) for verification
• Profile information you choose to share (bio, skills, experience) Verification Data
• Institutional email addresses for domain verification
• Academic credentials (degree, graduation year, field of study)
• We do NOT store copies of ID documents after verification Usage Information
• How you interact with our platform (pages visited, features used)
• Device information (browser type, operating system, IP address)
• Cookies and similar technologies for session management Communication Data
• Messages you send to other members
• Feedback and support requests
• Survey responses (when you choose to participate) Trust & Reputation Data
• Vouches given and received
• Trust Score calculations
• Activity within War Rooms and community spaces
• Name, email address, and password when you create an account
• Institutional affiliation (college/university) for verification
• Profile information you choose to share (bio, skills, experience) Verification Data
• Institutional email addresses for domain verification
• Academic credentials (degree, graduation year, field of study)
• We do NOT store copies of ID documents after verification Usage Information
• How you interact with our platform (pages visited, features used)
• Device information (browser type, operating system, IP address)
• Cookies and similar technologies for session management Communication Data
• Messages you send to other members
• Feedback and support requests
• Survey responses (when you choose to participate) Trust & Reputation Data
• Vouches given and received
• Trust Score calculations
• Activity within War Rooms and community spaces
2. How We Use Your Information
We use your information for the following purposes:
Core Service Delivery
• Verify your institutional affiliation
• Calculate and display your Trust Score
• Connect you with other verified members
• Facilitate professional networking and mentorship Platform Improvement
• Analyze usage patterns to improve features
• Debug technical issues
• Develop new products and services Safety & Security
• Detect and prevent fraud, abuse, and policy violations
• Protect members from harassment and spam
• Enforce our Terms of Service and Community Guidelines Communication
• Send service-related notifications
• Respond to your support requests
• Share platform updates (with your consent)
• Notify you about relevant opportunities (with your consent) We do NOT:
• Sell your personal information to third parties
• Use your data for advertising purposes
• Share your private messages without consent
• Make automated decisions that significantly affect you without human oversight
• Verify your institutional affiliation
• Calculate and display your Trust Score
• Connect you with other verified members
• Facilitate professional networking and mentorship Platform Improvement
• Analyze usage patterns to improve features
• Debug technical issues
• Develop new products and services Safety & Security
• Detect and prevent fraud, abuse, and policy violations
• Protect members from harassment and spam
• Enforce our Terms of Service and Community Guidelines Communication
• Send service-related notifications
• Respond to your support requests
• Share platform updates (with your consent)
• Notify you about relevant opportunities (with your consent) We do NOT:
• Sell your personal information to third parties
• Use your data for advertising purposes
• Share your private messages without consent
• Make automated decisions that significantly affect you without human oversight
3. Information Sharing
We share your information only in specific circumstances:
With Your Consent
• When you explicitly agree to share information
• When you make your profile visible to other members
• When you participate in public War Rooms or forums With Other Members
• Profile information you mark as visible
• Trust Score and badge information
• Public posts and contributions With Service Providers
• Cloud hosting providers (data storage)
• Email service providers (transactional emails)
• Analytics providers (aggregated usage data only) All service providers are bound by contractual obligations to protect your data. For Legal Reasons
• When required by law or court order
• To protect rights, safety, or property
• To prevent fraud or security threats In Business Transfers
• If Guildom is acquired or merged with another company
• You will be notified before your information is transferred
• When you explicitly agree to share information
• When you make your profile visible to other members
• When you participate in public War Rooms or forums With Other Members
• Profile information you mark as visible
• Trust Score and badge information
• Public posts and contributions With Service Providers
• Cloud hosting providers (data storage)
• Email service providers (transactional emails)
• Analytics providers (aggregated usage data only) All service providers are bound by contractual obligations to protect your data. For Legal Reasons
• When required by law or court order
• To protect rights, safety, or property
• To prevent fraud or security threats In Business Transfers
• If Guildom is acquired or merged with another company
• You will be notified before your information is transferred
4. Data Security
We implement industry-standard security measures:
Technical Safeguards
• Encryption in transit (TLS 1.3) and at rest (AES-256)
• Secure password hashing (bcrypt with salting)
• Regular security audits and penetration testing
• Infrastructure hosted on SOC 2 compliant providers Access Controls
• Role-based access for employees
• Multi-factor authentication for admin access
• Audit logs for all data access Incident Response
• 24/7 monitoring for security anomalies
• Incident response plan for data breaches
• Commitment to notify affected users within 72 hours No system is 100% secure. We encourage you to:
• Use a strong, unique password
• Enable two-factor authentication
• Report suspicious activity immediately
• Encryption in transit (TLS 1.3) and at rest (AES-256)
• Secure password hashing (bcrypt with salting)
• Regular security audits and penetration testing
• Infrastructure hosted on SOC 2 compliant providers Access Controls
• Role-based access for employees
• Multi-factor authentication for admin access
• Audit logs for all data access Incident Response
• 24/7 monitoring for security anomalies
• Incident response plan for data breaches
• Commitment to notify affected users within 72 hours No system is 100% secure. We encourage you to:
• Use a strong, unique password
• Enable two-factor authentication
• Report suspicious activity immediately
5. Your Rights
You have the following rights regarding your data:
Access & Portability
• Request a copy of your personal data
• Export your data in a machine-readable format Correction
• Update inaccurate or incomplete information
• Correct your profile at any time Deletion
• Request deletion of your account and data
• We will delete your data within 30 days
• Some data may be retained for legal compliance Restriction
• Limit how we process your data
• Opt out of non-essential communications Objection
• Object to processing based on legitimate interests
• Withdraw consent for optional data uses To exercise any of these rights, email privacy@guildom.com with your request. We will respond within 30 days.
• Request a copy of your personal data
• Export your data in a machine-readable format Correction
• Update inaccurate or incomplete information
• Correct your profile at any time Deletion
• Request deletion of your account and data
• We will delete your data within 30 days
• Some data may be retained for legal compliance Restriction
• Limit how we process your data
• Opt out of non-essential communications Objection
• Object to processing based on legitimate interests
• Withdraw consent for optional data uses To exercise any of these rights, email privacy@guildom.com with your request. We will respond within 30 days.
6. Data Retention
We retain your data as follows:
Active Accounts
• Profile data: Retained while account is active
• Messages: Retained until you or recipient deletes them
• Activity logs: Retained for 2 years, then anonymized Deleted Accounts
• Account deletion requests processed within 30 days
• Backup data purged within 90 days
• Some data retained for legal compliance (up to 7 years) Anonymized Data
• Aggregated, non-identifiable data may be retained indefinitely
• Used for platform improvement and research Trust Score History
• Historical Trust Score data retained for platform integrity
• Anonymized after account deletion
• Profile data: Retained while account is active
• Messages: Retained until you or recipient deletes them
• Activity logs: Retained for 2 years, then anonymized Deleted Accounts
• Account deletion requests processed within 30 days
• Backup data purged within 90 days
• Some data retained for legal compliance (up to 7 years) Anonymized Data
• Aggregated, non-identifiable data may be retained indefinitely
• Used for platform improvement and research Trust Score History
• Historical Trust Score data retained for platform integrity
• Anonymized after account deletion
8. International Data Transfers
Your data may be processed outside your country:
Where We Process Data
• Primary servers located in India
• Backup and CDN servers may be in other countries
• Service providers may process data globally Safeguards
• Standard Contractual Clauses with international providers
• Encryption for all international transfers
• Compliance with applicable data protection laws For EU/UK Users
• We comply with GDPR requirements
• Legal basis for processing: Consent and Legitimate Interests
• Data Protection Officer: dpo@guildom.com
• Primary servers located in India
• Backup and CDN servers may be in other countries
• Service providers may process data globally Safeguards
• Standard Contractual Clauses with international providers
• Encryption for all international transfers
• Compliance with applicable data protection laws For EU/UK Users
• We comply with GDPR requirements
• Legal basis for processing: Consent and Legitimate Interests
• Data Protection Officer: dpo@guildom.com
9. Changes to This Policy
We may update this Privacy Policy from time to time:
Notification
• Material changes will be communicated via email
• Minor changes will be posted on this page
• Last updated date will be revised Review
• We encourage you to review this policy periodically
• Continued use after changes constitutes acceptance Questions If you have questions about changes, contact privacy@guildom.com
• Material changes will be communicated via email
• Minor changes will be posted on this page
• Last updated date will be revised Review
• We encourage you to review this policy periodically
• Continued use after changes constitutes acceptance Questions If you have questions about changes, contact privacy@guildom.com
10. Contact Us
For privacy-related inquiries:
Email: privacy@guildom.com
Data Protection Officer: dpo@guildom.com
Response Time: We aim to respond within 30 days
Regulatory Complaints
If you're unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority.
TL;DR Summary
- • We collect only what's necessary to run Guildom
- • We never sell your data to advertisers
- • Your messages are private unless you share them
- • You can delete your account and data anytime
- • We use industry-standard security measures
- • Questions? Email privacy@guildom.com