Legal

Privacy Policy

Last updated: March 2026

Valideaaa is an indie project built by one developer to help founders validate their ideas. This Privacy Policy explains what data is collected, why, and how it's handled. The short version: only the minimum data needed to make the product work.

1. Who collects your data

Valideaaa is operated by Nasrulloh Fath, an independent developer based in Indonesia. You can learn more at nasrullohfath.com.

2. What data is collected

•Account information (name, email address) — provided via Clerk authentication (Google / email sign-in).
•Idea inputs you enter in the validation form — problem statement, market, solution, business model.
•Generated validation reports — stored so you can access your history from the dashboard.
•Credit balance and usage — tracked to enforce the 5 credits/month limit.
•Basic usage metadata — request timestamps, session info for debugging.

3. How data is used

•To generate your validation reports using an AI language model (OpenAI API).
•To store and display your past reports on your dashboard.
•To enforce monthly credit limits.
•To authenticate you securely via Clerk.
•Your idea inputs are sent to OpenAI's API to generate the report. OpenAI may retain request data per their own privacy policy.

4. Data sharing

Your data is never sold, rented, or shared with third parties for marketing purposes. The following third-party services process data as part of delivering the product:

→Clerk (authentication) — manages sign-in and user identity.
→OpenAI (AI model) — receives your idea inputs to generate reports.
→Supabase / PostgreSQL (database) — stores your reports, projects, and account data.
→Vercel (hosting) — serves the application.

5. Data retention

Your account data and reports are stored for as long as your account is active. If you want your data deleted, contact me directly at the email below and it will be removed within 7 days.

6. Cookies

Valideaaa uses only the cookies required by Clerk for authentication (session tokens). No advertising cookies, no tracking pixels, no analytics trackers are used.

7. AI-generated content disclaimer

All reports are generated by an AI model and are for informational and exploratory purposes only. They do not constitute professional business, legal, financial, or investment advice. Always validate with real users and domain experts before making significant decisions.

8. Your rights

You have the right to access, correct, or delete your personal data at any time. To exercise these rights, contact me directly. If you are in the EU/EEA, you have additional rights under GDPR.

9. Contact

Questions about this policy? Reach out via nasrullohfath.com.

This privacy policy applies to the Valideaaa platform only. Third-party services listed above have their own privacy policies.

Priority Attention Required

Verified Strengths

[01] High Urgency Problem

[02] Clear Target Audience

[03] Willingness to Pay

Risk Assessment Log

[01] Fierce Competition

[02] Execution Difficulty

[03] Workflow Friction

Target Entity Profile

Velocity Vance (Lead Frontend Engineer)

Red Ocean

Model: Usage-Based API / Seat-Based SaaS

Assumption Risk Index (ARI)

Defensibility Audit Matrix

Go-To-Market Friction Log

Distribution Difficulty

90-Day Execution Schedule

Phase 01: Validation

Phase 02: Mitigation

Phase 03: Acquisition

Build Registry [Allow-List]

Scope Lockdown [Deny-List]

Acquisition Vectors (Initial Cohort)

Investor Lens

Reality Check

Top Priority Actions