Skip to content
FundUnlocked

Legal · FundUnlocked

Privacy Policy

How FundUnlocked collects, uses, protects, and shares your information when you use our site and services.

Last updated

This Privacy Policy explains how FundUnlocked ("FundUnlocked", "we", "us") collects, uses, and safeguards information when you visit fundunlocked.com, read our content, or purchase any of our done-for-you funding submission services (starting with the NSF SBIR Project Pitch). We wrote this in plain English on purpose.

Who we are

FundUnlocked is a United States-based service that helps businesses, startups, and organizations turn their raw materials into submission-ready funding applications, grant submissions, and high-stakes proposals. If you have any privacy question, email contact@fundunlocked.com and we'll respond.

What we collect

1. Information you give us directly

  • Order information (via our payment processor, Stripe): your name, email address, phone number if provided, and billing address, so we can fulfill and support your order.
  • Intake information (via our intake form after checkout): company name, website, a paragraph describing your technology, optional industry, optional materials you paste in, and optional context. This is the raw material our writers use to draft your Project Pitch.
  • Communications: anything you email us at contact@fundunlocked.com, reply to our emails, or share during the revision process.

2. Information collected automatically

  • Referral & attribution IDs: click identifiers (gclid, gbraid, wbraid, msclkid, fbclid) and UTM parameters from URLs you arrive on, stored in first-party cookies for up to 90 days. We use these to measure advertising effectiveness.
  • Basic technical data: IP address, user-agent, pages viewed, referrer, timestamps. Cloudflare processes this data as part of delivering the site and protecting it from abuse.
  • Conversion signals: when you complete a purchase, we send a conversion event to Google Ads via Cloudflare Zaraz. For Google Ads Enhanced Conversions we send hashed versions of your email, phone, name, and address (SHA-256, one-way) so Google can match conversions without us exposing your raw information. Raw identifiers never leave your browser in cleartext.

How we use it

  • Deliver the service you paid for: drafting, reviewing, and delivering your NSF Project Pitch, and communicating with you about it.
  • Operate the site: fraud detection, performance monitoring, security, and customer support.
  • Measure advertising: so we know which ads actually bring customers, and stop paying for ones that don't.
  • Meet legal obligations: tax, accounting, responding to lawful requests.

We do not sell your personal information. We do not share it with third parties for their own marketing. We do not send you promotional email after your order unless you explicitly opt in.

Who processes your data on our behalf

We use a small number of trusted vendors, each with their own privacy commitments:

  • Stripe (payments): handles your card details and billing info. We never see your card number.
  • Resend (email delivery): sends your order confirmation and intake-follow-up emails.
  • Cloudflare (hosting, CDN, analytics, Zaraz tag manager): serves our site and runs the server-side logic.
  • Google Ads (conversion measurement): receives hashed conversion signals so we can measure ads.

How long we keep it

  • Order records: as long as required by tax and accounting law (typically 7 years in the US).
  • Intake content & email threads: retained as part of your order file for up to 3 years so we can support re-engagement, refund questions, or follow-up work. You can request deletion earlier (see below).
  • Attribution cookies: up to 90 days.

Your rights

Regardless of where you live, you can ask us to:

  • Tell you what personal data we have about you.
  • Correct inaccurate data.
  • Delete your data (subject to our legal retention obligations for paid orders).
  • Stop using your data for analytics / advertising measurement.

EU/UK residents have rights under GDPR; California residents have rights under CCPA/CPRA including the right to opt out of "sale" or "sharing" (we don't do either). To exercise any right, email contact@fundunlocked.com from the account address you used with us and we'll respond within 30 days.

International transfers

We are based in the United States and our vendors are US-based (Stripe, Resend, Cloudflare, Google). If you contact us from outside the US, your information will be transferred to and processed in the US, under standard contractual protections where applicable.

Cookies

We use a small number of first-party cookies, all strictly necessary for the site to work or to measure advertising:

  • _fu_gclid, _fu_gbraid, _fu_wbraid, _fu_msclkid, _fu_fbclid — ad click identifiers, 90-day expiry.
  • Cookies set by Cloudflare for site security and performance.

We do not use third-party advertising cookies. You can clear these at any time in your browser settings.

Children

FundUnlocked is a B2B service. We do not knowingly collect information from anyone under 18. If you believe a minor has submitted information to us, email contact@fundunlocked.com and we will delete it.

Security

All traffic to fundunlocked.com is served over TLS. Payment data is tokenized by Stripe and never touches our servers. Emails are sent via Resend over authenticated transport. Internal access to customer data is limited to team members actively working on your order.

Changes

If we materially change this Policy, we will update the "Last updated" date at the top and, for significant changes, notify active customers by email.

Contact

Privacy questions: contact@fundunlocked.com.

See also our Terms of Service and Refund Policy.

Questions about this document? Reach us at contact@fundunlocked.com.