Few Found markFewFound

Privacy Policy

Last updated: 7 May 2025

Few Found ("we", "us", or "our") is committed to protecting your privacy. This policy explains what data we collect, how we use it, and the rights you have over it.

1. Data We Collect

When you register or use Few Found, we may collect:

  • Account data: email address, hashed password, account role
  • Profile data: company name, website, team size, services, niche, platform, audience size, location
  • Reference data: names, designations, company names, and contact details of your references
  • Portfolio links: URLs you submit as work samples
  • Payment data: order IDs and payment status via Razorpay (we never store raw card details)
  • Usage data: pages visited, timestamps, browser type (via server logs)

2. How We Use Your Data

  • To process and review your verification application
  • To run AI-assisted pre-screening of your profile and references
  • To contact your references during the verification process
  • To send transactional emails (OTP codes, status updates)
  • To improve the platform and detect fraud

3. AI Processing

Submitted profile and reference data is processed by AI models (including Google Gemini, Anthropic Claude, and OpenAI GPT) to generate a credibility analysis. This data is used solely for verification and is not used to train third-party AI models. AI-generated decisions are always subject to human review before final approval.

4. Data Sharing

We do not sell your personal data. We may share data with:

  • Razorpay — for payment processing
  • AI providers — for verification analysis (subject to their data processing agreements)
  • Email providers — for transactional communications
  • Law enforcement — when required by applicable law

5. Verified Directory

If your application is approved, selected profile information (company/creator name, niche, platform, services, location) will appear in the public Few Found directory. You can request removal by contacting us.

6. Data Retention

We retain your account data for as long as your account is active. Rejected applications are retained for 12 months for fraud prevention purposes, then deleted. You may request deletion of your account and data at any time.

7. Security

Passwords are hashed using bcrypt (cost factor 12). Sessions are managed via signed JWT tokens stored in httpOnly cookies. We use TLS for all data in transit.

8. Your Rights

Under applicable Indian data protection law, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Withdraw consent for processing where consent is the legal basis

9. Cookies

We use a single session cookie (ff_session) for authentication. No third-party tracking or advertising cookies are used.

10. Contact

For privacy-related requests or questions, contact [email protected].

© 2026 Few Found. All rights reserved.