Privacy Notice
Last updated:We respect your privacy. This notice explains how we collect, use, and protect information submitted through our website forms.
- We collect only what you submit through our forms (e.g., name, email, message) plus anti-spam signals.
- We use it to respond to you, deliver services you request, and protect the site from abuse.
- We do not sell or rent personal information and we do not run behavioral advertising.
Who we are (data controller)
Xcelerate Innovation is the controller for personal information processed through this website.
- Address: 94 Hundred Corporate Center, 9375 E. Shea Blvd., Suite 100, Scottsdale, Arizona 85260 USA
What we collect
- Contact details you provide (name, email, message)
- Request metadata you include (e.g., request type, page URL)
- Anti-spam signals (honeypot field and CAPTCHA token; may include risk signals returned by providers)
How we use it
- To respond to your inquiry and provide requested services
- To administer, secure, and improve the website (e.g., prevent spam and abuse)
- To meet legal, accounting, or compliance obligations (when applicable)
Legal bases (where applicable)
- Consent (e.g., when you submit a form and request a response)
- Contract / pre-contract (e.g., to communicate about services you request)
- Legitimate interests (e.g., site security, fraud/spam prevention)
- Legal obligation (where required)
We do not sell or share personal information for advertising
Xcelerate Innovation does not monetize personal information. We do not sell or rent your data to third parties, and we do not engage in behavioral advertising, data brokering, or profiling for marketing purposes. Your information is used solely to respond to you and deliver or improve services consistent with this notice.
Cookies & similar technologies
This site is designed to operate without marketing trackers. Some third-party services we use for security may set or read cookies or collect device/browser signals to detect abuse.
Example: Google reCAPTCHA helps protect forms from spam and may analyze traffic characteristics. See Google’s Privacy Policy and Terms linked below.
How we store it
- Submissions are processed by our form provider and routed to us for response.
- We retain communications only as long as needed for the purpose collected, then delete or anonymize when feasible.
Where we process data
Our internal business systems are primarily operated from Switzerland. However, website and form processing may involve service providers that process data in the United States and other jurisdictions. Where cross-border transfers apply, we use appropriate contractual and security safeguards with vendors where available.
Service providers
The providers below support website operations, form delivery, security, and business administration. Some may process personal information submitted through forms.
| Category | Provider | Purpose | Location / Notes |
|---|---|---|---|
| Form Handling | Formspree | Receive and route website form submissions securely | United States (see provider terms/DPA) |
| Fraud / Abuse Prevention | Google reCAPTCHA v3 | Detect spam and abuse on forms | Global (Google infrastructure) |
| Hosting | Hostinger | Website hosting and SSL termination | United States & Global infrastructure |
| File Storage | Proton Drive | Secure document and backup storage | Switzerland — DPA |
| Proton Mail | Encrypted business communications | Switzerland — DPA | |
| Payment Processing | Stripe | Subscription billing and payment processing | United States — DPA |
| Network Security | NextDNS | Filtered Secure DNS / Internet Firewall (business security) | United States |
| Secure Communications | Proton VPN | Secure VPN tunnels for business communications (business security) | Switzerland — DPA |
Your choices & rights
You may request access, correction, deletion, or other actions regarding your personal information using the secure form below.
EEA/UK/CH (GDPR-style rights)
- Access, correction, deletion, restriction, objection, and portability (where applicable)
- Response timeframe: typically within one month, with extensions where permitted
California (CCPA/CPRA)
- Right to know/access, delete, correct, and opt out of sale/sharing (where applicable)
- We do not sell or share personal information for cross-context behavioral advertising
- Response timeframe: generally within 45 days, with extensions where permitted
- Non-discrimination: we will not discriminate for exercising privacy rights
Security
We use reasonable technical and organizational measures to protect personal information. No method of transmission or storage is 100% secure; please do not submit sensitive information via website forms.