Privacy Policy

Last updated: 1 May 2026

1. Who we are

FolioVal (“we”, “us”, “our”) operates the peer-validated portfolio platform at folioval.com. We are committed to protecting your personal data and complying with the EU General Data Protection Regulation (GDPR), the UK GDPR, and all other applicable privacy laws.

For privacy-related enquiries, contact us at: privacy@folioval.com

2. Data we collect

We collect and process the following categories of personal data:

  • Account data: email address, full name, username, profile photo, bio, and professional field(s).
  • Portfolio data: work samples, case studies, links, and files you upload to your profile.
  • Validation data: written validations you give or receive, relationship type, and metric ratings.
  • Usage data: pages visited, features used, and interaction timestamps — collected via server logs and first-party analytics.
  • Device data: browser type, operating system, and IP address for security and abuse prevention.

3. Legal basis for processing

We process your data under the following legal bases:

  • Contract performance: to provide you with the FolioVal service once you create an account.
  • Legitimate interests: to operate and improve the platform, detect abuse, and ensure security.
  • Consent: for optional marketing communications. You may withdraw consent at any time.
  • Legal obligation: where required to comply with applicable law.

4. How we use your data

  • To create and maintain your account and public profile.
  • To display your portfolio and Trust Score to visitors.
  • To enable peer validations between users.
  • To calculate your Trust Score based on validation signals.
  • To send transactional emails (e.g. new validation received, account notices).
  • To detect and prevent fraud, spam, and abuse.
  • To comply with legal obligations and respond to lawful requests.

5. Data sharing

We do not sell your personal data. We share data only with trusted service providers who process it on our behalf under data processing agreements (e.g. cloud hosting, email delivery, analytics). We may also disclose data where required by law or to protect the rights and safety of users.

Public profile information — including your name, username, portfolio items, validations, and Trust Score — is visible to anyone who visits your profile URL.

6. Data retention

We retain your personal data for as long as your account is active. If you delete your account, we will delete or anonymise your personal data within 30 days, except where retention is required by law or for legitimate interest (e.g. fraud prevention records for up to 6 years).

Validations you have given to others are anonymised (not deleted) upon account deletion, as they form part of another user’s verifiable record.

7. Your rights

Under GDPR and UK GDPR, you have the following rights:

  • Access: request a copy of the personal data we hold about you.
  • Rectification: request correction of inaccurate data.
  • Erasure: request deletion of your personal data (“right to be forgotten”).
  • Restriction: request that we restrict processing of your data.
  • Portability: receive your data in a structured, machine-readable format.
  • Objection: object to processing based on legitimate interests.
  • Withdraw consent: at any time where processing is based on consent.

To exercise any of these rights, email privacy@folioval.com. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection authority.

8. Cookies

FolioVal uses strictly necessary cookies to maintain your session after login. We do not use third-party tracking cookies or advertising cookies. You can control cookies through your browser settings; disabling session cookies will prevent you from logging in.

9. Security

We implement industry-standard technical and organisational security measures including encryption in transit (TLS), encrypted passwords, and access controls. No system is completely secure; we encourage you to use a strong, unique password and to keep your login credentials private.

10. International transfers

Your data may be processed in countries outside the European Economic Area. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

11. Children

FolioVal is not directed at or intended for use by individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

12. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or via a notice on the platform before the changes take effect. Continued use of FolioVal after the effective date constitutes acceptance of the updated policy.