Last Updated: February 1, 2026
1. Introduction
Source Impact, Inc. ("Source Impact," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, website, and mobile applications (collectively, the "Services").
By using our Services, you consent to the data practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our Services.
2. Information We Collect
2.1 Information You Provide
| Category | Examples | Purpose |
|---|---|---|
| Account Information | Name, email, password, phone number | Account creation and authentication |
| Profile Information | Bio, photos, social media links, skills, categories | Creating your talent or brand profile |
| Payment Information | Bank account, payment card details (via Stripe) | Processing payments and payouts |
| Communication Data | Messages, support tickets, feedback | Facilitating deals and providing support |
| NIL Information (Athletes) | School, sport, NCAA ID, eligibility status | NIL compliance verification |
2.2 Information Collected Automatically
- Device Information: Device type, operating system, browser type, unique device identifiers
- Usage Data: Pages visited, features used, actions taken, time spent on platform
- Location Data: IP address, general geographic location (city/region level)
- Cookies and Tracking: See Section 7 for details on cookies
2.3 Information from Third Parties
- Social Media: Public profile information when you connect social accounts
- Analytics Partners: Aggregated engagement and audience data
- Payment Processors: Transaction verification and fraud prevention data
- Identity Verification: Background check results (with your consent)
3. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve our Services
- Create and manage your account
- Facilitate connections between talent and brands
- Process transactions and send related information
- Send notifications about deals, opportunities, and platform updates
- Provide AI-powered matching and recommendations
- Verify NIL compliance for athletes
- Detect, prevent, and address fraud, abuse, and security issues
- Respond to your comments, questions, and support requests
- Analyze usage patterns to improve user experience
- Comply with legal obligations
4. How We Share Your Information
4.1 With Your Consent
We share your profile information with other users as part of the platform's core functionality. When you apply for opportunities or message other users, relevant information is shared to facilitate those connections.
4.2 Service Providers
We share information with third-party vendors who provide services on our behalf:
- Stripe: Payment processing
- SendGrid: Email delivery
- Twilio: SMS notifications
- Firebase: Push notifications and analytics
- Google (Gemini AI): AI-powered features
- Cloud hosting providers: Data storage and computing
4.3 Legal Requirements
We may disclose information when required by law, court order, or governmental regulation, or when we believe disclosure is necessary to protect our rights, users' safety, or investigate fraud.
4.4 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.
We Never Sell Your Personal Data
Source Impact does not sell, rent, or trade your personal information to third parties for their marketing purposes.
5. Data Retention
We retain your personal information for as long as necessary to:
- Provide our Services and fulfill the purposes described in this policy
- Comply with legal obligations (tax, accounting, regulatory requirements)
- Resolve disputes and enforce our agreements
When you delete your account, we will delete or anonymize your personal information within 90 days, except for data we are required to retain by law.
6. Data Security
We implement industry-standard security measures to protect your information:
- Encryption of data in transit (TLS/SSL) and at rest
- Secure password hashing (bcrypt)
- Rate limiting and DDoS protection
- Regular security audits and vulnerability assessments
- Access controls and employee training
- Secure payment processing via PCI-DSS compliant providers
While we strive to protect your data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.
7. Cookies and Tracking Technologies
7.1 Types of Cookies We Use
| Type | Purpose | Duration |
|---|---|---|
| Essential | Required for basic platform functionality, authentication | Session |
| Functional | Remember your preferences and settings | 1 year |
| Analytics | Understand how users interact with our platform | 2 years |
| Marketing | Deliver relevant advertisements (with consent) | 90 days |
7.2 Managing Cookies
You can control cookies through your browser settings. Note that disabling certain cookies may limit your ability to use some features of our platform.
8. Your Rights and Choices
8.1 Access and Portability
You can request a copy of your personal data in a portable format.
8.2 Correction
You can update your account information at any time through your profile settings.
8.3 Deletion
You can request deletion of your account and personal data. Some information may be retained for legal compliance.
8.4 Opt-Out
You can opt out of:
- Marketing emails (unsubscribe link in emails)
- Push notifications (device settings)
- SMS notifications (reply STOP)
- Personalized advertising (cookie settings)
8.5 Do Not Track
Our platform does not currently respond to "Do Not Track" browser signals.
9. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including standard contractual clauses approved by relevant authorities.
10. California Privacy Rights (CCPA)
California residents have additional rights under the California Consumer Privacy Act:
- Right to know what personal information we collect
- Right to request deletion of personal information
- Right to opt-out of the sale of personal information (we do not sell data)
- Right to non-discrimination for exercising privacy rights
To exercise these rights, contact us at privacy@sourceimpact.io.
11. European Privacy Rights (GDPR)
If you are located in the European Economic Area (EEA), UK, or Switzerland, you have additional rights under GDPR:
- Right of access to your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Right to withdraw consent
- Right to lodge a complaint with a supervisory authority
Our legal bases for processing include: consent, contractual necessity, legitimate interests, and legal obligations.
12. Children's Privacy
Our Services are not intended for children under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the platform. Your continued use of the Services after changes become effective constitutes acceptance of the revised policy.
14. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Source Impact, Inc.
Email: privacy@sourceimpact.io
Data Protection Inquiries: dpo@sourceimpact.io
General Support: support@sourceimpact.io