GovAxis ("we," "us," or "our") is committed to protecting the personal information of our customers and website visitors. This Privacy Policy explains what information we collect, why we collect it, how we store and protect it, who we share it with, and your rights with respect to it.
By using the GovAxis platform or website, you agree to the practices described in this Privacy Policy.
We collect the following categories of personal information:
We use the information we collect to:
We do not sell your personal information to third parties. We do not use your data for behavioral advertising.
Your data is stored on servers provided by Supabase, our database and storage provider. Supabase operates on Amazon Web Services (AWS) infrastructure in the us-east-1 (N. Virginia) region. Data is encrypted at rest using AES-256 encryption and in transit using TLS 1.2 or higher.
Identity documents (passports, selfies, proof of address) are stored in an isolated, access-controlled document vault with role-based access restrictions. Only authorized GovAxis personnel with a legitimate operational need may access your identity documents.
We share data with the following third-party services as necessary to provide our Services:
| Service | Purpose | Data Shared |
|---|---|---|
| Supabase | Database, file storage, authentication | All user and business data |
| Stripe | Payment processing | Name, email, payment method |
| Resend | Transactional email | Name, email, order details |
| Mercury / Relay / Wise | Banking partner introductions | Formation documents, EIN, identity info required by the bank |
| State agencies (DE, WY, etc.) | Entity formation filing | Formation documents, registered agent, member information |
| IRS | EIN and tax form submission | Business name, structure, beneficial owner information |
| FinCEN | BOI report filing | Beneficial ownership information required by the Corporate Transparency Act |
We do not share your information with any other third parties except as required by law, in response to a valid legal process (subpoena, court order, or equivalent), or to protect the rights, property, or safety of GovAxis, our users, or the public.
Depending on your country or state of residence, you may have the following rights with respect to your personal data:
To exercise any of these rights, email legal@govaxis.org with your request. We will respond within 30 days. In some cases, we may need to verify your identity before fulfilling your request. Note that certain data may be retained regardless of deletion requests due to legal obligations (see Section 6).
We retain your personal data for as long as necessary to provide our Services and comply with applicable law:
GovAxis uses a small number of cookies and similar technologies to operate the platform:
We do not currently use advertising cookies, cross-site tracking pixels, or third-party analytics services that track you across the internet. If we add analytics in the future, we will update this policy and provide opt-out options.
The Services are intended for individuals who are at least 18 years of age. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will delete it promptly.
GovAxis is operated from the United States. If you are located outside the United States, your data will be transferred to, stored, and processed in the United States. By using our Services, you acknowledge and consent to this transfer.
For users in the European Economic Area (EEA) or United Kingdom: We process your data on the basis of contractual necessity (to perform the formation services you have requested) and legal obligation (KYC/AML compliance). We implement appropriate safeguards for cross-border data transfers consistent with applicable data protection law.
We may update this Privacy Policy from time to time. Material changes will be communicated by email or in-app notification at least 30 days before taking effect. The "Last Updated" date at the top of this page always reflects when the most recent revision was made.
For privacy-related questions or to exercise your rights, contact us at legal@govaxis.org.
While GovAxis implements commercially reasonable administrative, technical, and organizational safeguards to protect personal information, no internet transmission, cloud platform, software application, database, storage system, email system, or electronic communication method can be guaranteed to be completely secure.
GovAxis does not warrant or guarantee absolute security of any information transmitted, stored, processed, or maintained through its systems or third-party providers. Client acknowledges and accepts the inherent security risks associated with internet-based services.
In the event GovAxis becomes aware of a confirmed data breach affecting personal information, GovAxis will take commercially reasonable steps to investigate, mitigate, and provide notice where required by applicable law.
GovAxis is not responsible for security incidents caused by:
GovAxis may use collected information to:
GovAxis may retain verification records, investigation records, risk assessments, and compliance documentation for legal and regulatory purposes.
GovAxis may utilize artificial intelligence systems, automated workflows, automated document processing, eligibility tools, fraud-detection systems, risk-assessment tools, chat assistants, and workflow automation technologies.
Such systems may process information submitted by users for operational purposes. Automated systems do not replace professional legal, tax, financial, accounting, banking, or regulatory advice.
GovAxis may record, store, monitor, review, and retain customer support communications, onboarding calls, video meetings, emails, chat messages, SMS communications, portal messages, and other business communications where permitted by law.
Such records may be used for:
If GovAxis undergoes a merger, acquisition, restructuring, asset sale, financing transaction, investment transaction, bankruptcy proceeding, or other business transfer, personal information may be transferred as part of the transaction, subject to applicable law.
GovAxis may engage contractors, vendors, consultants, software providers, cloud providers, communication providers, compliance providers, payment processors, and service partners to assist in delivering services.
Such providers may process personal information solely for authorized business purposes and under contractual obligations designed to protect the information. GovAxis may change service providers from time to time without prior notice.
Users are responsible for:
GovAxis is not responsible for losses resulting from compromised user credentials.
GovAxis may disclose personal information when required by:
GovAxis may disclose information without prior notice where permitted or required by law.
GovAxis does not guarantee uninterrupted access to stored documents, uploaded files, customer records, portal information, or historical account data.
Users are responsible for maintaining independent copies of important records and documents.
GovAxis reserves the right to restrict, refuse, suspend, or terminate services for individuals, entities, beneficial owners, or transactions that may involve sanctioned jurisdictions, embargoed regions, restricted parties, watchlists, or elevated compliance risks.
To the maximum extent permitted by law, GovAxis shall not be liable for indirect, incidental, consequential, punitive, special, reputational, regulatory, banking, tax, business, or economic damages arising from privacy incidents, security events, third-party provider failures, cyberattacks, unauthorized access, service interruptions, or data processing activities.
GovAxis's maximum aggregate liability arising from privacy-related claims shall not exceed the total amount paid by the user to GovAxis during the twelve months preceding the event giving rise to the claim.
By using GovAxis services, users expressly consent to the transfer, storage, processing, review, verification, and management of their information in the United States and in other jurisdictions where GovAxis service providers operate.
Data protection laws in such jurisdictions may differ from those in the user's home country.
Data retention, compliance, fraud prevention, liability limitations, dispute resolution, legal compliance, and recordkeeping obligations shall survive account closure, termination, cancellation, or discontinuation of service.