Last updated: June 6, 2026
Bootstrap Roadmap ("we," "us," or "our") operates bootstraproadmap.com. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data. By using our site and services, you agree to the practices described here.
When you create an account, we collect your first name, last name, and email address. We also collect your business name and business type if you provide them during onboarding or in your account settings. Passwords are hashed using bcrypt and are never stored in plain text.
We store your checklist progress — which tasks you've marked complete, their status, and any notes you've added. This data is tied to your account and is used solely to power your roadmap experience.
When you download a document from our library, we log the download event including which document was downloaded, the time and date, and your IP address. This is used to prevent unauthorized bulk downloading and to understand which resources are most useful to our users.
If you sign up for our newsletter, we store your email address and the date of signup. We use this to send you product updates and founder resources. You can unsubscribe at any time via the link in any email we send.
Contact form submissions store your name, email address, message, and IP address. We use this information solely to respond to your inquiry.
If you subscribe to a paid plan, payment processing is handled by Stripe. We do not store your credit card number, CVV, or full payment details on our servers. We store only the information Stripe provides us upon successful payment — subscription status, plan type, and billing period.
We may collect standard web server log data including your IP address, browser type, referring URL, and pages visited. If analytics tools are installed on the site, they may collect aggregated, anonymized data about site usage. We do not use advertising cookies or third-party behavioral tracking cookies.
Bootstrap Roadmap includes affiliate links and sponsored recommendations throughout the platform — particularly in task modals under the "We Recommend" section. When you click an affiliate link and make a purchase, we may earn a commission at no additional cost to you.
Affiliate and sponsored links are clearly labeled with "Partner" or "Sponsored" badges. We only recommend tools and services we believe are genuinely useful to founders. Sponsored placements do not influence the content of our checklist items, task descriptions, or editorial guidance.
We participate in affiliate programs including but not limited to: GoDaddy, Namecheap, Fiverr, 99designs, Canva, ThemeForest, HubSpot, Mailchimp, Gusto, and others. Participation in these programs is disclosed where relevant.
We use the information we collect to:
We will never sell your personal data to third parties. We do not use your data for advertising targeting on third-party platforms.
We use a single session cookie to keep you logged in. This cookie expires when you close your browser or log out. We do not use advertising cookies, cross-site tracking cookies, or third-party behavioral analytics cookies. If we add analytics tools in the future, we will update this policy and implement appropriate consent mechanisms.
We retain your account data for as long as your account is active. If you close your account, your personal data and checklist progress are permanently deleted from our database. Document download logs and contact form submissions may be retained for up to 12 months for security and operational purposes before being purged.
Newsletter subscribers who unsubscribe are removed from active mailing lists. Archived records may be retained for up to 6 months to process unsubscribe requests and prevent re-subscription without consent.
You have the right to:
If you are located in the European Economic Area (EEA) or California, you may have additional rights under GDPR or CCPA respectively. To exercise any of these rights, contact us at the address below.
We implement reasonable technical and organizational security measures including HTTPS encryption for all data in transit, bcrypt password hashing, CSRF protection on all forms, session security controls, and restricted access to production systems. No system is completely impenetrable. In the event of a data breach that affects your personal information, we will notify you as required by applicable law.
We use the following third-party services that may process your data:
Each of these services has its own privacy policy governing their data practices. We encourage you to review them.
Bootstrap Roadmap is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For significant changes, we will notify registered users via email. Continued use of the platform after changes are posted constitutes acceptance of the updated policy.
Questions about this policy or requests to exercise your data rights? Contact us here.
