Privacy Policy

Last updated: April 28, 2026

1. Introduction

GovData Labs ("we," "our," or "us"), operated by New Day Industries, provides a commercial API for federal contractor intelligence data. This Privacy Policy describes how we collect, use, and share information when you use our website at govdatalabs.com and our API services (collectively, the "Services").

2. Information We Collect

Account Information

When you sign up for the Services, we collect your name, email address, and company name. If you sign in via Google or GitHub, we receive your name, email, and profile picture from those providers.

Payment Information

Payment processing is handled by Stripe. We do not store credit card numbers, bank account details, or other financial information on our servers. Stripe's privacy policy governs the handling of your payment data.

Usage Data

We collect API usage metrics including request counts, endpoints accessed, timestamps, and IP addresses. This data is used for rate limiting, billing, abuse prevention, and service improvement.

Website Analytics

We may collect standard web analytics data including pages visited, referral sources, browser type, and device information. We do not use third-party tracking cookies.

3. How We Use Your Information

  • To provide, maintain, and improve the Services
  • To process payments and manage your subscription
  • To provision and manage API keys
  • To enforce rate limits and prevent abuse
  • To communicate with you about your account, updates, and support
  • To comply with legal obligations

4. Data We Serve via the API

The federal contractor data served through our API is derived from publicly available government sources including SAM.gov, USAspending.gov, SBIR.gov, FPDS.gov, and other federal data systems. This data is public record. We enrich this data with AI-extracted capabilities and verified contact information.

5. Information Sharing

We do not sell your personal information. We may share information with:

  • Service providers: Stripe (payments), Vercel (hosting), and authentication providers (Google, GitHub) as necessary to operate the Services.
  • Legal compliance: When required by law, subpoena, or government request.
  • Business transfers: In connection with a merger, acquisition, or sale of assets.

6. Data Security

We implement industry-standard security measures including HTTPS encryption, secure API key management, rate limiting, input validation, and security headers (CSP, HSTS, X-Frame-Options). API keys are stored encrypted and transmitted only once at creation. However, no method of transmission over the Internet is 100% secure.

7. Data Retention

We retain account information for as long as your account is active. API usage logs are retained for 90 days. If you cancel your account, we will delete your personal information within 30 days, except where retention is required by law.

8. Your Rights

You have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your account and personal data
  • Export your account data
  • Opt out of marketing communications

To exercise these rights, contact us at privacy@govdatalabs.com.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on our website. Your continued use of the Services after changes constitutes acceptance.

10. Contact

For privacy-related inquiries, contact us at privacy@govdatalabs.com.

GovData Labs is operated by New Day Industries.