RHTP Navigator
Start your Atlas

Legal

Privacy Policy

What we collect, why, who we share it with, how long we keep it, and the choices you have. Plain about a serious topic, because that is the whole brand.

Effective May 30, 2026.

The short version: we collect the business contact and organization details you give us through the wizard, checklist, and email, plus basic, privacy-first analytics. We use them to deliver what you asked for, to run and secure the site, and to follow up about our products. We do not sell or share your personal information for advertising. We keep leads until you ask us to delete them, and we will delete them on request. Payments run through a third-party processor; we never see your full card number. The full policy is below.

1. Who is responsible for your data

This Privacy Policy explains how VerisGov Inc, a Wyoming corporation and the operator of RHTP Navigator ("RHTP Navigator," "we," "us"), handles personal information for the website at www.rhtpnavigator.com and the related Services. It is part of, and uses terms defined in, our Terms of Service. For business customers, we act as the controller of the contact and account data we collect to run our business; where we process information on your behalf under a signed Order, that Order's data terms govern.

2. Information we collect

Information you give us

  • Checklist and email signups (no charge): your email address, and the readiness answers you select (such as organization type and capability area).
  • Wizard intake (Atlas purchases): your organization name, contact name, role, email, buyer type, the capabilities and target states you select, and the free-text you choose to enter, which can include a capability description, state rationale, capital position, named relationships, sample proposal language, timeline, and delivery preferences.
  • Purchases: the products you buy, order references, and billing details you submit to our payment processor. We receive confirmation of payment and limited details (such as the last four digits and card brand); we do not collect or store your full payment card number.
  • Correspondence: the contents of emails and support requests you send us.

Information collected automatically

  • Privacy-first analytics: we use a cookieless, privacy-first analytics service that gives us aggregate traffic measurements (such as page views and referrers) without tracking you across sites and without advertising profiles.
  • Security and delivery logs: our hosting and edge-network provider processes standard request data such as IP address, approximate region, timestamp, and user-agent to route traffic, defend against abuse, and rate-limit our intake endpoints.
  • Bot defense: our intake forms use a privacy-respecting bot challenge to block automated abuse; its token is verified and not stored or used to profile you.

What we do not want

Please do not send us, through any field or message, protected health information or other individually identifiable health data, government-classified or export-controlled information, another party's confidential information, or sensitive personal information beyond business contact details. We are not a HIPAA covered entity or business associate, and the Services are not designed to receive that information. See Section 9 of the Terms.

3. Cookies and tracking

We keep tracking to a minimum. Our analytics are cookieless, and we do not use third-party advertising cookies or cross-site trackers. We may use a small number of strictly necessary cookies or local storage to make the site and forms work and to keep them secure. Because we do not engage in cross-context behavioral advertising, there is nothing to opt out of for that purpose, and we honor browser privacy signals where the law requires.

4. How we use information

  • to deliver the product or content you requested, including preparing and sending an Atlas;
  • to process payments, send confirmations and receipts, and manage subscriptions and renewals;
  • to operate, secure, debug, and improve the Services, including preventing fraud and abuse;
  • to respond to your questions and provide support;
  • to send you transactional messages and, where permitted, relevant updates about our products, which you can stop at any time;
  • to produce de-identified, aggregated statistics that do not identify you; and
  • to comply with law and enforce our Terms and Acceptable Use Policy.

Where required, our legal bases are performance of a contract, your consent (which you can withdraw), and our legitimate interests in running and securing a business, balanced against your rights.

5. Automated and AI-assisted processing

Some features classify, score, or generate text from the input you provide (for example, the readiness scorer, capability router, and anti-supplantation linter), and some of that processing uses third-party AI tools. This processing supports the feature you are using; it does not make legal or eligibility determinations about you, and its output should be independently verified. Do not enter confidential or legally protected information into free-text or AI-assisted fields.

Not a consumer report. Our readiness scores and outputs are general business information about organizations and programs. We are not a consumer reporting agency, and nothing we provide is a "consumer report" under the Fair Credit Reporting Act. Do not use the Services to make, and do not rely on them for, decisions about an individual's credit, employment, insurance, housing, or other eligibility covered by that law.

6. How we share information

We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We share it only as follows:

  • Service providers (sub-processors): we use a small set of vetted vendors to run the Services, described here by function: a cloud hosting and edge-network provider (hosting, storage, analytics, and abuse prevention), a payment processor (billing), a transactional email provider (confirmations and updates), and an AI language-model provider (certain tools). They may process personal information only on our instructions to provide their service. We will provide the current list of named sub-processors on request to wecare@rhtpnavigator.com.
  • Legal and safety: when we believe disclosure is reasonably necessary to comply with law or valid legal process, to enforce our agreements, or to protect the rights, safety, or property of anyone.
  • Business transfers: in connection with a merger, financing, acquisition, or sale of assets, subject to this Policy.
  • With your direction: when you ask us to, or under a separate agreement you sign.

7. Where data is stored and how it is protected

Wizard intakes and checklist leads are stored in a replicated, cloud-hosted key-value store that is our system of record, kept off any individual staff computer. We maintain a daily, point-in-time backup to a private storage bucket that is additionally encrypted with AES-256-GCM at the application layer, so the archive is unreadable even to someone with access to the storage. Access to lead data runs through an authentication-gated operator console that rejects cross-origin state changes and fails closed without credentials. Traffic is encrypted in transit. No method of storage or transmission is perfectly secure, so we cannot guarantee absolute security, but we work to protect your information and to keep our controls current. You can read more about our security posture in our published security documentation.

8. How long we keep information

We retain lead and intake records until you ask us to delete them or until they no longer serve the purpose collected, because losing a customer record silently would be worse for you than keeping it available. We keep purchase and tax records for as long as the law requires. When you request deletion, we remove your record from the live store; encrypted backups age out on a rolling schedule, and we will purge a specific record from backups on request where a complete erasure is required. Aggregated or de-identified data that no longer identifies you may be retained.

9. Your choices and rights

Depending on where you live, you may have some or all of these rights: to know what personal information we hold, to access or receive a copy, to correct it, to delete it, to limit or object to certain processing, to opt out of sale or sharing (we do neither), and to not be discriminated against for exercising a right. You can:

  • Unsubscribe from non-transactional email using the link in any such message, or by writing to us.
  • Request access, correction, or deletion of your data by emailing wecare@rhtpnavigator.com. We will verify your request and respond within the time the law allows. You may use an authorized agent where the law permits.

If you are in a jurisdiction with a privacy regulator, you may also have the right to lodge a complaint with it. We ask that you contact us first so we can help.

10. U.S. state privacy rights

Several U.S. states (including California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, and others) give residents specific privacy rights. Wherever you live, we extend the same core rights described in Section 9 to you.

  • We do not sell or share. We do not sell your personal information, and we do not share it for cross-context behavioral advertising, as those terms are defined under California and other state laws. We have not done so in the prior 12 months. Because of that, there is no "Do Not Sell or Share" action to take, though you may still ask us to confirm it.
  • Sensitive information. We do not seek sensitive personal information, and we do not use it to infer characteristics about you. You may ask us to limit any such use.
  • Appeal. If we decline a request, you may appeal by replying to our decision; we will respond within the time your state allows. Where your state provides one, you may also contact your state Attorney General.
  • Not a data broker. We collect information directly from you to provide the Services; we are not a data broker and do not register as one.
  • No discrimination. We will not deny you the Services, charge a different price, or provide a different quality of service for exercising a privacy right.

Business customers who need a data processing addendum for their own compliance can request one at wecare@rhtpnavigator.com.

11. Email and your inbox

We send transactional messages (such as confirmations, receipts, and delivery notices) that are part of the Services. We may also send occasional product updates where permitted; every such message includes an unsubscribe link and our postal address, and unsubscribing stops the non-transactional mail. We honor opt-out requests promptly and comply with the CAN-SPAM Act.

12. International users

We operate from the United States, and our providers may process information in the United States and other countries. If you access the Services from outside the United States, you understand your information will be transferred to and processed in the United States, where data-protection laws may differ from those where you live. Where required, we put appropriate safeguards in place for such transfers.

13. Children

The Services are for business and professional use and are not directed to children. We do not knowingly collect personal information from anyone under 18. If you believe a child has given us information, contact us and we will delete it.

14. Changes to this Policy

We may update this Policy from time to time. The "Effective" date above shows the current version, and we will post material changes here. Your continued use of the Services after a change means you accept the updated Policy.

15. Contact

Privacy questions or requests: wecare@rhtpnavigator.com. By mail: VerisGov Inc, 30 N Gould St, Ste N, Sheridan, WY 82801. VerisGov Inc is a Wyoming corporation. See also our Terms of Service and Acceptable Use Policy.