SellFunded

Privacy Policy

Last Updated: December 15, 2025

1. Introduction

SellFunded ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our deal management and broker compliance platform (the "Service").

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree with the terms of this policy, please do not access or use the Service.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when using the Service, including:

  • Account Information: Name, email address, company name, job title, phone number, and password when you create an account
  • Profile Information: Business information, company details, and professional background
  • Financial Data: Cap table information, investor details, funding round data, and financial projections you input into the Service
  • Documents: Files, documents, contracts, and other materials you upload to the Data Room
  • Communication Data: Messages, feedback, and correspondence you send to us
  • Broker Activity Data: Information about broker interactions, meetings, outreach activities, and compliance records

2.2 Information Collected Automatically

When you access the Service, we automatically collect certain information, including:

  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Data: Pages visited, features used, time spent on pages, click patterns, and navigation paths
  • Log Data: Access times, error logs, and referring URLs
  • Location Data: General geographic location based on IP address

2.3 Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain your session and remember your preferences
  • Analyze usage patterns and improve the Service
  • Ensure security and prevent fraud
  • Provide personalized features

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of the Service.

3. Legal Bases for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide the Service you requested
  • Legitimate Interests: Processing for our legitimate business interests, such as improving the Service, security, and fraud prevention
  • Consent: Processing based on your explicit consent, which you may withdraw at any time
  • Legal Obligation: Processing necessary to comply with applicable laws and regulations

4. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Create and manage your account
  • Process transactions and send related information
  • Enable collaboration features, including Data Room access for invited parties
  • Monitor broker compliance and generate compliance reports
  • Send administrative notifications, updates, and security alerts
  • Respond to your comments, questions, and support requests
  • Analyze usage trends to improve user experience
  • Detect, prevent, and address security issues and fraud
  • Comply with legal obligations and enforce our terms

5. Information Sharing and Disclosure

We may share your information in the following circumstances:

5.1 With Your Consent

We share information when you direct us to, such as when you invite investors or acquirers to access your Data Room.

5.2 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

  • Cloud hosting and storage providers
  • Analytics services
  • Payment processors
  • Email and communication services
  • Customer support tools

These providers are contractually bound to use your information only for the purposes we specify.

5.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal requests, including:

  • Subpoenas, court orders, or legal process
  • Requests from government authorities
  • To protect our rights, privacy, safety, or property
  • To investigate potential violations of our Terms of Service

5.4 Business Transfers

In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

5.5 Aggregated or De-identified Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you for analytics, research, or other business purposes.

6. Data Retention

We retain your personal information for as long as necessary to:

  • Provide the Service and maintain your account
  • Comply with legal obligations (e.g., tax, accounting, audit requirements)
  • Resolve disputes and enforce our agreements
  • Support business operations that cannot reasonably be performed without retaining such data

When you delete your account, we will delete or anonymize your personal information within a reasonable time period, except where retention is required by law or for legitimate business purposes.

7. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

  • Encryption of data in transit and at rest (256-bit encryption)
  • Secure access controls and authentication
  • Regular security assessments and monitoring
  • Employee training on data protection
  • Incident response procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. These countries may have different data protection laws than your jurisdiction.

For transfers from the EEA, UK, or Switzerland, we implement appropriate safeguards, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data Processing Agreements with service providers
  • Supplementary measures as required by applicable law

9. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

9.1 General Rights

  • Access: Request a copy of your personal information
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal information
  • Portability: Request a copy of your data in a portable format
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent where processing is based on consent

9.2 California Privacy Rights (CCPA/CPRA)

California residents have additional rights, including:

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information held by businesses
  • Right to opt-out of sale or sharing of personal information
  • Right to non-discrimination for exercising privacy rights
  • Right to correct inaccurate personal information
  • Right to limit use of sensitive personal information

We do not sell personal information as defined by the CCPA/CPRA.

9.3 Exercising Your Rights

To exercise your privacy rights, please contact us at [email protected]. We will respond to your request within the timeframe required by applicable law (generally 30-45 days). We may need to verify your identity before processing your request.

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information.

11. Third-Party Links and Services

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read the privacy policies of any third-party services you access.

12. Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable law. Notification will include:

  • Description of the nature of the breach
  • Categories of data affected
  • Steps we are taking to address the breach
  • Recommendations for protecting yourself
  • Contact information for further inquiries

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Updating the "Last Updated" date
  • Sending email notification for significant changes

Your continued use of the Service after changes become effective constitutes acceptance of the revised Privacy Policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

SellFunded
Privacy Inquiries
Email: [email protected]
Address: [Company Address]

For users in the EEA, you also have the right to lodge a complaint with your local data protection authority.