Privacy Policy

Last updated: September 22, 2025

Fundreef is operated by Fundreef LLC (Registered office: 1209 Mountain Road Pl Ne Ste H, New Mexico, Albuquerque, United States, 87110 – “Fundreef”, “we”, “our”, or “us”).

We are committed to safeguarding your privacy. This Privacy Policy explains how we collect, process, and protect personal data in connection with your use of our website fundreef.com and our services, including the Fundreef platform, CRM, and AI-powered tools (collectively, the “Services”).

If you have any questions about this Policy, please contact us at privacy@old-fundreef.osheha.com.

1. Scope of this Policy

This Policy applies to:

• Visitors to our website and platform.
• Registered users of our Services.
• Business professionals whose information appears in our investor and startup database.

Our Services are designed for business-to-business (B2B) use. We aggregate information from publicly available sources and professional contributions to build a database that helps startups and investors connect.

2. Personal Data We Collect

a. Information you provide to us

• Account information: name, email address, password, company, role, phone number.
• Payment information: processed securely via third-party payment providers (we do not store full credit card details).
• Communications: any information you provide when contacting us via email, forms, or customer support.

b. Information we collect automatically

• Device and usage data: IP address, browser type, operating system, device identifiers.
• Log data: session activity, login times, error reports.
• Cookies and tracking technologies: see Section 11.

c. Information from public sources and third parties

• Publicly available business information (e.g., company websites, news articles, filings, social media profiles).
• Licensed data from trusted partners.
• User-contributed data (e.g., investor details uploaded to CRM).

3. How We Use Personal Data

We process personal data for the following purposes:

• To operate and provide our Services.
• To maintain and improve the Fundreef database.
• To recommend potential investors and manage fundraising pipelines.
• To provide customer support and communicate with you.
• To ensure security, prevent misuse, and detect fraud.
• To comply with applicable laws and regulations.
• To send you relevant updates, newsletters, or promotional materials (subject to opt-out rights).

4. Data Protection & Legal Bases (Global)

Fundreef LLC operates globally and is committed to protecting your privacy. Depending on your location, we process your personal data under the following legal frameworks:

• EEA & UK (GDPR/UK GDPR): We rely on:
  • Contractual Necessity (Art. 6.1.b): To provide our services.
  • Legitimate Interests (Art. 6.1.f): For platform security, B2B communication, and service improvement.
  • Legal Obligation (Art. 6.1.c): To comply with AML/KYC and tax laws.
  • Consent (Art. 6.1.a): For non-essential cookies and marketing.
• USA (CCPA/CPRA & State Laws): We do not “sell” your personal information for monetary value. We “share” information only for business purposes as defined by law.
• Other Jurisdictions: We apply high standards of data protection globally, ensuring transparency and security regardless of your residency.

International Data Transfers

By using our platform, you acknowledge that your information will be transferred to and processed in the United States. Fundreef LLC implements appropriate safeguards (such as Standard Contractual Clauses or equivalent mechanisms) to ensure your data receives an adequate level of protection, especially when transferred from the EEA, UK, or Switzerland.

5. How We Share Personal Data

We may share personal data with:

• Other Fundreef users: investor and professional data may be accessible to platform subscribers.
• Service providers, including:
  
  
  • Cloud hosting: Contabo
  • Payment processing: Stripe
  • Email service provider: Brevo
  • Analytics: Google Analytics
  • AI providers: Google Cloud, OpenAI
• Business partners: limited cases such as integrations or joint webinars.
• Corporate transactions: in case of mergers, acquisitions, or restructuring.
• Legal and regulatory authorities: where required by law.

We do not sell consumer data.

6. International Data Transfers

Your data may be processed in the UK, EEA, US, or other jurisdictions. We use safeguards such as Standard Contractual Clauses (SCCs) and equivalent mechanisms to ensure adequate protection.

7. Data Retention

We retain personal data only for as long as necessary:

• Account data: for the duration of your account plus 30 days after deletion.
• Database information: retained while accurate and relevant, subject to periodic review.
• Support tickets and communications: typically 2 years.
• Legal/compliance data: as required by applicable law.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access your personal data (Art. 15 GDPR).
• Rectify inaccurate data (Art. 16 GDPR).
• Request erasure (Art. 17 GDPR).
• Restrict processing (Art. 18 GDPR).
• Object to processing (Art. 21 GDPR).
• Request data portability (Art. 20 GDPR).

You can exercise your rights by contacting privacy@old-fundreef.osheha.com. We will respond within 30 days.

If you are not satisfied, you may lodge a complaint with the UK ICO or your local Data Protection Authority.

9. US State Privacy Rights

For residents of California, Virginia, Colorado, Utah, Nevada, and other states with privacy laws:

• Right to know what personal data we collect.
• Right to request correction or deletion.
• Right to opt-out of sale/sharing (Fundreef does not sell consumer data).
• Right to non-discrimination when exercising privacy rights.

10. Data Security

We apply technical and organizational safeguards including:

• Encryption of data in transit and at rest.
• Role-based access controls and multi-factor authentication.
• Regular vulnerability scans and monitoring.
• Provider certifications (e.g., ISO 27001 from cloud partners).

11. Cookies and Tracking Technologies

We use cookies and similar technologies for:

• Essential cookies: login, security, session management.
• Analytics cookies: Google Analytics to understand usage patterns.
• Marketing cookies: to deliver relevant communications.

You can manage cookies via your browser settings or by using industry opt-out tools:

• Google Analytics Opt-out: https://tools.google.com/dlpage/gaoptoutNetwork Advertising Initiative: https://optout.networkadvertising.org/
• Your Online Choices (EU): https://www.youronlinechoices.eu/

12. Marketing and Communications

We may send:

• Newsletters with updates on Fundreef features.
• Product announcements and improvements.
• Event invitations (e.g., webinars).

You can opt-out at any time by clicking “unsubscribe” in our emails or by writing to privacy@old-fundreef.osheha.com.

13. Automated Decision-Making and AI

We use AI and automated systems to:

• Match startups with potential investors.
• Generate recommendations and insights.
• Detect unusual or fraudulent activity.

You have the right to request human review of automated decisions that significantly affect you.

14. Data Accuracy

We strive to keep our database accurate and up to date.

If you discover incorrect or outdated information about yourself or your organization, please email privacy@old-fundreef.osheha.com and request corrections.

15. Children’s Privacy

Our Services are intended for professionals and are not directed to individuals under 18. We do not knowingly collect data about minors.

16. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be published on this page with the “Last updated” date.