Privacy Policy

Introduction

Welcome to VentureScope, an AI-powered due diligence platform operated by SowFin, Inc. This Privacy Policy explains how we collect, use, share, and protect your personal information.

Our Commitment:

  • We treat your data with the highest level of security
  • We are transparent about our practices
  • We give you control over your data
  • We are working toward industry-standard compliance certifications

By using VentureScope, you agree to this Privacy Policy.

Quick Summary

What You Need to Know:

  • We don’t sell your data – Never have, never will
  • Your data is encrypted – AES-256 at rest, TLS 1.3 in transit
  • You control sharing – Nothing shared without your permission

Data Security & Compliance

Current Security Measures

We implement industry best practices:

  • Encryption: AES-256 encryption at rest, TLS 1.3 in transit
  • Hosting: Secure AWS infrastructure
  • Monitoring: Regular security monitoring and updates

Privacy Compliance:

  • Data Minimization: We collect only necessary data
  • Transparency: Clear disclosure of data practices
  1. Information We Collect

1.1 Information You Provide

All Users:

  • Account information (name, email, password)
  • Profile information (role, company)
  • Payment information (via Stripe – we don’t store credit cards)

Investors:

  • Firm details and investment focus
  • Companies you analyze and track
  • Pipeline and portfolio data
  • Internal notes and memos

Founders:

  • Company information and metrics
  • Financial data (revenue, burn, projections)
  • Team information
  • Documents (pitch decks, models)

1.2 Automatically Collected

  • Usage data (pages viewed, features used)
  • Device information (IP address, browser)

1.3 Third-Party Data

For Continuous Due Diligence (Public Sources Only):

  • News articles and press releases
  • Crunchbase (funding data)
  • LinkedIn (team changes)
  • Social media (company posts)
  • SEC filings (public companies)
  1. How We Use Your Information

To Provide Services:

  • Generate DealScore™ analyses
  • Enable company tracking and monitoring
  • Facilitate investor-founder matching
  • Process payments and send receipts

To Improve:

  • Develop new features
  • Conduct analytics

To Communicate:

  • Send account notifications
  • Provide customer support
  • Share product updates (opt-in)
  1. Data Sharing
  • We Do NOT Sell Your Data
  • We never sell your personal information. Period.
  • When We Share Data

Service Providers:

  • AWS (hosting)
  • Anthropic (AI processing – does NOT train on your data)
  • Stripe (payments)
  • Analytics tools (Google Analytics)

With Your Consent:

  • When you share analysis with investors
  • When you enable Investor Matching
  1. Privacy by Account Type

For Investors

What’s Private (NEVER Shared):

  • Your portfolio companies
  • Your investment theses
  • Your internal notes
  • Your deal pipeline
  • Your personal contact info

What Founders See (If You View Shared Analysis):

  • You viewed their analysis
  • If you accepted/declined

For Founders

Everything is Private by Default:

  • DealScore™
  • Financials
  • Cap table
  • Documents
  • Customer data

To Share with Investors, You Must:

  1. Click “Share Analysis” (specific investors), OR
  2. Enable “Investor Matching” (discovery)

What Gets Shared (When You Enable):

  • Full Analysis
  • DealScore™ and breakdown
  • Investment memo summary
  • Company profile
  • High-level metrics

What NEVER Gets Shared:

  • Cap table
  • Detailed financials
  • Customer contracts
  • Sensitive IP
  1. Continuous Due Diligence

What We Monitor (Public Data Only):

  • News and press releases
  • Funding announcements
  • Team changes (LinkedIn)
  • Product launches
  • Social media posts

What We Do NOT Monitor:

  • Private communications
  • Non-public data
  • Internal documents
  1. Data Security

Technical Measures:

  • Encryption (AES-256 at rest, TLS 1.3 in transit)
  • Secure AWS hosting
  • Regular security updates
  • Access controls and MFA (coming soon)

Your Responsibility:

  • Use strong passwords
  • Enable MFA
  • Don’t share login credentials
  • Report suspicious activity: support@sowfin.com

No System is 100% Secure:
While we implement strong security measures, no system is completely secure. We will notify you of any data breach as required by law.

  1. Data Retention

Active Accounts:

  • We retain data needed to provide services

Closed Accounts:

  • Most data deleted within 30 days

You Can:

  • Delete your account anytime (Settings → Delete Account)
  1. Changes to This Policy

We may update this policy.

How we notify you:

  • Email for material changes
  • Updated “Last Updated” date
  • 30 days’ notice for significant changes

Your continued use = acceptance of updates

  1. Contact Us

General Support:
Email: support@sowfin.com

Last Updated: March 17, 2026
Version: 1.1 (Updated to reflect accurate compliance status)

© 2026 SowFin Corporation. All rights reserved.