Privacy Policy

1. Introduction

ThesisGrid Capital ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-native investment research platform and related services.

By accessing or using our services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Information You Provide

• Account registration information (name, email address, company name, job title)
• Payment and billing information
• Communications with us (support requests, feedback)
• Content you upload or create within the platform (research notes, investment theses, memos)
• Integration credentials for connected data sources

2.2 Information Collected Automatically

• Device information (IP address, browser type, operating system)
• Usage data (features accessed, time spent, actions taken)
• Log data (access times, pages viewed, referring URLs)
• Cookies and similar tracking technologies

2.3 Information from Third Parties

• Information from identity verification services
• Data from integrated third-party platforms you authorize
• Information from business partners and resellers

3. How We Use Your Information

We use collected information for the following purposes:

• Providing, maintaining, and improving our services
• Processing transactions and managing your account
• Personalizing your experience and delivering relevant content
• Communicating with you about updates, security alerts, and support
• Analyzing usage patterns to enhance platform performance
• Detecting, preventing, and addressing technical issues or fraud
• Complying with legal obligations and enforcing our terms
• Training and improving our AI models (with appropriate anonymization)

4. Data Sharing and Disclosure

We may share your information in the following circumstances:

4.1 Service Providers

We engage third-party companies to perform services on our behalf, including cloud hosting, payment processing, analytics, and customer support. These providers have access only to information necessary to perform their functions and are contractually obligated to protect your data.

4.2 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and the choices you may have.

5. Data Security

We implement industry-standard security measures to protect your information, including:

• Encryption of data in transit (TLS 1.3) and at rest (AES-256)
• Regular security assessments and penetration testing
• Access controls and authentication requirements
• Employee training on data protection practices
• SOC 2 Type II compliance

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When determining retention periods, we consider the nature of the data, potential risks, and applicable legal requirements.

7. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data
• Portability: Request transfer of your data to another service
• Objection: Object to certain processing of your data
• Restriction: Request restriction of processing in certain circumstances

To exercise these rights, please contact us at privacy@thesisgrid.com.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers, including Standard Contractual Clauses approved by relevant authorities.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze usage, and deliver relevant content. You can control cookie preferences through your browser settings. Essential cookies required for platform functionality cannot be disabled.

10. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete such information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.