Last updated: March 25, 2026
This Privacy Policy describes how Gagarin Capital Advisers LLC ("DVC," "we," "us," or "our") collects, uses, discloses, stores, and otherwise processes personal information in connection with the DVC Venture OS platform and any related applications, tools, and services (collectively, the "Platform").
This Privacy Policy applies to personal information we collect in connection with your access to or use of the Platform, including information collected directly from you, automatically through your use of the Platform, and from authorized third-party sources used to operate, secure, and improve the Platform.
We may collect the following categories of personal information:
(a) Account and profile information. Name, email address, organization, title or role, account status, permissions, and other information you provide when your account is created or managed.
(b) Authentication and security information. Hashed passwords, login events, session identifiers, magic link issuance and usage, multi-factor authentication data (if enabled), password reset activity, and other account security records.
(c) Platform activity and usage information. Information relating to how you use the Platform, including deal pipeline interactions, company research queries, portfolio updates, workflow activity, task activity, document access, feature usage, clicks, navigation patterns, and audit trail events.
(d) Device, connection, and technical information. IP address, browser type, operating system, device type, user agent, referring URLs, session timestamps, approximate geolocation inferred from IP, and similar technical and diagnostic information collected automatically for security, operations, and analytics purposes.
(e) Communications and support information. Messages, support requests, feedback, legal acknowledgments, and other communications you send to us or through the Platform.
(f) User-submitted content and business data. Information you upload, submit, input, query, or otherwise make available through the Platform, including names, company information, diligence notes, portfolio information, documents, prompts, and requests. Depending on the use case, such information may include personal information about founders, operators, investors, counterparties, or other individuals.
(g) Third-party source information. Information received from service providers, authentication providers, integrated tools, data vendors, AI providers, or other third parties authorized or used by DVC in connection with operation of the Platform.
We collect personal information from the following categories of sources: directly from you; automatically from your device or browser when you use the Platform; from DVC personnel or authorized administrators who provision or manage access; from third-party service providers, integrations, data vendors, and infrastructure providers that support the Platform; and from communications and transactions relating to your use of the Platform.
We may use personal information for the following business and commercial purposes:
(a) to provide, operate, maintain, secure, and improve the Platform;
(b) to authenticate users, manage accounts, administer permissions, and enforce access controls;
(c) to process user inputs and generate AI-powered or automated research, analyses, summaries, and other outputs requested through the Platform;
(d) to maintain logs, records, and audit trails for security, compliance, troubleshooting, and legal purposes;
(e) to monitor use of the Platform, detect abuse, unauthorized access, fraud, or violations of applicable agreements;
(f) to communicate with you regarding your account, access, support requests, legal terms, security matters, or Platform updates;
(g) to investigate incidents, enforce our agreements, protect DVC and other users, and comply with applicable law;
(h) to conduct internal analytics, quality assurance, testing, debugging, and performance monitoring; and
(i) to support corporate transactions, governance, recordkeeping, and other legitimate business operations.
Where required by applicable law, we process personal information on one or more of the following legal bases: performance of a contract, compliance with legal obligations, legitimate interests, consent where required, and establishment, exercise, or defense of legal claims.
We do not sell personal information. We may disclose personal information to the following categories of recipients:
(a) Service providers and processors. Third parties that help us host, operate, secure, maintain, or improve the Platform, such as cloud hosting providers, database providers, authentication tools, AI and model providers, analytics services, email delivery services, logging and monitoring providers, and other infrastructure or support vendors.
(b) Within DVC and authorized affiliated personnel. Authorized employees, contractors, operators, advisors, or representatives who need access for legitimate business, operational, compliance, or security purposes.
(c) Professional advisors and counterparties. Lawyers, auditors, compliance providers, insurers, financing sources, or transaction counterparties where reasonably necessary for legitimate business or legal purposes.
(d) Legal and regulatory disclosures. Courts, regulators, law enforcement, or governmental authorities when required by law or when reasonably necessary to protect rights, safety, security, or the integrity of the Platform.
(e) Corporate transactions. In connection with an actual or proposed merger, financing, restructuring, acquisition, sale of assets, or similar transaction, subject to customary confidentiality protections.
The Platform may use third-party artificial intelligence services and automated systems to process submitted prompts, inputs, documents, and related data in order to generate requested outputs such as company research, competitive analysis, notes, summaries, and other workflow assistance.
We use such services solely to provide and improve Platform functionality, security, and operations. We seek to use providers that offer appropriate contractual data protection commitments. Unless expressly stated otherwise, we do not intend for submitted customer data to be used to train third-party foundation models for general-purpose model improvement without appropriate authorization.
You are responsible for ensuring that data submitted to the Platform for AI processing is appropriate for the intended use and permitted under applicable agreements and law.
The Platform uses essential cookies and similar technologies necessary to operate core functionality, authenticate sessions, maintain security, and support user preferences. These may include secure, HTTP-only session cookies and related authentication mechanisms.
We do not use advertising cookies on the Platform. We may use limited analytics, logging, or performance-related technologies necessary to operate and secure the Platform.
Session and authentication records may expire according to our security policies, including inactivity-based expiration periods.
We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Platform, maintain security, comply with legal obligations, resolve disputes, and enforce agreements.
Retention periods may vary by category of information. For example: account and access records are retained for the duration of the account relationship and a reasonable period thereafter; audit logs and security records are retained for at least as long as needed for security, compliance, investigation, and legal defense purposes; legal acknowledgment and clickwrap acceptance records are retained for as long as reasonably necessary to document consent, contractual acceptance, compliance, recordkeeping, and legal defense; backup and system recovery data is retained according to routine retention cycles.
Where a fixed retention period is not possible, we retain data based on the criteria used to assess operational need, legal obligations, risk, and recordkeeping requirements.
We implement technical, administrative, and organizational measures designed to protect personal information against unauthorized access, loss, misuse, alteration, or disclosure. These measures may include encryption in transit, encryption at rest where appropriate, access controls, logging, monitoring, secure session management, credential protections, role-based permissions, and incident response procedures.
However, no system, network, or method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Your personal information may be processed in the United States and other jurisdictions where DVC or its service providers operate. Those jurisdictions may have data protection laws that differ from those in your location. Where required by applicable law, we take appropriate steps designed to provide lawful transfer safeguards.
Depending on your jurisdiction and subject to applicable limitations and exceptions, you may have rights to: know or access personal information we hold about you; correct inaccurate personal information; delete personal information; object to or restrict certain processing; request portability of certain personal information; withdraw consent where processing is based on consent; and appeal or complain to a regulator where provided by law.
We will respond to verified requests in accordance with applicable law. We may need to verify your identity before processing a request.
The Platform is not intended for children, and we do not knowingly collect personal information from children under the age prohibited by applicable law.
We may update this Privacy Policy from time to time. Updated versions will be made available through the Platform or otherwise provided to you, and the "Last updated" date will be revised accordingly. Where required by law or where changes are material, we may provide additional notice or require renewed acknowledgment.
If you have questions about this Privacy Policy or wish to exercise applicable privacy rights, please contact us at legal@dvc.vc.