Privacy Policy
Last Updated: June 1, 2026
1. Introduction
Capmatter ("Capmatter," "we," "our," or "us") provides software for cap table management, equity tracking, scenario planning, shareholder record management, and related financial operations.
This Privacy Policy explains how we collect, use, store, and disclose information when you use our platform.
By creating an account, accessing, or using Capmatter, you provide your free, specific, informed, unconditional, and unambiguous consent to the collection, usage, and processing of your personal data as described in this Privacy Policy. You may withdraw your consent at any time by contacting us, though withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.
2. Information We Collect
Information You Provide
- Name
- Email address
- Phone number
- Company information
- CIN, PAN, GST, and other business identifiers
- Shareholder information
- Employee information
- Investment and financing records
- Equity and cap table data
- Documents uploaded to the platform
- Communications sent to support
Account Information
We collect information necessary to create and maintain your account, including authentication data processed through our service providers.
Usage Information
- Device information
- Browser information
- IP address
- Log data
- Error reports
- Security events
- Product usage analytics
3. How We Use Information
We use information to:
- Provide and operate the platform
- Generate cap table calculations and reports
- Process subscriptions and payments
- Authenticate users
- Provide customer support
- Improve product performance and reliability
- Detect fraud, abuse, and security incidents
- Comply with legal obligations
- Enforce our agreements and policies
Capmatter's outputs are generated from user-provided information and system calculations. Users remain responsible for reviewing and verifying all records, calculations, reports, and decisions made using the platform.
4. Data Storage and Security
We implement administrative, technical, and organizational safeguards designed to protect information.
However, no method of electronic transmission, cloud storage, or internet communication can be guaranteed to be completely secure.
Accordingly:
- We do not guarantee absolute security.
- We cannot guarantee that unauthorized access, cyberattacks, service interruptions, or data loss will never occur.
- Users are responsible for maintaining the security of their credentials and devices.
Data Breach Notification
In the event of a confirmed personal data breach affecting your information, we will notify you and/or the applicable supervisory authority (such as the Data Protection Board of India) in accordance with the timelines, procedures, and formats prescribed under the Digital Personal Data Protection (DPDP) Act 2023 and other applicable data security regulations.
5. Service Providers
We may use third-party service providers to support platform operations, including:
- ▣ Cloud hosting providers
- ▣ Database providers
- ▣ Authentication providers
- ▣ Payment processors
- ▣ Analytics providers
- ▣ Customer support providers
- ▣ Security and monitoring providers
These providers may process information on our behalf subject to their own policies and contractual obligations.
6. Data Retention
We retain information for as long as reasonably necessary to:
- Provide services
- Maintain system integrity
- Preserve audit records
- Resolve disputes
- Prevent fraud and abuse
- Comply with legal, tax, accounting, and regulatory obligations
Certain records, including ledger, transaction, audit, security, and system integrity records, may be retained after account closure or deletion requests where necessary for legal compliance, dispute resolution, fraud prevention, or preservation of historical integrity.
7. Data Exports and Deletion Requests
Users may request access to, correction of, export of, or deletion of certain information.
Deletion requests may not result in immediate or complete removal of all records where retention is necessary for:
- Legal obligations
- Security investigations
- Fraud prevention
- System backups
- Audit integrity
- Historical financial record preservation
8. International Transfers
Information may be processed and stored in jurisdictions different from the user's location. By using the platform, users consent to such processing and storage where permitted by applicable law.
9. Children's Privacy
Capmatter is intended for business and professional use and is not directed toward individuals under the age of 18.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Continued use of the platform after changes become effective constitutes acceptance of the revised policy.
11. Grievance Redressal Officer and Contact
In accordance with the Digital Personal Data Protection (DPDP) Act 2023, you may address any queries, concerns, or grievances regarding the processing of your personal data to our designated Grievance Officer:
Designation: Grievance Redressal Officer
Address: Capmatter Technology, Uttar Pradesh, India
Email: support@capmatter.com
We will acknowledge and address your grievance within the statutory timelines prescribed under applicable law.
12. Founder Circle - Additional Information
If you use Founder Circle (our verified founder community), we additionally collect and process:
- Your public profile (display name, username, bio, avatar, skills, industry, stage)
- Content you create - posts, comments, goals, milestones, resources, knowledge articles, and events
- Your network - connections, follows, circle memberships, likes, and bookmarks
- Direct messages you send and receive
- AI Founder generation history - prompts and outputs, built from your own goals/circles/context, only when you actively trigger an AI action
Your AI Founder prompts and the context we assemble to answer them are sent to Google Gemini, our AI provider, solely to generate your requested output - not for advertising or model-training purposes on our end.
Content you post to Founder Circle (posts, comments, resources) is visible to other verified members according to its audience (public profile, your circles, or direct messages), as described in-product. See our Acceptable Use Policy for community conduct rules and how reported content is handled, and our Data Retention Policy for exactly what happens to your Founder Circle content if you delete your account.
13. Related Policies
This Privacy Policy works together with: