Privacy Policy

Ciphero Ventures LLC ("Ciphero Ventures," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at cipheroai.org (the "Site"), contact us by email or through our contact form, or otherwise interact with our firm. Please read this policy carefully. If you do not agree with its terms, please discontinue use of the Site.

We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will notify you of any significant changes by updating the "Last updated" date at the top of this page. We encourage you to review this Privacy Policy periodically to stay informed of updates. You will be considered to have accepted any changes the first time you use the Site after these changes are posted.

1. Information We Collect

1.1 Information You Provide Directly

We collect information that you voluntarily provide to us when you:

• Contact us through our contact form: We collect your name, email address, company name, job title, and the content of your message. We use this information to respond to your inquiry and to determine whether your organization or company may be a fit for our investment focus.
• Subscribe to our newsletter or email communications: We collect your email address and name. We use this information to send you insights, firm updates, and other content relevant to cybersecurity and venture capital that we believe may be of interest to you.
• Correspond with us by email: When you email us directly, we retain that correspondence including any personal information contained therein, to the extent necessary to respond to your inquiry and maintain records of our communications.
• Attend events we host or sponsor: We may collect registration information including your name, email address, company, job title, and dietary preferences or accessibility requirements where relevant.

1.2 Information Collected Automatically

When you visit our Site, our servers and analytics tools automatically collect certain information about your visit, including:

• Log data: Your IP address, browser type and version, operating system, referring URL, pages viewed on our Site, time spent on pages, and the date and time of your visit.
• Device information: Information about the device you use to access our Site, including device type, screen resolution, and general geographic location based on IP address.
• Cookies and similar technologies: We use cookies and similar tracking technologies to improve your experience on our Site, analyze usage patterns, and remember your preferences. See Section 8 (Cookies) below for more information.
• Analytics data: We use web analytics services to understand how visitors use our Site. This data is aggregated and used for statistical purposes to improve Site content and functionality.

1.3 Information from Third Parties

In the ordinary course of our investment activities, we may receive information about individuals and organizations from third-party sources, including:

• Publicly available sources such as LinkedIn, company websites, press releases, and news media
• Referrals from founders, investors, and advisors in our network
• Data aggregators and information service providers that compile business contact information
• Background check and due diligence service providers, used in connection with potential investment relationships

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Responding to Inquiries and Communications

We use information you provide through our contact form or by email to respond to your inquiries, evaluate whether there may be an investment relationship, and communicate with you about topics relevant to your inquiry. This processing is necessary for the performance of pre-contractual steps at your request and in furtherance of our legitimate business interests.

2.2 Operating and Improving Our Site

We use automatically collected information to operate, maintain, and improve our Site; to diagnose technical problems; to analyze usage patterns and understand how visitors use our Site; and to make decisions about content, design, and functionality improvements. This processing is in furtherance of our legitimate interests in maintaining an effective web presence.

2.3 Marketing and Communications

With your consent (or where we have a legitimate interest in communicating with business contacts), we may use your contact information to send you newsletters, firm updates, insights articles, and event invitations. You may opt out of marketing communications at any time by clicking the unsubscribe link in any email we send you or by contacting us at the address provided below.

2.4 Investment Activities

As a venture capital firm, we collect and process information about founders, companies, and industries as part of our investment research and due diligence activities. This processing is necessary for our legitimate interests in identifying and evaluating investment opportunities.

2.5 Legal Compliance and Protection

We may use and disclose information as necessary to comply with applicable laws and regulations; to respond to lawful requests from public authorities; to enforce our Terms of Service and other agreements; to protect the rights, property, and safety of Ciphero Ventures, our personnel, our investors, and the public; and to detect, prevent, or address fraud, security, or technical issues.

3. Disclosure of Your Information

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may share your information in the following circumstances:

3.1 Service Providers

We engage third-party service providers to perform functions on our behalf, including web hosting, email delivery, analytics, and CRM services. These providers have access to personal information only to the extent necessary to perform their functions and are contractually obligated to process such information only on our behalf and in accordance with applicable privacy laws.

3.2 Professional Advisors

We may share information with our legal advisors, accountants, and other professional advisors where necessary for the provision of professional services to our firm, including in connection with investment transactions and legal proceedings.

3.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of all or substantially all of our assets, personal information we hold may be transferred to the acquiring entity. We will notify you via email or prominent notice on our Site before your personal information becomes subject to a different privacy policy.

3.4 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities, including to meet national security or law enforcement requirements.

3.5 With Your Consent

We may share your information with third parties when you have given us your consent to do so.

4. Data Retention

We retain personal information for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying legal, regulatory, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data; the potential risk of harm from unauthorized use or disclosure; the purposes for which we process the data; whether we can achieve those purposes through other means; and applicable legal requirements.

In general, we retain contact and inquiry information for a period of five years from our last communication with you, unless you request earlier deletion or we are required by law to retain it longer. Analytics data is retained in aggregated, anonymized form and is not subject to specific deletion timelines.

5. Your Privacy Rights

Depending on your location and applicable law, you may have certain rights regarding your personal information:

5.1 Rights Under GDPR (EEA and UK Residents)

If you are located in the European Economic Area or United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR) or UK GDPR:

• Right of access: You have the right to request a copy of the personal information we hold about you.
• Right to rectification: You have the right to request correction of inaccurate personal information.
• Right to erasure: You have the right to request deletion of your personal information in certain circumstances.
• Right to restriction of processing: You have the right to request that we restrict processing of your personal information in certain circumstances.
• Right to data portability: Where processing is based on consent or contract and carried out by automated means, you have the right to receive your personal information in a structured, commonly used, machine-readable format.
• Right to object: You have the right to object to processing of your personal information where we rely on legitimate interests as the legal basis for processing.
• Rights related to automated decision-making: We do not make decisions about individuals based solely on automated processing that produce legal effects.

5.2 Rights Under CCPA (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• The right to know what personal information we collect, use, disclose, and sell
• The right to delete personal information we have collected from you
• The right to correct inaccurate personal information
• The right to opt out of the sale or sharing of personal information
• The right to limit the use and disclosure of sensitive personal information
• The right to non-discrimination for exercising your privacy rights

To exercise your CCPA rights, please contact us using the information provided in Section 11 below. We will respond to verifiable consumer requests within 45 days.

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include encryption of data in transit using TLS, access controls limiting access to personal information to authorized personnel, regular security assessments of our systems and processes, and vendor security requirements for our service providers.

However, no method of transmission over the Internet or method of electronic storage is completely secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and relevant authorities in accordance with applicable law.

7. International Data Transfers

Ciphero Ventures is based in the United States. If you are located outside the United States, please be aware that information we collect may be transferred to, stored, and processed in the United States or other countries where our service providers operate. These countries may have data protection laws different from those of your home country.

If we transfer personal information from the EEA, UK, or Switzerland to third countries, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or we rely on other lawful transfer mechanisms.

8. Cookies

Our Site uses cookies and similar tracking technologies. A cookie is a small text file stored on your device when you visit a website. Cookies help us recognize returning visitors, remember preferences, and understand how our Site is used.

We use the following categories of cookies:

• Strictly necessary cookies: Required for the Site to function and cannot be disabled. These include cookies that remember your cookie consent preference.
• Analytics cookies: Help us understand how visitors interact with our Site by collecting and reporting information anonymously.
• Preference cookies: Allow the Site to remember choices you make, such as language preferences.

You can control cookies through your browser settings. Most browsers allow you to refuse to accept cookies, delete cookies, or be alerted when cookies are sent. Note that disabling certain cookies may affect the functionality of our Site. For more information, please see our Cookie Policy.

9. Third-Party Links

Our Site may contain links to third-party websites, including portfolio company websites, industry publications, and social media platforms. These third-party sites have their own privacy policies, and we are not responsible for their content or practices. We encourage you to review the privacy policy of any third-party site you visit before providing any personal information.

10. Children's Privacy

Our Site is not directed to individuals under the age of 18, and we do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly. If you believe we may have collected information from a child, please contact us using the information below.

11. Contact Us

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have concerns about how we handle your personal information, please contact us:

We will respond to your request within 30 days. If you are located in the EEA and believe we have not resolved your complaint adequately, you have the right to lodge a complaint with your local data protection authority.