Privacy Policy

Last updated: March 2026
‍
This Privacy Policy explains how Daphne Technologies LLC and, where relevant, its UK subsidiary Daphne Technologies Limited (together, “Daphne,” “we,” “us,” or “our”) collect, use, share, and otherwise process Personal Data in connection with the Daphne platform (the “Service”).
‍
This Privacy Policy applies to individuals who use the Service on behalf of any organisation, whether as a Customer, Provider, or other platform participant, and to other individuals whose Personal Data may be contained in materials submitted through the Service.
‍
1. Important role information
‍
Because Daphne operates a multi-sided platform and a cross-border business, our role under data protection law may vary depending on the processing activity, the customer relationship, and the Daphne entity involved.
‍
1.1 Daphne entities covered by this Privacy Policy
‍
Unless otherwise stated in a separate agreement or notice:
‍
• Daphne Technologies LLC is the primary contracting entity for the Service and generally acts as the main operator of the platform.
• Daphne Technologies Limited (registered in England and Wales, company number 14911183, registered address: 71 Central Street, London EC1V 8AB) may provide sales, support, operational, administrative, or other business functions in relation to users and customers in the UK or Europe.
• Depending on the processing activity, Daphne Technologies LLC and Daphne Technologies Limited may act as independent controllers, joint controllers, or one entity may process Personal Data on behalf of the other.
‍
1.2 When Daphne acts as controller
‍
Daphne acts as an independent controller for Personal Data we process for our own business and operational purposes, including:
‍
• account creation and administration;
• identity and access management;
• platform security, logging, fraud prevention, and incident response;
• customer support and service communications;
• website analytics and product usage analytics;
• legal and regulatory compliance;
• billing and commercial administration where applicable; and• maintaining and improving the Service using Service Data and other information that does not involve prohibited reuse of Submission Data under our Terms.
‍
1.3 When Daphne may act as processor or service provider
‍
Where Personal Data is contained in Submission Data and Daphne processes that data solely to host, organise, transmit, parse, normalise, or otherwise handle it on behalf of a Customer, Provider, or other platform participant using the Service, Daphne may act as a processor or service provider rather than as an independent controller. In those cases, the relevant participant may be responsible for providing the primary privacy notice to the affected individuals and for handling certain data subject rights requests.
‍
1.4 When Daphne may act as a separate controller for limited purposes
‍
Even where Daphne otherwise acts as a processor or service provider, Daphne may process certain Personal Data as an independent controller where necessary to maintain the security, integrity, and lawful operation of the Service, prevent abuse, defend legal claims, or comply with law.
‍
2. Personal Data we collect
‍
We may collect the following categories of Personal Data.
‍
2.1 Personal Data you provide directly
‍
• Account and contact data, such as your name, work email address, employer, job title, phone number, country, and login credentials or authentication identifiers.
• Profile and preference data, such as notification settings, user role, permissions, and communication preferences.
• Support and communications data, such as information you provide in support tickets, emails, meetings, feedback, or other correspondence with us.
• Verification data, such as information used to confirm your identity, authority, employer domain, or organisation affiliation.
‍
2.2 Personal Data we collect automatically
‍
• Technical data, such as IP address, browser type, device identifiers, operating system, time zone, authentication logs, session identifiers, and similar device and platform information.
• Usage data, such as pages viewed, features used, clicks, session duration, workflow activity, submission history, audit logs, and similar interaction data.
• Cookie and similar technology data, where applicable. For more information, see our Cookie Notice.
‍
2.3 Personal Data contained in Submission Data
‍
We may process Personal Data that you or others upload into the Service, such as names, work contact details, signatures, biographies, investor relations contacts, finance contacts, portfoliocompany contacts, employee information, and similar information included in documents, questionnaires, reports, or other materials. We do not require you to upload special category data or criminal offence data unless clearly necessary and lawful. Please avoid uploading such data unless you have assessed that doing so is necessary and lawful.
‍
3. Sources of Personal Data
‍
We collect Personal Data:
• directly from you;
• from your organisation or colleagues;
• from Customers, Providers, and other platform participants that invite you into a workflow or request;
• from documents, files, and materials uploaded into the Service;
• from your use of the Service and website;
• from identity, authentication, and security providers;
• from publicly available sources where necessary to verify business identity, sanctions status, or authority; and
• from service providers and integration partners where you or a participant enables an integration.
‍
4. How we use Personal Data and our lawful bases
‍
Where Daphne acts as controller, we use Personal Data for the purposes set out below. For individuals in the UK, EEA, or other jurisdictions that require a stated lawful basis, the relevant lawful bases are also described.
‍
4.1 To provide and administer accounts
‍
We use account, contact, profile, verification, technical, and usage data to create and manage accounts, authenticate users, manage permissions, deliver workflows, maintain audit trails, and communicate with users about the Service. Lawful basis: performance of a contract; legitimate interests in operating and securing our business.
‍
4.2 To provide support and respond to requests
‍
We use contact, support, profile, technical, and usage data to troubleshoot issues, respond to support requests, provide training, and manage relationships. Lawful basis: performance of a contract; legitimate interests in supporting users and improving service quality.
‍
4.3 To maintain security and prevent misuse
‍
We use technical, usage, account, verification, and communications data to monitor for suspicious activity, enforce our terms, prevent fraud, detect abuse, manage vulnerabilities, investigate incidents, and protect rights, property, and safety. Lawful basis: legitimate interests in security and fraud prevention; compliance with legal obligations.
‍
4.4 To improve and develop the Service
‍
We use Service Data, support data, technical data, usage data, and de-identified or aggregated information to analyse performance, improve workflows, build new features, and measure adoption. Where improvement activities involve Submission Data, we do so only as permitted by our Terms and applicable law. Lawful basis: legitimate interests in operating and improving the Service.
‍
4.5 To comply with law and defend legal claims
‍
We use relevant Personal Data to comply with legal obligations, enforce agreements, establish or defend legal claims, respond to lawful requests, and maintain required business records. Lawful basis: compliance with legal obligations; legitimate interests in protecting our legal rights.
‍
4.6 To send product and service communications
‍
We may use contact and account data to send service notices, security updates, administrative communications, and other non-marketing communications necessary for operation of the Service. Lawful basis: performance of a contract; legitimate interests in administering the Service.
‍
4.7 To send marketing communications
‍
Where permitted by law, we may use business contact details to send updates about Daphne’s services, events, or content. Lawful basis: legitimate interests in promoting our business, or consent where required by law. You can opt out of marketing communications at any time.
‍
5. How we handle Submission Data
‍
Submission Data may include commercially sensitive information and may also contain Personal Data.
‍
As between you and Daphne, Submission Data remains subject to the usage restrictions described in our Platform Terms of Service.

In particular:
‍
• we use Submission Data to operate the requested workflows and to make it available to the relevant Authorised Recipients;
• we protect Submission Data using administrative, technical, and organisational safeguards designed to reduce unauthorised access, loss, misuse, or disclosure;
• we do not sell Submission Data; and
• we do not use Submission Data to train a general-purpose or third-party generative AI model intended for use outside the Service without separate written consent.
‍
6. AI-assisted processing
‍
Daphne may use automated and AI-assisted tools within the Service to ingest, classify, extract, structure, validate, map, summarise, or quality-check information contained in uploaded materials and submissions.
‍
These tools are used to provide platform functionality. Human review may also occur for support, quality assurance, security, and error correction. You should review outputs before relying on them or submitting them as final. Where third-party model providers are used as subprocessors to support these features, we contractually require them to protect data in line with applicable obligations. No Submission Data is retained in model weights or made accessible outside the processing session.
‍
7. Who we share Personal Data with
‍
We may share Personal Data with the following categories of recipients:
‍
• Customers, Providers, and their authorised users, where you submit information into their workflows or data rooms;
• your organisation and authorised users;
• our affiliates, including Daphne Technologies Limited;
• hosting, infrastructure, security, authentication, support, analytics, and other service providers that help us operate the Service;
• AI/model and document processing providers used to provide features within the Service;
• professional advisers, such as lawyers, auditors, insurers, and consultants;
• regulators, law enforcement, courts, and public authorities where required by law or to protect legal rights; and
• actual or prospective purchasers, investors, lenders, or transaction counterparties in connection with a merger, acquisition, financing, reorganisation, or sale of assets, subject to appropriate confidentiality protections.
‍
8. International transfers
‍
Daphne operates internationally. Personal Data may be accessed or processed in the United States, the United Kingdom, Israel, the European Economic Area, and other countries in which Daphne or its service providers operate.Where Personal Data originating in the UK, EEA, or Switzerland is transferred to the United States or another country that is not recognised as providing an adequate level of protection, we take steps designed to ensure that appropriate safeguards are in place.
‍
These safeguards may include:
• adequacy regulations or adequacy decisions;
• the UK International Data Transfer Agreement;
• the UK Addendum to the European Commission’s standard contractual clauses;
• the European Commission’s standard contractual clauses; or
• other lawful transfer mechanisms recognised under applicable data protection law. You may contact us using the details below for more information about the safeguards relevant to a particular transfer.
‍
9. Data retention
‍
We retain Personal Data for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Service, maintain security and audit logs, comply with law, resolve disputes, enforce agreements, and manage our business. Retention periods vary depending on the nature of the data, the context in which it was collected, the relevant workflow, applicable contractual commitments, legal requirements, and operational needs. When we no longer need Personal Data, we will delete it, anonymise it, or securely isolate it, unless continued retention is required or permitted by law.
‍
10. Your rights
‍
10.1 Rights under UK and European data protection law
‍
Depending on the circumstances and applicable law, you may have the right to:
• access Personal Data we hold about you;
• request correction of inaccurate or incomplete Personal Data;
• request deletion of Personal Data;
• request restriction of processing;
• object to certain processing, including some processing based on legitimate interests and direct marketing;
• request portability of certain Personal Data; and
• withdraw consent where processing is based on consent.
These rights are not absolute and may be limited by law. If Daphne acts only as a processor or service provider for the relevant processing, we may direct your request to the relevant Customer or other platform participant.
‍
10.2 Rights under US state privacy laws

If you are a resident of California or another US state with an applicable consumer privacy law, you may have additional rights regarding your Personal Data, including rights to know, delete, correct, and opt out of certain processing activities. To the extent Daphne processes Personal Data subject to these laws in a covered capacity, we will honour verifiable requests consistent with applicable requirements. Daphne does not sell Personal Data and does not engage in sharing of Personal Data for cross-context behavioural advertising as those terms are defined under the California Consumer Privacy Act (as amended by the CPRA).
‍
11. Complaints
‍
If you have concerns about how we handle Personal Data, please contact us first at privacy@getdaphne.com. If you are in the UK, you may have the right to complain to the Information Commissioner’s Office (ico.org.uk). If you are in the EEA, you may also have the right to complain to your local supervisory authority.
‍
12. Security
‍
We maintain administrative, technical, and organisational safeguards designed to protect Personal Data from unauthorised access, disclosure, alteration, and destruction. No system can guarantee absolute security. If you believe your account or data has been compromised, contact us immediately at security@getdaphne.com.
‍
13. Children’s data
‍
The Service is intended for business users and not for children.
We do not knowingly collect Personal Data directly from children in connection with the Service.
‍
14. Changes to this Privacy Policy
‍
We may update this Privacy Policy from time to time. If we make a material change, we will post the updated version in the Service or otherwise notify you as appropriate. The updated version will become effective on the date stated at the top of this Privacy Policy.
‍
15. Contact us
‍
For questions, requests, or complaints regarding this Privacy Policy, contact:

Daphne Technologies LLC
750 Lexington Avenue, New York, NY 10022
privacy@getdaphne.com
security@getdaphne.com

For UK or Europe-related privacy matters, you may also contact:
‍
Daphne Technologies Limited
71 Central Street, London EC1V 8AB
privacy@getdaphne.com