Privacy Policy — Knowmad Enterprises

Last updated: August 14, 2025

1) Who we are

Knowmad Enterprises (“Knowmad,” “we,” “our,” or “us”) operates an investment platform that connects investors with private funds and offerings and provides related services such as investor education, onboarding, and communications.

Contact: [replace with your best email, e.g., privacy@knowmadenterprises.com]

Mailing address: [replace with business mailing address, e.g., 123 Example Ave, Los Angeles, CA 90001]

This Policy explains how we collect, use, disclose, and protect personal information when you use knowmadenterprises.com, our investor portal, and any other sites or services that link to this Policy (collectively, the “Services”).

2) Scope & audience

This Policy applies to:

Website visitors, prospective investors, and investors using our investor portal.

Individuals who interact with us for business development, partnerships, or events.

It does not cover employees or job applicants (we provide separate notices as required).

3) Information we collect

A. You provide directly

Identifiers & contact info: name, email, phone, address, government ID numbers (as legally required), date of birth.

Investor profile & suitability: accreditation status, investment objectives, risk profile, income/asset attestations, questionnaires.

KYC/AML documentation: identity verification documents (e.g., driver’s license, passport) and related data for compliance checks.

Financial & transaction info: wire details, investment commitments, capital calls, distributions, tax forms (e.g., W-9/W-8).

Communications: emails, call notes, messages, meeting details, support requests.

Marketing preferences: newsletter opt-in/opt-out, SMS consent.

B. Collected automatically

Usage & device data: IP address, browser type, pages viewed, referring/exit pages, timestamps.

Cookies & similar tech: pixels, SDKs, local storage (see Cookies & Analytics below).

C. From third parties

Verification & compliance partners: identity, sanctions, and adverse media checks.

Fund managers, custodians, transfer agents, and investor portals: investment records, statements, subscription status.

Marketing & CRM tools: lead sources, campaign performance.

Public & professional sources: LinkedIn, company websites, filings.

4) How we use information

Provide the Services: create and manage accounts, enable portal access, process subscriptions, capital calls, and distributions.

Verify identity & compliance: perform KYC/AML/OFAC checks; meet regulatory obligations.

Communications: onboarding, deal updates, statements, tax docs, support.

Business operations: analytics, product improvement, security monitoring, fraud prevention.

Marketing (with your consent where required): newsletters, event invites, product announcements.

Legal: enforce terms, protect rights, respond to lawful requests.

5) How we share information

We may share personal information with:

Service providers / processors: IT hosting, investor portal software, KYC/AML providers, CRM, email/SMS platforms, analytics, document e-signature, and secure file storage—only as needed to perform services for us.

Fund managers, custodians, transfer agents, broker-dealers, administrators: to process investments you authorize and maintain records.

Professional advisors: attorneys, auditors, and consultants under confidentiality.

Business transfers: in connection with a merger, acquisition, or asset sale.

Legal & compliance: to comply with laws, regulations, subpoenas, or to protect rights, safety, and security.

We do not sell personal information as “sale” is defined by applicable law. We do not knowingly allow third parties to use your data for their own marketing without your consent.

6) Cookies & analytics

We use cookies and similar technologies to:

Keep you logged in and secure the portal.

Measure site performance and improve content.

Understand engagement with our communications.

You can control cookies through your browser settings. Some features may not work without certain cookies. Where required by law, we present a cookie banner and honor your choices.

Do Not Track & Global Privacy Control (GPC): We treat GPC signals as a request to opt-out of certain tracking where legally required.

7) Data retention

We keep personal information only as long as necessary to provide the Services and comply with legal, regulatory, tax, and accounting requirements (often 5–7+ years for investment records and KYC/AML, depending on jurisdiction). When no longer needed, we will delete or de-identify information consistent with our retention schedule.

8) Security

We use reasonable administrative, technical, and physical safeguards designed to protect personal information (e.g., encryption in transit, access controls, least-privilege practices). No method of transmission or storage is 100% secure.

9) Your choices

Email marketing: click “Unsubscribe” in our emails or contact us.

SMS marketing: reply STOP to opt-out; HELP for help. Msg/data rates may apply.

Cookie controls: adjust browser settings or use our cookie banner (where provided).

Portal & account info: contact us to request changes or support.

10) Your privacy rights (by region)

California (CPRA)

If you are a California resident, you may have the right to:

Know/Access: the categories and specific pieces of personal information we collected about you.

Delete: certain personal information, subject to legal exceptions.

Correct: inaccurate personal information.

Limit use of sensitive information: where applicable.

Opt-out of “sharing” for cross-context behavioral advertising: We do not “sell” personal information, and we do not “share” personal information for cross-context behavioral advertising.

Non-discrimination: we will not discriminate against you for exercising your rights.

EEA/UK/Switzerland (GDPR)

Where GDPR applies, you may have rights to access, rectify, erase, restrict, object, and data portability; when processing is based on consent, you can withdraw consent at any time without affecting prior processing. We rely on legal bases such as contract, legal obligation, legitimate interests, and consent (where required).

Exercising rights: Email us at [insert your privacy email] with “Privacy Request” in the subject. We may need to verify your identity and jurisdiction before responding. Authorized agents may submit requests where permitted by law with appropriate proof.

11) International data transfers

We are based in the United States and may process information in the U.S. and other countries. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) for cross-border transfers.

12) Children’s privacy

Our Services are not directed to children and we do not knowingly collect personal information from individuals under 16. If you believe a child has provided personal information, please contact us and we will delete it as required by law.

13) Third-party sites & services

Our Services may link to third-party websites or services (including investor portals and document-signing tools). We are not responsible for their privacy practices. Review their policies before providing personal information.

14) Communications & TCPA/CAN-SPAM

By providing your contact details, you may consent to receive emails, calls, or text messages about our Services. You can opt out at any time as described above. We comply with applicable marketing laws, including CAN-SPAM and TCPA (where applicable).

15) Changes to this Policy

We may update this Policy from time to time. The “Last updated” date indicates the latest revision. Significant changes will be posted on our website and/or communicated where appropriate.

16) How to contact us

Email: [privacy@knowmadenterprises.com (replace if different)]

Mail: [Insert mailing address]

If applicable: You may also contact our Data Protection Officer at the same email.

17) Additional U.S. state disclosures (summary)

Depending on your state, you may have rights similar to those listed above (e.g., Virginia, Colorado, Connecticut, Utah). We will honor applicable requests consistent with local law.

18) Important notices for investors

Certain investment records must be retained for regulatory and tax reasons and may not be deleted upon request.

Where we process information as a service provider/processor for a fund manager, custodian, or administrator, we may direct you to them to exercise certain rights.

We do not store full bank account or card numbers on our servers when payments are handled by custodians or third-party processors; their privacy and security policies apply as well.