Cross icon
last updated
MAY 22, 2026

Privacy Policy

This document constitutes the Privacy Policy as part of our Terms of Service. By using our Services and Platform, you acknowledge and agree to our Terms & Conditions and statements. Your continued use of our Services and Platform after we revise these Terms means you accept any changes we make, please check back periodically on this page for updates. Version 3.0 - Published on May 22, 2026 and with Effective Date of June 26, 2026.

PART VIII — DATA PROTECTION AND PRIVACY

29. Data Controller and Contact

29.1. KAPITAL Luxembourg S.à r.l. and KAPITAL Issuer I S.à r.l. act as joint data controllers for personal data processed in connection with the Services. The registered address for both entities is 2 Rue Plaetis, L-2338 Luxembourg.

29.2. The Data Protection Officer for the KAPITAL Group is Dario Regazzoni. Data protection enquiries may be directed to: admin@kapital.inc.

30. Categories of Personal Data

30.1. The KAPITAL Group may collect and process the following categories of personal data: (a) contact information (name, email address, telephone number, postal address); (b) identification data (passport or identity document copies, date of birth, nationality); (c) professional information (employer, position, professional qualifications); (d) financial information (bank account details, source of funds, net worth declarations); (e) compliance data (KYC/AML screening results, PEP and sanctions screening, adverse media monitoring); (f) platform usage data (login records, IP addresses, browser information, pages visited); and (g) communication records (emails, telephone recordings, electronic correspondence).

31. Legal Basis for Processing

31.1. Personal data is processed on one or more of the following legal bases: (a) the performance of a contract to which the data subject is a party, or in order to take steps at the request of the data subject prior to entering into a contract (GDPR Article 6(1)(b)); (b) compliance with a legal obligation to which the KAPITAL Group is subject, including AML-CTF obligations and regulatory reporting requirements (GDPR Article 6(1)(c)); (c) the legitimate interests of the KAPITAL Group, including fraud prevention, platform security, business development, and the improvement of Services (GDPR Article 6(1)(f)); and (d) the data subject’s consent, where applicable (GDPR Article 6(1)(a)), for example for marketing communications.

32. Data Retention

32.1. Personal data is retained for no longer than is reasonably necessary to fulfil the purposes for which it was collected, and in any event for at least the following minimum periods: (a) for the duration of the contractual relationship and for a period of ten (10) years thereafter (in respect of transactional and contractual data); (b) a minimum of five (5) years after the end of the business relationship (in respect of KYC/AML compliance data, as required by the AML-CTF Laws); and (c) such longer period as may be required by Applicable Laws or in connection with actual or anticipated legal proceedings. Aggregated and anonymised data may be retained indefinitely.

32.2. The periods set out in Clause 32.1 are minimum retention periods. Following their expiry, KAPITAL reviews and, where appropriate, deletes or anonymises personal data on a periodic basis and within a reasonable timeframe, in accordance with its internal data retention policies and procedures as updated from time to time. KAPITAL does not warrant that deletion will occur on any specific date, and the continued retention of personal data beyond a minimum retention period, whether pending periodic review, for technical or operational reasons, or otherwise shall not of itself constitute a breach of these Terms.

33. Data Security and Processing Controls

33.1. KAPITAL implements appropriate technical and organisational measures designed to ensure a level of security appropriate to the risk, including, where appropriate, encryption, access controls, authentication mechanisms, audit logs and restricted processing protocols.

Personal data is processed on a need-to-know basis and access is restricted to authorised personnel and service providers who are subject to confidentiality and data protection obligations.

KAPITAL does not sell, rent, or commercially exploit personal data collected in connection with the Services.

Where third-party processors are engaged, KAPITAL seeks to ensure that such processors are subject to contractual obligations consistent with applicable data protection laws, including obligations relating to confidentiality, security, and restricted use of personal data.

In the event of a personal data breach, KAPITAL shall comply with its obligations under applicable data protection laws, including, where required, notification to competent supervisory authorities and affected data subjects.

Data subjects acknowledge that certain processing activities are required for compliance with legal and regulatory obligations, including AML-CTF requirements, and that such data may be retained notwithstanding any request for erasure, to the extent permitted or required by Applicable Laws.

33. Data Subject Rights

33.1. Data subjects have the following rights under the GDPR, which may be exercised by contacting the Data Protection Officer at admin@kapital.inc:

  • Right of access: to obtain confirmation as to whether personal data is being processed and, where that is the case, access to the personal data. The first copy of such data shall be provided free of charge; a reasonable fee may be charged for further copies or manifestly excessive requests.
  • Right to rectification: to obtain the correction of inaccurate personal data without undue delay.
  • Right to erasure: to obtain the deletion of personal data where the data is no longer necessary for the purposes for which it was collected, subject to KAPITAL’s legal obligations to retain certain data (including under the AML-CTF Laws).
  • Right to restriction of processing: to obtain the restriction of processing in certain circumstances, including where the accuracy of the data is contested.
  • Right to data portability: to receive personal data in a structured, commonly used, and machine-readable format, where processing is based on consent or a contract and is carried out by automated means.
  • Right to object: to object to processing based on legitimate interests or for direct marketing purposes.
  • Right to withdraw consent: where processing is based on consent, to withdraw consent at any time without affecting the lawfulness of processing before its withdrawal.
  • Right to lodge a complaint: to lodge a complaint with the Commission Nationale pour la Protection des Données (CNPD), the Luxembourg supervisory authority, or any other competent data protection authority.

34. Cookies

34.1. The Site uses cookies and similar technologies. Strictly necessary cookies are used without consent. All other cookies (including analytics, marketing, and preference cookies) require the User’s active, informed consent, which is obtained through the cookie consent mechanism on the Site. Certain authentication, security and session-management technologies used within secured areas of the Platform may be considered strictly necessary for the provision and security of the Services and may therefore operate without separate consent where permitted under applicable laws.

34.2. Users may manage their cookie preferences at any time through their browser settings or the cookie consent mechanism. Disabling non-essential cookies may affect the functionality of the Site.

35. Third-Party Processors and Transfers

35.1. The KAPITAL Group uses the following categories of third-party data processors: (a) cloud infrastructure services (Amazon Web Services, with data stored in European data centres); (b) compliance and KYC screening services (LSEG, for identity verification, sanctions screening, and ongoing AML monitoring); and (c) communication and productivity tools used for internal operations. All third-party processors are subject to appropriate data processing agreements.

35.2. Where personal data is transferred outside the European Economic Area, the KAPITAL Group ensures that appropriate safeguards are in place, including standard contractual clauses, adequacy decisions, or other mechanisms recognised under the GDPR.

36. Marketing

36.1. Where the User has provided consent, KAPITAL Luxembourg may send marketing communications by email about its services, promotions, and developments. Users may opt out of marketing communications at any time by contacting admin@kapital.inc or by using the unsubscribe mechanism in any marketing email.

Important informations : Investing in private markets deals, funds and companies involves risks, including illiquidity, lack of dividends, loss of investment and dilution. This communication is intended for accredited experienced investors, advisors and investment firms, with sufficient experience and knowledge to understand the processes and risks involved. If you feel that you are not in a position to assess your expertise, please refrain from proceeding. Please read our important disclaimers.

This website (the "Kapital Platform" or "Platform") is operated by KAPITAL Luxembourg Sàrl (Autorisation d'établissement N° 10171279 / 0), with office at 2 Rue Plaetis, L-2338 Luxembourg. We provide Financial Advisory Services under the Swiss Financial Service Act and Luxembourg based issuer services under the Securitisation Act 2004 & the Fiduciary Act 2003. Please note that the investment schemes mentioned are not subject to the supervision of the CSSF, European Regulators or the FINMA, may not be distributed to non-qualified investors, and that investors, therefore do not benefit from the protection offered to retail investors. In no case shall the KAPITAL Group SA, its related entities and partners be responsible for any damages, direct or indirect, in any way whatsoever, including damages related to investment. The content of this website does not constitute an offer to enter into any transaction and is intended for general information purposes only. This is not an offer, solicitation of an offer, or advice to buy or sell securities in any jurisdiction where the KAPITAL Group SA and its related entities & partners are not registered. The information contained on this Platform should not be considered by users as an alternative for the exercise of their own judgement, a careful analysis is necessary, and it is recommended to potential users, before making any decision, to always consult a qualified professional advisor to obtain appropriate advice, in particular financial, legal, accounting or tax.

© Copyright 2024 KAPITAL Luxembourg Sàrl - All Rights Reserved