Privacy Policy

Last updated: March 2, 2026

1. Introduction

PipelineRoad, Inc. ("PipelineRoad," "we," "us," or "our") operates the website located at pipelineroad.com and provides AI-powered capital raising tools and managed outreach services for fund managers (collectively, the "Service"). This Privacy Policy describes in detail how we collect, use, disclose, store, and protect information when you access or use our Service, visit our website, communicate with us, or otherwise interact with PipelineRoad.

By accessing or using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the practices described herein, you must not access or use the Service.

This Privacy Policy applies to all users of the Service, including fund managers (general partners, or "GPs"), their authorized representatives, employees, contractors, and any other individuals who interact with the Service.

2. Information We Collect

We collect information through several methods, including information you provide directly, information collected automatically through your use of the Service, and information obtained from third-party sources.

2.1 Information You Provide Directly

  • Account Registration Information: When you create an account, we collect your full name, email address, phone number, company or fund name, title, role, and professional credentials.
  • Fund and Entity Information: To facilitate investor matching and outreach, you may provide fund strategy descriptions, target fund size, investment thesis, track record data, performance metrics (including IRR, MOIC, DPI, TVPI), fund terms (management fees, carried interest, hurdle rates), prior fund information, portfolio company details, team biographies, and organizational documents.
  • Communication Content: Messages you send or receive through our outreach tools, including email templates, campaign content, investor correspondence, and communications with our team via contact forms, email, chat, or phone.
  • Payment Information: Billing address, payment method details (processed through our third-party payment processor), subscription tier, and transaction history. We do not directly store full credit card numbers on our servers.
  • Onboarding and Profile Data: Information provided during onboarding questionnaires, strategy intake forms, investor preference profiles, and any supplementary materials you upload (pitch decks, data room documents, DDQs, marketing materials).
  • Feedback and Support: Information you provide when you contact our support team, respond to surveys, participate in research, or provide testimonials.

2.2 Information Collected Automatically

  • Usage Data: Pages and features accessed, actions taken within the platform, search queries, investor profiles viewed, outreach campaigns initiated, email open and click rates, time spent on pages, feature engagement metrics, and navigation paths.
  • Device and Technical Data: IP address, browser type and version, operating system, device type, screen resolution, language preferences, time zone, and unique device identifiers.
  • Log Data: Server logs that record requests made to our servers, including timestamps, URLs requested, HTTP method, response codes, referring URLs, and error information.
  • Cookies and Similar Technologies: We use cookies, pixel tags, web beacons, local storage, and similar technologies to collect information about your interactions with the Service. See Section 8 (Cookie Policy) for details.
  • Analytics Data: Aggregated and individual-level analytics about how users interact with the Service, including session duration, page views, feature usage frequency, and conversion events.

2.3 Information from Third-Party Sources

  • Publicly Available Data: We aggregate institutional investor data from 30+ publicly available sources, including SEC filings, pension fund annual reports, foundation/endowment disclosures, public meeting minutes, and other regulatory filings.
  • Third-Party Service Providers: We may receive information from analytics providers, marketing platforms, identity verification services, and customer relationship management tools.
  • Social Media and Professional Networks: If you connect a LinkedIn or other professional network account, we may receive profile information in accordance with that platform's privacy settings and your permissions.
  • Referrals: If another user refers you to PipelineRoad, we may receive your name and contact information from that user.

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Delivery and Operations

  • To create, maintain, and secure your account.
  • To provide AI-powered investor matching based on your fund profile, strategy, and preferences.
  • To execute and manage outreach campaigns on your behalf.
  • To generate investor research reports, market intelligence, and fundraising analytics.
  • To process payments and manage your subscription.
  • To provide customer support and respond to your requests.

3.2 AI and Machine Learning Processing

  • To train, improve, and refine our AI matching algorithms and recommendation models using aggregated and de-identified data.
  • To personalize outreach content and optimize campaign timing and targeting.
  • To generate insights about investor preferences, allocation trends, and market dynamics.
  • We do not use your individual fund data to train models that would benefit competitors. Your proprietary fund information is used solely to deliver services to you unless otherwise aggregated and de-identified.

3.3 Communication

  • To send transactional communications (account confirmations, billing notifications, security alerts, service updates).
  • To send marketing communications about new features, industry insights, and relevant opportunities (with your consent where required).
  • To respond to your inquiries and provide customer support.

3.4 Analytics and Improvement

  • To analyze usage patterns and trends to improve the Service.
  • To conduct research and development for new features and products.
  • To measure the effectiveness of our outreach tools and investor matching.
  • To generate aggregate, de-identified benchmarking reports and industry analytics.

3.5 Security and Compliance

  • To detect, prevent, and address fraud, abuse, security incidents, and technical issues.
  • To comply with applicable laws, regulations, and legal processes.
  • To enforce our Terms of Service and other agreements.
  • To protect the rights, property, and safety of PipelineRoad, our users, and the public.

4. Legal Bases for Processing

We process your personal information on the following legal bases:

  • Contractual Necessity: Processing is necessary to perform our contract with you, including providing the Service, managing your account, processing payments, executing outreach campaigns, and delivering investor matching results.
  • Legitimate Interest: Processing is necessary for our legitimate business interests, including improving our Service, conducting analytics, ensuring security, preventing fraud, and marketing our products to existing customers. We balance these interests against your rights and freedoms.
  • Consent: Where required by law, we process your information based on your explicit consent, such as for marketing communications, certain cookie placements, and optional data sharing. You may withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  • Legal Obligation: Processing is necessary to comply with applicable legal requirements, including tax obligations, regulatory reporting, and responses to lawful government requests.

5. Data Sharing and Disclosure

We do not sell your personal information to third parties. We may share your information in the following circumstances:

5.1 Service Providers

We engage third-party service providers who process data on our behalf to help us operate, maintain, and improve the Service. These providers are contractually bound to use your information only as directed by us and in accordance with this Privacy Policy. Categories of service providers include:

  • Cloud Infrastructure and Hosting: Servers, storage, and computing resources.
  • Payment Processing: Subscription billing and payment handling.
  • Email Delivery: Transactional and outreach email sending and tracking.
  • Analytics: Website and product analytics platforms.
  • AI/ML Processing: Machine learning infrastructure for investor matching and content personalization.
  • Customer Support: Help desk and communication tools.
  • Security: Fraud detection, DDoS protection, and security monitoring.

5.2 Business Transfers

If PipelineRoad is involved in a merger, acquisition, reorganization, bankruptcy, dissolution, sale of assets, or similar transaction, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your information.

5.3 Legal Requirements

We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to:

  • Comply with a legal obligation, court order, subpoena, or government request.
  • Protect and defend the rights, property, or safety of PipelineRoad, our users, or the public.
  • Detect, prevent, or address fraud, security, or technical issues.
  • Enforce our Terms of Service and other agreements.

5.4 With Your Consent

We may share your information with third parties when you explicitly consent to or direct such sharing.

5.5 Aggregated and De-Identified Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you for industry research, benchmarking, marketing, and analytical purposes.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Specific retention periods include:

  • Account Information: Retained for the duration of your active account plus 3 years after account closure or last activity, to accommodate potential reactivation and comply with legal obligations.
  • Fund and Entity Data: Retained for the duration of your active account plus 2 years after termination, unless you request earlier deletion.
  • Outreach Campaign Data: Campaign content, templates, and performance metrics are retained for the duration of your active account plus 1 year after termination.
  • Payment and Billing Records: Retained for 7 years after the transaction date to comply with tax and accounting obligations.
  • Usage and Analytics Data: Retained in identifiable form for up to 26 months, after which it is aggregated and de-identified.
  • Server Logs: Retained for 90 days for security and debugging purposes.
  • Marketing Communication Records: Consent and opt-out records are retained for 5 years to demonstrate compliance.
  • Support Communications: Retained for 3 years after resolution for quality assurance and legal purposes.

When retention periods expire, we will securely delete or de-identify your personal information. You may request earlier deletion of your data, subject to our legal obligations and legitimate business needs as described in Section 9.

7. International Data Transfers

PipelineRoad is based in the United States. If you are accessing the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate.

Where we transfer personal information from the European Economic Area (EEA), the United Kingdom, or Switzerland to countries that have not been deemed to provide an adequate level of data protection, we rely on appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Data processing agreements with our service providers that incorporate adequate data protection commitments.
  • Other lawful transfer mechanisms as may be available under applicable data protection laws.

By using the Service, you acknowledge and consent to the transfer of your information to the United States and other jurisdictions as described in this Privacy Policy.

8. Cookie Policy

We use cookies and similar tracking technologies to collect information and improve the Service. A cookie is a small data file stored on your device when you visit our website.

8.1 Types of Cookies We Use

  • Strictly Necessary Cookies: Required for the basic functionality of the Service, including authentication, session management, security features, and load balancing. These cookies cannot be disabled without impairing the Service.
  • Performance and Analytics Cookies: Help us understand how visitors interact with the Service by collecting information about pages visited, time spent, errors encountered, and navigation patterns. We use this data to improve the Service. These cookies may be set by third-party analytics providers.
  • Functionality Cookies: Allow us to remember your preferences, settings, and choices (such as language or region) to provide a more personalized experience.
  • Marketing and Advertising Cookies: Used to deliver relevant advertisements, track campaign effectiveness, and limit the number of times you see an ad. These cookies may be set by third-party advertising partners and may track your activity across websites.

8.2 Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to block or delete cookies. However, blocking certain cookies may affect the functionality of the Service. You may also opt out of interest-based advertising through the Digital Advertising Alliance (DAA) at optout.aboutads.info or the Network Advertising Initiative (NAI) at optout.networkadvertising.org.

8.3 Do Not Track

Some browsers offer a "Do Not Track" (DNT) signal. There is currently no industry standard for responding to DNT signals, and we do not currently respond to them. We will update this policy if a standard is established.

9. Your Rights and Choices

Depending on your jurisdiction, you may have certain rights regarding your personal information. We honor the following rights for all users to the extent applicable under law:

9.1 General Rights

  • Right of Access: You may request a copy of the personal information we hold about you.
  • Right to Correction: You may request that we correct inaccurate or incomplete personal information.
  • Right to Deletion: You may request that we delete your personal information, subject to certain exceptions (such as legal retention obligations).
  • Right to Data Portability: You may request a copy of your data in a structured, commonly used, and machine-readable format.
  • Right to Object: You may object to the processing of your personal information for direct marketing or where we rely on legitimate interests.
  • Right to Restrict Processing: You may request that we restrict the processing of your personal information in certain circumstances.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time.

9.2 GDPR Rights (EEA, UK, and Swiss Residents)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) and equivalent local laws, including:

  • The right to lodge a complaint with your local supervisory authority (data protection authority).
  • The right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects concerning you or similarly significantly affects you.
  • The right to obtain information about international transfers and the safeguards in place.

9.3 California Residents (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) provide you with specific rights regarding your personal information:

  • Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which the information was collected, the business or commercial purposes for collection, and the categories of third parties with whom we share your information.
  • Right to Delete: You have the right to request that we delete personal information we have collected from you, subject to certain exceptions.
  • Right to Correct: You have the right to request that we correct inaccurate personal information.
  • Right to Opt Out of Sale or Sharing: We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising purposes. If we change this practice, we will provide a "Do Not Sell or Share My Personal Information" link.
  • Right to Limit Use of Sensitive Personal Information: To the extent we collect sensitive personal information as defined by the CPRA, you have the right to limit its use and disclosure.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA/CPRA rights. You will not receive different pricing, quality of service, or be denied access based on the exercise of your rights.

To exercise any CCPA/CPRA rights, please contact us at privacy@pipelineroad.com. We will verify your identity before processing your request. You may also designate an authorized agent to make a request on your behalf.

California "Shine the Light" Law: California Civil Code Section 1798.83 permits California residents to request information regarding the disclosure of their personal information to third parties for direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes.

9.4 Exercising Your Rights

To exercise any of the rights described above, please contact us at privacy@pipelineroad.com. We will respond to your request within 30 days (or within the timeframe required by applicable law). We may require verification of your identity before processing certain requests. If we are unable to fulfill your request, we will provide an explanation.

10. Data Security

We implement comprehensive technical and organizational security measures designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption: Data is encrypted in transit using TLS 1.2 or higher and at rest using AES-256 encryption or equivalent standards.
  • Access Controls: Role-based access controls, multi-factor authentication for administrative access, and least-privilege principles for system access.
  • Infrastructure Security: Hosted on enterprise-grade cloud infrastructure with SOC 2 compliance, regular security audits, vulnerability scanning, and penetration testing.
  • Employee Training: All employees and contractors with access to personal information receive regular privacy and security training.
  • Vendor Security: Third-party service providers are subject to security assessments and contractual obligations to maintain appropriate security measures.
  • Monitoring: Continuous monitoring of our systems for unauthorized access, anomalous activity, and potential security threats.

While we strive to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security and are not responsible for the actions of third parties or for any unauthorized access that occurs despite our commercially reasonable efforts.

11. Data Breach Notification

In the event of a data breach that compromises the security, confidentiality, or integrity of your personal information, we will:

  • Investigate the incident promptly and take appropriate steps to contain and remediate the breach.
  • Notify affected individuals without unreasonable delay and no later than 72 hours after becoming aware of a breach that is likely to result in a risk to the rights and freedoms of individuals, where required by applicable law (including GDPR Article 33).
  • Notify relevant supervisory authorities as required by applicable data protection laws.
  • Provide information about the nature of the breach, the categories and approximate number of individuals affected, the likely consequences, and the measures taken or proposed to address the breach.
  • Cooperate with law enforcement and regulatory authorities as appropriate.

12. Children's Privacy

The Service is designed for professional use by fund managers and their authorized representatives in the financial services industry. The Service is not directed at, and we do not knowingly collect personal information from, individuals under the age of 18. If we become aware that we have collected personal information from a person under 18, we will take steps to delete such information promptly. If you believe that a child under 18 has provided us with personal information, please contact us at privacy@pipelineroad.com.

13. Third-Party Links and Services

The Service may contain links to third-party websites, applications, or services that are not operated or controlled by PipelineRoad. This Privacy Policy does not apply to third-party services. We encourage you to review the privacy policies of any third-party services you access. We are not responsible for the privacy practices or content of third-party services.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes to this Privacy Policy, we will:

  • Post the updated Privacy Policy on this page with a revised "Last Updated" date.
  • Notify registered users via email at least 30 days before material changes take effect.
  • Where required by applicable law, obtain your consent before applying material changes to the processing of your personal information.

Your continued use of the Service after the effective date of the updated Privacy Policy constitutes your acceptance of the changes. We encourage you to review this Privacy Policy periodically.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

If you are located in the EEA, UK, or Switzerland and have concerns about our data processing that we have not adequately addressed, you have the right to lodge a complaint with your local data protection supervisory authority.

Effective Date: March 2, 2026

PIPELINEROAD

AI-powered capital raising for emerging fund managers. Thesis-driven investor matching across 30+ institutional data sources.

Platform
Who It's For
Solutions
Resources
Company
Ask AI about us
Capital raising intelligence.
LP trends, allocation data, and fundraising strategies. No spam.
© 2026 PipelineRoad. All rights reserved.
Privacy Policy Terms of Service BD Registration Brand Signatures