Privacy policy

Privacy policyCapQuest Software Limited (“CapQuest,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy outlines how we collect, use, disclose and protect your personal information when you use our website (the “Website”), application (the “Application”) and services (the "Services").

Data we collect

When you access our Website or Application or make any use of our Services, we may collect and process the following types of personal data:

Personal Identifiers: Your name, address, email, phone number, date of birth, residency and visa status, nationality, and passport/ID information.
Cap Table Data: Your business, management and shareholder data (such as name, address, email, phone number, date of birth, and other identifying information), share ledger transaction data, personal data contained in the company legal documents (such as board resolutions, term sheets, shareholder agreements and other legal documents) and any other cap table related documents and information.
Account Information: Details you provide during account registration, such as username, password, and user preferences.
Transaction Data: Details about services you purchase, including payment and billing information.
Technical Data: IP addresses, browser type, operating system, device information, time zone settings, and usage data gathered through cookies and similar technologies.
Communication Data: Communications you send to us directly or indirectly via email, Website, or the Application, including support requests, emails, feedback, and other interactions.
Employee information: Information including employee plan benefits information and personal data (including the email, phone number, age, nationality and passport information).
Legal requests: Information required to comply with laws, the requests and directions of law enforcement authorities or court orders.

How we collect data

We collect personal data in several ways to mainly provide and improve our Services, including:

Data You Provide Directly: Information you share when you register for an account, use our Services, fill out forms, communicate with us via email, or participate in surveys, promotions or attend or organize an event. You may need to provide personal information if you have a contract or account with us to identify our customers and users. We may collect your personal information when you become a partner as a supplier, consultant, or employee.
Automated Data Collection: Information collected automatically when you interact with our Website and Application, such as IP addresses, device details, browser type, and usage data, often gathered through cookies and similar tracking technologies.
Third-Party Sources: Data obtained from external sources, such as service providers or publicly available platforms, where permitted by applicable law. We will only collect information from third parties when we reasonably believe that you have consented to these sources collecting and disclosing the information to us.

How we use this data

Your personal data may be used for the following purposes:

To Provide Our Services: To register you as a customer, maintain your account and deliver the Services.
To Improve and Develop Services: To analyze usage trends, enhance features, and develop new offerings.
Operational reasons: To improve efficiency, training, and quality control.
To Communicate with You: To send transactional emails, updates, newsletters that you have agreed to receive and respond to inquiries or feedback.
To Comply with Contracts: To contact you for matters related to our relationship or contract with you and to comply with our contractual obligations.
To Process Payments: To process and manage transactions and share data with credit reference agencies to prevent fraudulent purchases.
To Comply with Legal Obligations: To meet legal and regulatory requirements and to prevent and investigate fraud and other misuses. To protect our rights and/or our property. Conduct checks to identify customers.
To Provide Support: To give you access to portals with your log in details or resolve technical issues, troubleshoot, and offer customer support.
To Hire: For hiring and immigration purposes.
Marketing: To notify you of our products and services, promotions that you may like.

If you agree, we may share your data with our partner companies so that they may offer their products and services.

How we share your information

We may share your personal data with:

Service Providers: Third-party vendors that assist with our operations, such as payment processors, IT service providers and analytics partners. We may also share your personal information with our hiring team, employees, government bodies and agencies, for the purposes of operation of our business, to complete immigration processes and for payroll and medical insurance purposes.
Contractual and Legal Obligations: If we are under a duty to disclose or share your data in order to comply with any legal obligation, or in order to enforce or apply any contract with you or other agreements; or to protect our rights, property, or safety of our employees, customers, or others.
Court and Regulatory Authorities: We will share your personal information if we think we have to in order to comply with the law (including responding to a court order or subpoena). We may also share personal information if a government agency or investigatory body requests it.
Business Transfers: In connection with mergers, sales of company assets, or corporate restructuring. In the event that we sell or buy any business or assets, in which case we may disclose personal data we hold to the prospective seller or buyer of such business or assets under a confidentiality agreement.

Cap Table Data is never shared without explicit instructions from the customer. All Cap Table information, including equity details, documents, and shareholder data is stored in secure cloud and the data center provider does not have access to this information.
We will not sell your personal data to any third parties.

Marketing

We may notify you of our products and services, promotions that you may like.
If you do not wish to receive marketing at any time, you can opt out by using the function at the end of the email or by contacting us directly.

International data transfers

Your personal data may be transferred to and processed in countries outside your own. We ensure that any such transfer complies with applicable data protection laws by implementing appropriate safeguards, such as standard contractual clauses or equivalent mechanisms.

Cookies and tracking technology

We use cookies and similar technologies to enhance user experience, analyze site usage, and offer personalized content. You can manage or disable cookies through your browser settings. For detailed information, please see our Cookie Policy available on our Website.

How we store data

Your data is securely stored in a high-security data center located in the USA.
We implement robust security measures to protect your personal data from unauthorized access, disclosure, alteration, and destruction, including firewalls and access controls to control access to your personal information. However, no method of transmission over the internet is entirely secure, and we cannot guarantee absolute security.
We have further implemented a Data Breach Response Plan and all of our team members are trained on a regular basis in the best practices in terms of Data Protection and the regulatory framework which with CapQuest complies.

Your rights

It is important for you to note that you have legal rights with respect to the Personal Data we hold. More specifically and depending on your location, you may have some or all of the following rights regarding your personal data:

Access: Request a copy of your personal data that we will provide to you in an electronic format. At our discretion, we may require you to verify your identity before releasing any requested information.
Rectification or Erasure: Request corrections to personal data you deem inaccurate or incomplete or request deletion of data under certain conditions and we will do so within one (1) month of the request; however, you may need to verify yourself before we can correctly address your request. We will take reasonable steps to destroy or amend inaccurate or out-of-date data, however, CapQuest is not responsible for the accuracy of the data you provide.
Restriction: Request restrictions on processing your personal data under certain conditions.
Data Portability: Request to transfer your personal data to another service provider in a commonly used format, such as an Excel file, especially when we process it based on your consent or to deliver our Services.
Objection: Object to personal data processing on certain conditions. We will honor your request to cease processing unless we have compelling legitimate grounds that outweigh your interests or if processing is necessary to establish, exercise, or defend a legal claim.
Withdrawal of Consent: Withdraw consent at any time when data collection, processing and transfer is based on your consent. This may include situations where you opt out of receiving marketing messages for example. To stop receiving such emails, you can click the “unsubscribe” link in any marketing email or contact us.
Appealing to a Supervisory Authority: If you believe that our handling of your personal data breaches data protection laws, you may lodge an appeal with the relevant data protection supervisory authority.

To exercise these rights in the jurisdiction where these apply, please contact us using the details set out at the end of this Privacy Policy. We will respond to any request promptly but no later than within thirty (30) days of receipt. We may need to verify you to address your query, and a fee may apply for processing your request.
Please be aware that your rights in relation to personal information are not absolute and regardless of your request, some information cannot be amended or deleted due to legal or technical reasons.
If you believe that we have violated any of the rights concerning personal data about you, you may have a right to lodge a complaint with a supervisory authority, the Commissioner of Data Protection, or another regulatory agency. Before you do so, we encourage you to first reach out to us to address your concern directly.
If you still need to contact the supervisory authority the details are set out below:
DIFC Commissioner of Data Protection’s Office at: Dubai International Financial Centre Authority
Level 14, The Gate Building
+971 4 362 2222
commissioner@dp.difc.ae
If the Customer is subject to the EU General Data Protection Regulation, there may be other supervisory authorities that may have jurisdiction in case of a complaint by such Customer.

Data retention

We retain personal data only as long as necessary for the purposes outlined in this Privacy Policy or as required by law. When data is no longer needed for the purpose for which it was collected, we will take all reasonable steps to delete or anonymize it in a secure manner. We will, to the extent required by law, comply with any statutory retention periods.

Third-party links

Our Website, Application and Services may include links to third-party websites. We are not responsible for the privacy practices of such websites. We encourage you to read the privacy policies of any third-party sites you visit and only continue to use any third-party link after you have considered and are satisfied with their privacy practices.

Children’s privacy

Our Services are not intended for minors under 18 years of age. Unless there is a legal reason to collect personal data from a minor as part of our legal obligations (for example employees’ dependents details), we do not knowingly collect personal data from minors under 18. If you believe that we have collected data from a child for any other reason than required under the law, please contact us, and we will take appropriate steps to delete such information.

Changes to this privacy policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. If we make material changes to this Privacy Policy, a revised version with the "Last Updated" date shall be uploaded to our Website. Your continued use of the Website and/or our Services following any changes to this Privacy Policy constitutes your acceptance of any such changes made.
Any cause of action arising out of or related to this Privacy Policy that you may have against CapQuest must commence within one (1) year after the cause of action accrues, otherwise such a cause of action is permanently barred.

Contact us

If you have any questions or concerns about this Privacy Policy, your data or our data practices, please contact us at: contact@capquest.io or by writing to us at the following address:
CapQuest Software Limited
Innovation Hub One, DIFC, Dubai, UAE