Privacy Policy

SPVHUB processes personal data to operate the Service. This policy explains what we collect, why, and your rights.

Controllers & processors

SPVHUB is the data controller for platform-level records (your account, audit log, billing). Where you operate an SPV, SPVHUB may act as processor under your direction for SPV-level records (members, subscriptions, distributions).

What we collect

Account identifiers (email, name), organisation records, SPV and member records you create, audit events, and technical data necessary for security and observability.

Data residency

Your organisation chooses a region at setup: EU-WEST, US-EAST, AP-SOUTH, ME-CENTRAL, or AF-SOUTH. Data stays in the elected region. Default: EU-WEST.

Retention

Operational records: duration of the relationship + 7 years (statutory). Audit log: 7 years. Marketing preferences: until revoked.

Your rights

Under GDPR / UAE PDPL / Saudi PDPL / Kenya DPA, you may request access, export, correction, or deletion. Use Settings → Privacy in the app, or email privacy@spvhub.demo.

Sub-processors

Hosting and storage infrastructure, Resend (email), Sumsub (KYC), DocuSign or Dropbox Sign (e-sign), Fireblocks (custody). A current list is maintained and kept up-to-date on request.

Contact

privacy@spvhub.demo