Kvesir GroupFounder Portal

Legal

Privacy Policy

Last updated: April 2025

1. Who we are

Kvesir Group ApS ("Kvesir", "we", "us") is a venture capital fund registered in Denmark. We operate a founder portal that enables our portfolio companies to collaborate with the Kvesir team, track progress, manage documents, and access AI-powered advisory tools.

Data controller: Kvesir Group ApS, Denmark. Contact: hello@kvesir.dk

2. What data we collect

  • Account data: name, email address, role (founder / staff / admin).
  • Company data: company name, metrics (MRR, runway, headcount), strategic profile, and documents uploaded to your dataroom.
  • Usage data: actions you take in the portal (ticket updates, comments, file uploads), and timestamps associated with those actions.
  • Communications: comments on tickets and messages sent through the platform.

We do not collect payment card details. We do not knowingly collect data from persons under 18.

3. How we use your data

  • To provide and operate the founder portal.
  • To send you magic-link login emails and platform notifications.
  • To generate AI-powered insights and reports about your company's progress (using anonymised, company-scoped data — never cross-company).
  • To send monthly investor updates on behalf of your company to your nominated investor contacts.
  • To comply with our legal obligations as a fund.

4. Legal basis (GDPR)

  • Contract performance: processing necessary to deliver the services you have access to as a portfolio company.
  • Legitimate interests: portfolio monitoring, fund reporting, and platform security.
  • Legal obligation: record-keeping required under Danish company and financial regulation.

5. Sub-processors and third parties

We use the following third-party services to operate the platform:

ServicePurposeLocation
RailwayApplication hosting and databaseUSA (EU region available)
Amazon Web Services (S3)File and document storageEU (eu-north-1)
Anthropic (Claude AI)AI analysis and advisory featuresUSA
ResendTransactional email deliveryUSA

Anthropic's API does not use submitted data for model training by default. We are in the process of executing a Data Processing Agreement (DPA) with Anthropic for GDPR Article 28 compliance.

6. Data retention

We retain your data for as long as your company is active in our portfolio, plus a further 5 years to comply with Danish accounting and fund reporting requirements. You may request deletion of personal data that is not required for legal compliance.

7. Your rights

Under GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of data not required for legal compliance.
  • Object to or restrict certain processing.
  • Lodge a complaint with the Danish Data Protection Agency (Datatilsynet) at datatilsynet.dk.

To exercise any of these rights, email us at hello@kvesir.dk.

8. Security

All data is transmitted over HTTPS. Access to the portal is protected by magic-link authentication (no passwords stored). Files are stored in encrypted S3 buckets. Access is role-gated — founders can only access their own company's data.

9. Changes to this policy

We may update this policy from time to time. Material changes will be communicated by email. The "last updated" date at the top of this page will always reflect the current version.

← Back to homeTerms of Use →