Osprey Analytics LLC ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, website, and services (collectively, the "Service").
By using the Service, you consent to the practices described in this Privacy Policy. If you do not agree, please do not use the Service.
Account Information: When you register, we collect your name, email address, password, phone number (optional), and professional information (such as your role as a Client or Accountant).
Payment Information: When you subscribe, our payment processor (Stripe) collects your payment card information. We do not store complete credit card numbers on our servers.
Financial Documents: You may upload K-1 documents, investment records, and other financial documents. These may contain sensitive financial and tax information.
Investment Data: You may enter information about your private equity investments, including fund names, investment amounts, capital calls, distributions, and valuations.
Communications: When you contact us for support or feedback, we collect the content of your communications.
Usage Data: We automatically collect information about how you use the Service, including pages visited, features used, and time spent.
Device Information: We collect device type, operating system, browser type, IP address, and device identifiers.
Cookies and Similar Technologies: We use cookies to maintain your session, remember your preferences, and analyze usage patterns.
Log Data: Our servers automatically record your IP address, access times, and referring URLs.
We use the information we collect to provide and improve the Service, manage your account, perform investment calculations (IRR, XIRR, TVPI, DPI, etc.), send service-related communications, and comply with legal obligations.
We do not sell your personal information. We may share information with trusted service providers (Stripe, SendGrid, DigitalOcean), when required by law, in connection with a business transfer, or with accountants you authorize to access your data.
We implement industry-standard security measures including AES-256-GCM field-level encryption for EINs and SSNs, TLS encryption in transit, TOTP-based two-factor authentication, IP-bound sessions, audit logging, and regular automated backups. No method of transmission or storage is 100% secure.
We retain your information for as long as your account is active. After termination you have 30 days to export your data. We delete User Data within 90 days of termination; backup copies may persist for up to 180 days.
We use essential cookies (required for the Service to function), preference cookies (remember your settings), and analytics cookies (help us improve the Service). You can control cookies through your browser settings.
The Service is not intended for children under 18. We do not knowingly collect personal information from children.
Your information may be transferred to and processed in the United States, where our servers are located.
California residents may request to know what personal information we collect, request deletion, and opt out of sale (we do not sell personal information). Contact us to exercise these rights.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy and updating the "Last Updated" date.
The Service may contain links to third-party websites. We are not responsible for their privacy practices.