Back to PaladinPaladin
Paladin · Legal

Privacy Policy

Version 2026-05-09·Effective May 9, 2026

This Privacy Policy explains how Paladin ("we", "us", "our") collects, uses, shares, and protects information about you when you use the Paladin platform (the "Platform"). Because the Platform is offered exclusively to verified accredited investors, we collect a relatively large amount of sensitive personal information. We treat it with the protections described below.

1. Information We Collect

We collect the following categories of information:

  • Account information. Name, email, phone number, mailing address, password.
  • KYC / identity information. Legal name, date of birth, government-issued ID, taxpayer identification number (SSN, EIN, TIN), citizenship, source of funds, occupation, employer. For joint accounts and entity accounts, comparable information for each holder and the entity itself.
  • Accreditation evidence. Documents, attestations, and third-party verification results used to confirm accredited-investor status under SEC Rule 501(a).
  • Financial / investment information. Bank account information for funding and distributions, investment history, portfolio holdings, capital commitments, and tax documents.
  • Behavioral information. Pages visited, deals viewed, time on Platform, device and browser metadata, IP address.
  • Communications. Records of communications you send or receive through the Platform, including support requests and consent records.

2. How We Use Your Information

  • Operate, maintain, and improve the Platform.
  • Verify your identity and accreditation status.
  • Comply with our anti-money-laundering, sanctions, tax, and securities-law obligations.
  • Facilitate investments, capital calls, distributions, K-1 delivery, and other transaction lifecycle activities.
  • Match you with relevant deals based on stated preferences and eligibility.
  • Send transactional communications (capital calls, deal notifications, document availability) and, if you opt in, marketing communications.
  • Detect, investigate, and prevent fraud or misuse.
  • Enforce these terms and protect our rights.

3. How We Share Your Information

We do not sell your personal information. We share it only as needed with:

  • Service providers performing services on our behalf (cloud hosting, KYC/AML vendors, accreditation verification providers, fund administrators, SPV administrators, payment processors, e-signature providers, analytics, customer support).
  • SPV and fund administrators for deals you elect to participate in (Carta, Sydecar, Apex, or similar). Subscription, tax reporting, and capital activity require sharing your identity and financial information with these counterparties.
  • Tax authorities and regulators as required by law (IRS K-1 filings, SEC Form D filings, FinCEN reporting where applicable).
  • Professional advisors (auditors, lawyers, accountants) under duties of confidentiality.
  • Successors in connection with a merger, acquisition, or sale of all or substantially all of our assets.
  • Other parties with your explicit consent or where legally required (subpoenas, court orders, government investigations).

4. Security

We use industry-standard safeguards to protect your information, including:

  • encryption in transit (TLS) for all Platform traffic;
  • encryption at rest for sensitive identifiers (SSN, TIN, passport number, EIN) using authenticated symmetric encryption with keys stored in a managed secret store;
  • access controls limiting employee access to need-to-know;
  • logging and monitoring of access to sensitive records;
  • two-factor authentication on your account, including a phone-based one-time password during onboarding.

No system is perfectly secure. If we become aware of a breach affecting your personal information, we will notify you and applicable regulators as required by law.

5. Retention

We retain your information for as long as your account is active and for as long as needed to comply with our legal, tax, and regulatory obligations. Records related to securities transactions are typically retained for at least seven years from the date of the last related activity. Audit logs of consent and access events are retained for the same period.

6. Your Rights

Depending on where you reside, you may have rights to:

  • access the personal information we hold about you;
  • request correction of inaccurate information;
  • request deletion of personal information, subject to our legal retention obligations;
  • object to certain processing, including direct marketing;
  • port your data to another service in a structured format;
  • opt out of the sale or sharing of personal information (we do not sell or share your personal information for cross-context behavioral advertising).

To exercise these rights, submit a request through your account settings. We may need to verify your identity before responding.

7. Cookies & Tracking

We use first-party cookies and similar technologies required to operate the Platform (authentication, session management, security). We use privacy-respecting analytics that do not share personal data with third-party ad networks. We do not use cross-site tracking pixels.

8. International Users

The Platform is operated from the United States. If you access the Platform from outside the United States, your information will be transferred to and processed in the United States. By using the Platform you consent to such transfer.

9. Children

The Platform is not directed to anyone under 18 years of age. We do not knowingly collect information from anyone under 18.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated to you and a new effective date will be displayed.