Privacy Policy

We encourage you to read this Privacy Policy carefully, as it includes important information about your personal data.

Updated: 17th Sept, 2025

This privacy notice for Mnt Labs, Inc. (doing business as Capvia) ("Capvia," "we," "us," or "our"), describes how and why we collect, store, use, and share your information when you use our services (the "Services").

Data Controller Information:
Mnt Labs, Inc. (d/b/a Capvia)
United States
Email: privacy@capvia.ai
Website: capvia.ai

By using our Services, you agree to this Privacy Policy. If you do not agree, please discontinue use of our Services. For questions, contact us at privacy@capvia.ai.

1. Information We Collect

The types of personal data we collect may vary depending on how you interact with our Service, the services you use, and the preferences you express. We gather information about you from a variety of sources and through different means.

Information You Provide Directly

  • Account Registration Data

    Name, email address, password, phone number, company name, job title, professional background, and other information you provide when creating or updating your account.

  • Content You Upload or Create

    Any content you upload or create through our Services, including but not limited to text, documents, images, files, videos, audio recordings, presentations, and other materials.

  • Investment-Related Information

    Investment preferences, accreditation status and documentation, investment history, areas of interest, and other information related to investment activities.

  • Payment & Billing Information

    We may collect data necessary to process your payment if you make purchases. All payment data is stored by Stripe. You may find their privacy notice at: https://stripe.com/privacy.

  • Communications

    Messages, feedback, and other communications you send through our platform or to our team.

Information from Third-Party Services

When you authorize us to connect to third-party services:

  • Third-Party OAuth Services: When you connect your accounts from services such as Google, Microsoft, or other platforms, we access only the information you explicitly authorize through their OAuth permissions. This may include profile information, contacts, calendar data, and other data based on the specific permissions you grant.
  • Integration-Specific Data: The exact type and scope of information we access depends on your authorization settings with each third-party service and their respective terms of service.

Information Automatically Collected

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information.

Like many businesses, we also collect information through cookies and similar technologies. This includes log and usage data that our servers automatically collect when you access or use our Services.

Usage Data and Analytics

We collect information about how you interact with our Services, including pages visited, features used, actions taken, time spent, and other usage statistics. We may also derive insights and generate analytics from your use of our Services.

2. How We Use Your Information

We use the information we collect to provide, maintain, and improve our Service, such as by personalizing content and improving user experience. We may also use your information to:

  • Provide, operate, and maintain our Services
  • Process and analyze content you upload or create
  • Generate insights, analytics, and recommendations
  • Facilitate connections and communications between users
  • Manage your account and provide customer support
  • Send service-related communications and updates
  • Process payments and billing
  • Ensure security and prevent fraud
  • Comply with legal obligations and enforce our terms
  • Improve and develop new features and services
  • Conduct research and analysis

3. How We Share Your Information

We do not share your personal information with third parties, except in the following limited circumstances:

  • Between Users: We may share information between users as part of the Services, such as when you choose to connect with or share content with other users, always based on your settings and permissions.
  • Service Providers: We work with trusted third-party companies that help us operate our Services, including:
    • Cloud hosting and infrastructure providers
    • Payment processors (e.g., Stripe)
    • Analytics and monitoring services
    • AI and machine learning services
    • Communication and email services
    • Customer support tools
    These providers are bound by confidentiality agreements and only process data on our behalf.
  • With Your Consent: We may share information with other parties when you explicitly authorize us to do so.
  • Legal Requirements: We may share your information if we believe that disclosure is reasonably necessary to comply with a law, regulation, legal process, or governmental request.
  • Business Transfers: In the context of a transaction involving the sale of assets, a merger, bankruptcy proceedings, or any other type of business transaction.

We do not sell, rent, or trade your personal information to third parties. All content shared through our Services is treated as confidential, and we only facilitate sharing between users based on permissions and settings you control.

4. Data Retention

We retain your information for as long as your account remains active and as necessary to provide our services. When you delete your account:

  • Most personal data is deleted within 30 days
  • Some information may be retained for up to 90 days to facilitate account reactivation
  • Certain data may be retained longer for legal, regulatory, or legitimate business purposes

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

5. Data Security

We implement industry-standard security measures to protect your information, including encryption in transit and at rest, access controls, regular security updates, and continuous monitoring. We take special care to protect confidential business materials shared on our platform.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to provide and secure our Services, as well as to analyze usage of our platform. You can manage cookie preferences through your browser settings. For more details, see our Cookie Policy.

7. Your Privacy Rights

You have the right to:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal retention requirements)
  • Portability: Receive your data in a structured, machine-readable format
  • Restriction: Request limitation of processing for specific purposes
  • Objection: Object to certain types of data processing
  • Marketing Opt-out: Opt out of marketing communications at any time
  • OAuth Management: Revoke third-party account permissions at any time through our settings or the respective service's settings
  • Account Closure: Close your account and request data deletion

To exercise these rights, please contact us at privacy@capvia.ai. We will respond within 30 days.

California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: Request disclosure of personal information collected, used, and shared
  • Right to Delete: Request deletion of personal information (with certain exceptions)
  • Right to Opt-Out: Opt out of the "sale" or "sharing" of personal information (Note: We do NOT sell personal information)
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Limit Use: Limit use of sensitive personal information
  • Non-Discrimination: Exercise rights without fear of discrimination

To exercise these rights, email privacy@capvia.ai or call our toll-free number (when available). You may designate an authorized agent to make requests on your behalf.

European and UK Residents (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have rights under the General Data Protection Regulation (GDPR):

  • Legal Basis: We process data based on consent, contract performance, legitimate interests, or legal obligations
  • Data Portability: Receive your data in a portable format
  • Withdrawal of Consent: Withdraw consent at any time where processing is consent-based
  • Lodge Complaints: File complaints with your local data protection authority

8. AI and Automated Decision-Making

We use artificial intelligence and machine learning technologies to:

  • Process and analyze content you provide
  • Generate insights, scores, and recommendations
  • Improve our Services and user experience
  • Detect and prevent fraud or abuse

Our AI systems are designed to augment human decision-making, not replace it. You have the right to:

  • Request information about how AI processes your data
  • Request human review of automated decisions
  • Opt out of certain automated processing where applicable

9. International Data Transfers

Our servers are located in the United States. If you access our Services from outside the US, your information will be transferred to and processed in the US.

For EU/UK Users: We implement appropriate safeguards for international transfers including:

  • Standard Contractual Clauses approved by the EU Commission
  • Additional security measures and encryption
  • Limiting access to authorized personnel only

By using our Services, you acknowledge that your data may be processed in countries with different privacy laws than your jurisdiction.

10. Children's Privacy

Our Services are intended for business professionals and accredited investors. Users must be at least 18 years old (or 16 in certain jurisdictions with parental consent for business purposes).

We do not knowingly collect personal information from anyone under 16. If we discover we have collected such information, we will promptly delete it. Parents or guardians who believe we have collected information from a minor should contact us immediately at privacy@capvia.ai.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the new Privacy Policy on the Service and through email notification to registered users. Your continued use of the Service after the effective date of the revised Privacy Policy constitutes your acceptance of the terms.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us at privacy@capvia.ai.

Mnt Labs, Inc. (d/b/a Capvia)
United States
Email: privacy@capvia.ai
Website: capvia.ai

For Privacy Complaints:
You may also contact your local data protection authority if you have concerns about how we handle your personal information.