PostMoney Privacy Policy
Effective date: July 16, 2026 Last updated: July 16, 2026
1. Introduction
Innoventions LLC, a Delaware limited liability company, operates PostMoney, a portfolio intelligence and reporting software platform for investment organizations.
In this Privacy Policy, “Innoventions,” “PostMoney,” “we,” “us,” and “our” refer to Innoventions LLC. “Services” means the PostMoney website, application, software, features, support services, and related services that link to this Privacy Policy.
This Privacy Policy explains how we collect, use, disclose, retain, and protect personal information when you:
- visit postmoney.io or another website that links to this policy;
- create or use a PostMoney account;
- act as an administrator or authorized user for a customer organization;
- upload, import, submit, review, or share information through PostMoney;
- communicate with us; or
- otherwise interact with the Services.
PostMoney is designed primarily for organizations and individuals acting in a professional or business capacity. It is not intended for personal, family, household, or consumer investment management.
2. Our Relationship With Customer Organizations
A customer organization may use PostMoney to process documents, data, and other information relating to its portfolio companies, investments, funds, limited partners, employees, service providers, or other third parties.
For personal information contained in content submitted by or for a customer organization, the customer organization generally determines why and how that information is processed. In that context:
- the customer organization generally acts as the business, controller, or similar responsible party under applicable privacy law; and
- Innoventions generally acts as its service provider, processor, or similar vendor.
For account administration, billing, product analytics, security, marketing, and our direct business relationships, Innoventions may act as the business or controller.
If your information was submitted to PostMoney by one of our customers, requests concerning that information should generally be directed to that customer. We will assist customers in responding to requests where required by contract or applicable law.
3. Information We Collect
The information we collect depends on how you interact with PostMoney.
3.1 Account and profile information
We may collect:
- name;
- business email address;
- telephone number;
- job title;
- employer or organization;
- account credentials and authentication information;
- profile settings;
- organization membership;
- permissions and user roles;
- fund, investment vehicle, portfolio, and organization information;
- invitations and invitation status; and
- information received from a third-party identity provider, such as Google, when you use single sign-on or another connected authentication method.
3.2 Customer Content
“Customer Content” means information submitted to or processed through the Services by or on behalf of a customer organization.
Customer Content may include:
- portfolio-company updates;
- financial and operating reports;
- board materials;
- investment records;
- fund and investment vehicle information;
- investment amount, ownership, round, and investment-date information;
- revenue, cash, burn, runway, growth, and other key performance indicators;
- qualitative company updates and strategic information;
- spreadsheets, presentations, PDFs, documents, images, and attachments;
- pasted text;
- inbound emails and email attachments;
- internal notes, comments, discussions, and tasks;
- report content;
- portfolio-company contact information;
- information imported from connected services;
- source evidence, annotations, and document locations;
- information included in shared reports; and
- other information selected or provided by the customer.
Customer Content may contain confidential business information or personal information relating to individuals other than the account holder. Customers are responsible for determining whether they have the necessary rights and lawful authority to submit and process that information through PostMoney.
3.3 Connected-service information
When you connect PostMoney to Google Drive, Dropbox, email, or another third-party service, we may receive:
- account identifiers;
- authentication and authorization tokens;
- file and folder names;
- file metadata;
- document content;
- email content and attachments;
- source URLs or file identifiers;
- permission information; and
- other information you authorize the connected service to provide.
We use connected-service information only as described in this policy, our agreement with the customer, and the permissions presented when the connection is established.
You may be able to disconnect a connected service through PostMoney or through the third party’s account settings. Disconnecting a service does not necessarily delete information that was previously imported into PostMoney.
3.4 AI inputs, extracted information, and generated outputs
PostMoney uses artificial intelligence and related automated systems to help process Customer Content. We may collect or generate:
- prompts and processing instructions;
- document text and normalized document content;
- optical character recognition results;
- extracted financial and operating values;
- metric candidates and proposed metric mappings;
- company-matching candidates;
- reporting-period candidates;
- narrative summaries;
- qualitative signals;
- confidence scores;
- evidence citations and source locations;
- proposed report content;
- conversations with AI-assisted features;
- user corrections and review decisions; and
- technical metadata relating to AI processing.
AI-generated and AI-extracted information may be inaccurate, incomplete, or misleading. PostMoney is designed to support human review and does not replace professional judgment.
3.5 Billing and transaction information
If you purchase a subscription, we and our payment processor may collect:
- billing name and address;
- business and tax information;
- payment method type and limited payment method details;
- payment processor customer identifiers;
- subscription plan;
- usage and overage information;
- invoices;
- charges;
- credits;
- refunds;
- failed-payment information;
- promotion or discount information; and
- transaction history.
Payment card information is generally collected and processed directly by our payment processor. We do not intend to store complete payment card numbers or card security codes on PostMoney systems.
3.6 Device, usage, and technical information
We may automatically collect:
- IP address;
- device identifiers;
- browser type and version;
- operating system;
- device type;
- referring and exit pages;
- pages and features viewed;
- buttons and links selected;
- session dates, times, and duration;
- search and navigation activity;
- application events;
- UTM parameters and attribution information;
- approximate location derived from IP address;
- cookie and local-storage identifiers;
- error reports;
- logs;
- performance information;
- security events;
- authentication events; and
- information about how you interact with emails and product communications.
Where enabled, we may use session replay or similar tools that capture interactions with the Services, such as clicks, scrolling, navigation, and form interactions. We configure these tools to reduce the collection of sensitive content where reasonably possible, but customers should not use fields for purposes other than those for which they are provided.
3.7 Communications and support information
We collect information when you:
- contact support;
- request a demonstration;
- respond to a survey;
- submit feedback;
- participate in customer research;
- communicate with our sales or account teams;
- report a security or privacy issue; or
- otherwise contact us.
This may include message content, attachments, contact details, call notes, and related correspondence.
3.8 Information from other sources
We may receive information from:
- your employer or customer organization;
- organization administrators;
- invited users;
- connected services;
- payment providers;
- analytics and attribution providers;
- customer relationship management systems;
- security and fraud-prevention providers;
- publicly available business sources; and
- business partners or referral sources.
4. How We Use Information
We may use information to:
4.1 Provide and operate the Services
This includes:
- creating and administering accounts;
- authenticating users;
- managing organization membership and permissions;
- receiving and storing Customer Content;
- importing authorized documents and emails;
- processing documents;
- extracting and organizing portfolio data;
- identifying potential duplicate submissions;
- matching updates to portfolio companies;
- supporting metric schemas;
- generating summaries, signals, reports, and other outputs;
- maintaining source evidence and processing history;
- supporting internal discussions and workflows;
- creating shareable reports;
- processing subscriptions and payments; and
- providing requested functionality.
4.2 Provide AI-assisted functionality
We use information to:
- extract structured data;
- perform optical character recognition;
- summarize documents;
- propose metric mappings;
- identify reporting periods;
- detect possible conflicts or anomalies;
- suggest portfolio-company associations;
- generate proposed report material;
- answer user questions within the context of authorized organization information; and
- support user review and correction workflows.
4.3 Secure and protect PostMoney
We may use information to:
- authenticate users;
- enforce permissions;
- detect suspicious activity;
- prevent fraud, abuse, and unauthorized access;
- investigate incidents;
- debug errors;
- maintain audit and security logs;
- protect customers, users, and the public; and
- enforce our agreements.
4.4 Maintain, support, and improve the Services
We may use information to:
- troubleshoot problems;
- respond to support requests;
- measure feature use;
- understand product performance;
- improve usability;
- test and develop features;
- monitor service reliability;
- conduct internal research; and
- create aggregated or de-identified statistics.
We do not use Customer Content to train general-purpose artificial intelligence models. We may use user feedback, corrections, and de-identified or aggregated operational information to evaluate and improve PostMoney, provided that the information does not identify a customer, user, portfolio company, or individual.
4.5 Communicate with you
We may send:
- account and authentication messages;
- service announcements;
- security notices;
- billing and payment messages;
- support communications;
- product updates;
- administrative notices;
- surveys;
- event invitations; and
- marketing communications where permitted by law.
You may opt out of promotional emails by using the unsubscribe link in the message. You cannot opt out of transactional, security, billing, or other communications necessary to provide the Services.
4.6 Comply with law and protect legal interests
We may use information to:
- comply with applicable laws and legal processes;
- respond to lawful requests;
- establish, exercise, or defend legal claims;
- conduct audits;
- maintain required financial and tax records;
- investigate violations; and
- protect the rights, safety, and property of Innoventions, our customers, our users, and others.
5. Legal Bases for Processing
Where laws such as the UK GDPR or EU GDPR apply, we process personal information under one or more of the following legal bases:
- Performance of a contract: to provide the Services requested by a customer or user.
- Legitimate interests: to operate, secure, support, analyze, and improve the Services; communicate with business users; prevent abuse; and manage our business.
- Consent: where we request consent for a specific activity, such as certain cookies or marketing communications.
- Legal obligations: to comply with applicable laws, regulatory requirements, court orders, and tax or accounting obligations.
- Protection of rights: to establish, exercise, or defend legal claims and protect users, customers, and others.
Where we process Customer Content on behalf of a customer organization, the customer determines the applicable legal basis.
6. How We Disclose Information
We may disclose information in the following circumstances.
6.1 Customer organizations and administrators
If you use PostMoney through an organization, its administrators and other authorized users may:
- access your account profile;
- manage your membership and permissions;
- view your activity within the organization;
- access Customer Content you submit;
- assign or review work; and
- suspend or remove your access.
6.2 Service providers and subprocessors
We may disclose information to vendors that provide services such as:
- cloud hosting and infrastructure;
- document and object storage;
- database services;
- content delivery;
- AI inference and document processing;
- optical character recognition;
- authentication;
- payment processing;
- email delivery and inbound-email processing;
- customer support;
- error monitoring;
- security;
- analytics;
- session replay;
- customer relationship management;
- marketing attribution; and
- professional services.
These providers may process information only for the purposes for which we engage them, subject to contractual terms and applicable law.
We may maintain a separate list of subprocessors at a location identified on our website or made available to customers upon request.
6.3 Customer-directed integrations and disclosures
We disclose information when a customer or user directs us to:
- connect a third-party service;
- import or export information;
- create or use a shared report link;
- invite another user;
- send information to a recipient; or
- otherwise interact with a third-party product.
Third-party services may process information under their own terms and privacy policies. Customers are responsible for reviewing the practices of integrations they choose to enable.
6.4 Shared reports
Customers may create token-based or otherwise access-controlled links to reports. Anyone who obtains a valid shared link may be able to access the information available through that link.
Customers are responsible for:
- determining what information is included;
- selecting appropriate recipients;
- protecting shared links;
- revoking access when it is no longer needed; and
- ensuring they have authority to disclose the report information.
Internal comments designated as non-shared are not intended to be included in externally shared reports.
6.5 Professional advisers
We may disclose information to attorneys, accountants, auditors, insurers, consultants, and other professional advisers where reasonably necessary to obtain advice, manage risk, complete audits, or operate our business.
6.6 Corporate transactions
We may disclose information in connection with an actual or proposed:
- merger;
- financing;
- acquisition;
- restructuring;
- bankruptcy;
- sale of assets; or
- similar corporate transaction.
The recipient may use the information subject to this Privacy Policy unless you are notified otherwise.
6.7 Legal, safety, and compliance disclosures
We may disclose information when we believe in good faith that disclosure is reasonably necessary to:
- comply with law, regulation, legal process, or a lawful government request;
- enforce our agreements;
- investigate fraud, abuse, or security incidents;
- protect rights, property, or safety;
- prevent harm; or
- establish, exercise, or defend legal claims.
Where legally permitted and commercially reasonable, we may notify the affected customer before disclosing Customer Content in response to legal process.
6.8 Aggregated and de-identified information
We may disclose information that has been aggregated or de-identified so that it does not reasonably identify a customer, user, portfolio company, or individual. We will not attempt to re-identify information that we maintain as de-identified, except to test whether our de-identification processes are effective or as permitted by law.
7. AI Processing
PostMoney uses AI providers and related technology vendors to process documents and provide AI-assisted features.
Depending on the feature, information sent for AI processing may include:
- uploaded documents;
- document text;
- spreadsheets;
- images;
- prompts;
- portfolio-company context;
- prior user instructions;
- extracted values;
- report context; and
- user feedback or corrections.
We do not authorize our contracted AI providers to use Customer Content to train their general-purpose models. This commitment does not apply to a separate third-party integration that a customer independently enables and that is governed by separate terms between the customer and that third party.
AI processing may involve temporary provider-side retention for security, abuse prevention, or service operation, depending on the applicable provider, contract, and account configuration.
AI outputs are probabilistic. They may be inaccurate, incomplete, outdated, duplicative, or inappropriate for a particular purpose. Users must review material outputs before relying on them in investment analysis, valuations, investor communications, financial reporting, compliance activities, or other business decisions.
PostMoney does not make decisions on behalf of customers and does not provide investment, legal, accounting, tax, valuation, compliance, or fiduciary advice.
8. Cookies and Similar Technologies
We and our service providers may use cookies, pixels, software development kits, local storage, and similar technologies.
These technologies may include:
8.1 Essential technologies
Used for:
- authentication;
- account security;
- session management;
- load balancing;
- user preferences;
- fraud prevention; and
- core application functionality.
These technologies are necessary to provide the Services.
8.2 Functional technologies
Used to remember preferences and provide enhanced functionality.
8.3 Analytics and performance technologies
Used to:
- understand how visitors and users interact with PostMoney;
- identify signed-in users across sessions;
- measure feature use;
- diagnose performance;
- conduct session replay;
- identify errors; and
- improve the Services.
Analytics information is not necessarily anonymous. Depending on configuration, analytics records may be associated with an account identifier, name, email address, organization, device, or session.
8.4 Advertising and attribution technologies
We may use technologies on our public websites to:
- measure marketing campaigns;
- attribute visits or registrations;
- understand referral sources;
- create audiences;
- limit repeated advertising; and
- evaluate advertising performance.
Depending on the technology and applicable law, some disclosures to advertising or analytics partners may be considered a “sale,” “sharing,” or use for targeted advertising even when no money is exchanged.
Where required, we provide a mechanism to opt out of non-essential cookies and covered advertising or sharing activities. You may also be able to control cookies through your browser settings.
We do not use Customer Content, portfolio-company financial data, uploaded documents, or extracted portfolio metrics for third-party advertising.
8.5 Do Not Track and Global Privacy Control
Some browsers offer a “Do Not Track” signal. Because there is no uniform industry standard for these signals, PostMoney does not currently respond to legacy Do Not Track signals.
Where required by applicable law, we treat a recognized Global Privacy Control signal as a request to opt out of sale, sharing, or targeted advertising for the browser or device from which the signal is sent.
9. Sale and Targeted Advertising
We do not sell Customer Content or personal information for monetary consideration.
We do not disclose Customer Content to other PostMoney customers, data brokers, or advertisers.
As described above, we may use analytics, attribution, and advertising technologies on our public websites. Depending on applicable law, the disclosure of identifiers and internet activity to certain technology providers may be considered a sale, sharing, or targeted advertising.
Where applicable, you may exercise an opt-out through our cookie or privacy controls or by contacting privacy@postmoney.io.
10. Data Retention
We retain information for as long as reasonably necessary for the purposes described in this policy, including to provide the Services, comply with law, resolve disputes, enforce agreements, and protect security.
Retention periods depend on the type of information:
- Customer Content: generally retained while the customer account is active.
- Terminated accounts: Customer Content is generally scheduled for deletion from active systems within 30 days after termination or expiration, unless a different period is stated in an order form or written agreement.
- Customer-requested deletion: we will process authorized requests within a commercially reasonable period, subject to technical, contractual, and legal limitations.
- Backups: information may remain in encrypted or access-restricted backups until those backups expire under our normal backup cycle.
- Billing, tax, and transaction records: retained as necessary for accounting, tax, audit, fraud-prevention, and legal requirements.
- Security and diagnostic logs: retained for periods reasonably necessary for security, troubleshooting, and abuse prevention.
- Support and business communications: retained as necessary to manage our relationship and maintain appropriate business records.
- Legal holds: information may be retained for longer where necessary to comply with law, preserve evidence, resolve disputes, or enforce agreements.
When deletion is not technically feasible, we may isolate information from further use until deletion becomes feasible, except where retention and use are legally permitted or required.
Customers should export needed Customer Content before their account terminates.
11. Security
We use administrative, technical, and organizational safeguards designed to protect information against unauthorized access, loss, misuse, alteration, or disclosure.
These safeguards may include:
- access controls;
- authentication protections;
- encryption in transit;
- encryption at rest where supported by the relevant system;
- logging and monitoring;
- tenant and permission controls;
- vendor-management procedures;
- employee and contractor confidentiality obligations;
- backups; and
- incident-response procedures.
No security method is completely effective, and we cannot guarantee absolute security.
Customers and users are responsible for:
- protecting account credentials;
- using appropriate access controls;
- promptly removing users who no longer require access;
- protecting exported files and shared report links;
- maintaining secure devices and networks; and
- notifying us promptly of suspected unauthorized access.
Security concerns may be reported to security@postmoney.io or legal@postmoney.io.
12. International Data Transfers
Innoventions is based in the United States. We and our service providers may process information in the United States and other countries that may have different data-protection laws than your jurisdiction.
Where required, we use recognized transfer mechanisms or contractual safeguards, which may include:
- the European Commission’s Standard Contractual Clauses;
- the United Kingdom International Data Transfer Addendum;
- an applicable adequacy decision; or
- another legally recognized transfer mechanism.
Customers requiring a Data Processing Addendum should contact legal@postmoney.io.
13. Your Choices and Privacy Rights
Depending on your location and relationship with PostMoney, you may have the right to:
- request access to personal information;
- request correction of inaccurate information;
- request deletion;
- request a portable copy;
- object to or restrict certain processing;
- opt out of certain sales, sharing, or targeted advertising;
- withdraw consent where processing is based on consent;
- opt out of promotional communications;
- appeal a denied privacy request where applicable; and
- lodge a complaint with a privacy or data-protection authority.
To submit a request, contact privacy@postmoney.io.
We may need to verify your identity and authority before completing a request. Verification may require information reasonably necessary to match you to our records and protect against fraudulent requests.
You may use an authorized agent where permitted by law. We may request evidence of the agent’s authority and may require direct verification from you.
We will not unlawfully discriminate against you for exercising an applicable privacy right.
Certain information may be exempt from a request, including information we must retain for security, fraud prevention, legal compliance, transaction completion, or legal claims.
14. Requests Concerning Customer Content
If your personal information appears in Customer Content controlled by a PostMoney customer, contact that customer directly.
We generally cannot independently fulfill a request to access, correct, or delete Customer Content without instructions from the responsible customer organization. If you contact us, we may refer your request to the customer or ask you to identify the relevant customer.
15. California Privacy Information
This section applies where the California Consumer Privacy Act, as amended, applies to Innoventions and the relevant information.
California residents may have rights to:
- know the categories and specific pieces of personal information collected;
- know the categories of sources, purposes, and recipients;
- request correction;
- request deletion;
- obtain a portable copy;
- opt out of sale or sharing;
- limit certain uses of sensitive personal information; and
- receive equal service and pricing when exercising privacy rights.
The categories of personal information we may collect are described in Section 3. They may include:
- identifiers;
- customer-record information;
- commercial information;
- internet or electronic-network activity;
- professional or employment information;
- approximate geolocation;
- audio, electronic, or visual information;
- sensitive personal information included in Customer Content or authentication information; and
- inferences generated from other information.
We collect these categories from the sources described in Sections 3 and 4 and use them for the purposes described in Section 4. We disclose them to the recipient categories described in Section 6.
We do not knowingly sell or share the personal information of individuals under 16.
To exercise an applicable California right, contact privacy@postmoney.io or use the privacy controls made available on our website.
16. European Economic Area, United Kingdom, and Switzerland
Where applicable, individuals in these jurisdictions may have rights to:
- access;
- correction;
- erasure;
- restriction;
- portability;
- objection;
- withdrawal of consent; and
- complaint to a supervisory authority.
Innoventions LLC is the controller for personal information it processes for its own business purposes. Customer organizations are generally the controllers for personal information contained in Customer Content.
We do not make decisions producing legal or similarly significant effects about individuals solely through automated processing.
17. Children’s Privacy
PostMoney is not intended for individuals under 18, and we do not knowingly collect personal information directly from children.
If you believe a child has provided personal information to us, contact privacy@postmoney.io.
18. Third-Party Services and Links
The Services may contain links to or integrations with third-party websites and services.
We are not responsible for the privacy, security, or content practices of third parties acting independently from Innoventions. Review their policies before providing information or enabling an integration.
19. Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in our Services, practices, technology, vendors, or legal obligations.
We will post the updated policy with a revised effective date. If we make a material change, we may provide additional notice through the Services, by email, or through another reasonable method.
Changes apply prospectively unless otherwise stated or permitted by law.
20. Contact Us
For privacy questions or requests, contact:
Innoventions LLC Attn: PostMoney Privacy 15260 Ventura Boulevard Sherman Oaks, California 91403 United States
Email: privacy@postmoney.io
For contractual and legal inquiries:
Email: legal@postmoney.io