AngelHub

Privacy Policy

Last updated: November 22, 2025

1. Introduction

AngelHub ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our portfolio management platform.

By using AngelHub, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, do not use our Service.

2. Information We Collect

2.1 Information You Provide

We collect information you directly provide when you:

  • Create an account: Name, email address, password
  • Use the Service: Investment data, company information, financial records, documents, notes, and other portfolio data
  • Subscribe to paid plans: Payment information (processed by Stripe)
  • Contact us: Support requests, feedback, correspondence

2.2 Information Automatically Collected

When you use our Service, we automatically collect:

  • Usage data: Pages visited, features used, time spent, click patterns
  • Device information: Browser type, operating system, device identifiers
  • Log data: IP address, access times, referring URLs
  • Cookies and tracking: Session tokens, preferences, analytics data

2.3 Information from Third Parties

  • Payment processors: Stripe provides payment confirmation and subscription status
  • AI services: Anthropic Claude processes investment data for summaries
  • Email services: Resend processes email delivery

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Create and manage your account
  • Process payments and subscriptions
  • Generate AI-powered investment summaries and analysis
  • Store and organize your investment documents
  • Calculate portfolio performance and analytics
  • Send transactional emails (confirmations, notifications)
  • Respond to your inquiries and support requests
  • Monitor usage and enforce usage limits
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations
  • Analyze usage patterns to improve our Service

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), our legal basis for processing your personal data includes:

  • Contract performance: Processing necessary to provide the Service
  • Consent: You have given consent for specific purposes
  • Legitimate interests: Our business interests that do not override your rights
  • Legal obligations: Compliance with laws and regulations

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

5.1 Service Providers

  • Stripe: Payment processing (see Stripe's privacy policy)
  • Anthropic: AI-powered summaries (see Anthropic's privacy policy)
  • Neon/PostgreSQL: Database hosting
  • Cloudflare R2: File storage
  • Resend: Email delivery

5.2 Legal Requirements

We may disclose your information if required by law or in response to:

  • Court orders or legal process
  • Law enforcement requests
  • Protection of our rights, property, or safety
  • Prevention of fraud or security threats

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

6. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption in transit (TLS/SSL) and at rest
  • Secure password hashing (bcrypt)
  • Row-level security in our database
  • Regular security audits and updates
  • Access controls and authentication
  • Secure file storage with access controls

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Data Retention

We retain your information for as long as:

  • Your account is active
  • Needed to provide the Service
  • Required by law or for legitimate business purposes
  • Necessary to resolve disputes or enforce agreements

After account deletion, we may retain certain data for backup, archival, audit, or legal purposes for up to 90 days, after which it will be permanently deleted.

8. Your Privacy Rights

8.1 GDPR Rights (EEA Residents)

If you are in the EEA, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit how we process your data
  • Data portability: Receive your data in a structured format
  • Object: Object to processing based on legitimate interests
  • Withdraw consent: Withdraw consent at any time
  • Lodge a complaint: File a complaint with your data protection authority

8.2 CCPA Rights (California Residents)

If you are a California resident, you have the right to:

  • Know what personal information we collect, use, and share
  • Delete your personal information
  • Opt-out of the sale of your personal information (we do not sell data)
  • Non-discrimination for exercising your rights

8.3 How to Exercise Your Rights

You can exercise these rights through:

  • Your account settings page
  • Emailing us at privacy@angelhub.com
  • Using the data export/deletion features in your account

We will respond to verified requests within 30 days.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Essential cookies: Required for the Service to function (authentication)
  • Functional cookies: Remember your preferences and settings
  • Analytics cookies: Understand how you use the Service
  • Performance cookies: Improve Service performance

You can manage cookie preferences through our cookie banner or your browser settings. See our Cookie Policy for more details.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. These countries may have different data protection laws. We ensure appropriate safeguards are in place, including:

  • Standard contractual clauses approved by the European Commission
  • Data processing agreements with service providers
  • Compliance with applicable data transfer regulations

11. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. Third-Party Links

Our Service may contain links to third-party websites. We are not responsible for their privacy practices. We encourage you to review their privacy policies.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the new policy on this page
  • Updating the "Last updated" date
  • Sending an email notification (for significant changes)

Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

Email: privacy@angelhub.com
Data Protection Officer: dpo@angelhub.com
Address: [Your Company Address]

15. Data Processing Details

Categories of Personal Data We Process

  • Identity data (name, email)
  • Financial data (investment amounts, valuations)
  • Technical data (IP address, browser type)
  • Usage data (feature usage, page views)
  • Profile data (preferences, settings)
  • Communication data (support requests)
  • Document data (uploaded files, notes)

Purposes of Processing

  • Service delivery and account management
  • Payment processing and billing
  • AI analysis and insights generation
  • Customer support and communication
  • Security and fraud prevention
  • Service improvement and analytics
  • Legal compliance and dispute resolution
Terms of ServiceCookie PolicyBack to Home