Privacy Policy

Updated November 30th, 2021

Effective December 30th, 2021


DiligenceVault is a digital diligence platform that provides investors, asset managers and portfolio companies with the tools to centralize, streamline and digitize their due diligence processes and data.

At Diligence Vault, our mission is your mission. Our customers’ trust and partnership are very important to us. 

This Policy also discusses your rights with respect to your information. As you use and interact with DiligenceVault’s Websites, Products, and Services, we process information from and about you in order to provide access to our Products and Services, an enhanced experience, and support. That means that we collect, use, transmit, store, share, and erase your information.

When we talk about “DiligenceVault,” “we,” “our,” or “us” in this policy, we are referring to Diligence Vault Corp., the company which provides the Services. When we talk about the “Services” in this policy, we are referring to our digital diligence platform. Our Services are currently available for use via a web browser.


Information We Collect and Receive

  1. Customer Data
    Content and information submitted by users to the Service is referred to in this policy as “Customer Data.” As further explained below, Customer Data is controlled by the organization or other third party that created the diligence project (the “Customer”). Where DiligenceVault collects or processes Customer Data, it does so on behalf of a Customer.

If you join the platform and create an account, you are a “User”. If you are using the Service by invitation of a Customer, whether that Customer is your employer, another organization, or an individual, that Customer determines its own policies regarding storage, access, modification, deletion, sharing, and retention of Customer Data which may apply to your use of the Service. Please check with the Customer about the policies and settings it has in place.

For Customer Data, DiligenceVault is the processor/service provider (a provider that processes personal data on behalf of or at the direction of a controller, or other similar designation under the law) and our Customer (usually a company or organization) is the controller/business (the entity that decides how and why information is processed) of the information provided to DiligenceVault via use of DiligenceVault. 


  1. Other Information
    DiligenceVault may also collect and receive the following information, where DiligenceVault is the controller of the information.:

    • Account creation information: 

Information needed to create your account could include identifiers, such as first and last name and email address, your password for DiligenceVault, and information related to a third-party authentication identity provider, such as Google Authenticator

  • Billing and other information:
    For Customers that purchase a paid version of the Service, our corporate affiliates and our third party payment processors may collect and store billing address and credit card information on our behalf or we may do this ourselves.
  • Services usage information:
    This is information about how you are accessing and using the Service, which may include administrative and support communications with us and information about the diligence requests, people, features, content, and links you interact with, and the third party integrations you use (if any).
  • Log data:
    When you use the Service our servers automatically record information, including information that your browser sends whenever you visit a website. This log data may include your Internet Protocol address, the address of the web page you visited before using the Service, your browser type and settings, the date and time of your use of the Service, information about your browser configuration and plug-ins, language preferences, and cookie data.
  • Device information:
    We may collect information about the device on which you are using the Service, including the type of device, the operating system, device settings, application IDs, unique device identifiers, and crash data. Whether we collect some or all of this information often depends on the type of device you are using and its settings.


Our Cookie Policy

DiligenceVault uses cookies and similar technologies to provide and support our websites and Service.


How We Use Your Information

We use your information to provide and improve the Service.

  1. Customer Data
    DiligenceVault may access and use Customer Data as reasonably necessary and in accordance with Customer’s instructions to (a) provide, maintain and improve the Service; (b) to prevent or address service, security, technical issues or at a Customer’s request in connection with customer support matters; (c) as required by law and (d) as set forth in our agreement with the Customer or as expressly permitted in writing by the Customer.
    Customer provides us with instructions on what to do with Customer Data. A Customer has many choices and control over Customer Data. For example, Customer may provision or deprovision access to the Service, enable or disable third party integrations, manage permissions, retention and export settings. These choices and instructions may result in the access, use, disclosure, modification or deletion of certain or all Customer Data.
  2. Other Information
    We use other kinds of information in providing the Service. Specifically:

    • To understand and improve our Service:
      We carry out research and analyze trends to better understand how users are using the Service and improve them.
    • To communicate with you by
      • Responding to your requests:
        If you contact us with a problem or question, we will use your information to respond.
      • Sending emails:
        We may send you Service and administrative emails and messages. We may also contact you to inform you about changes in our Service, our Service offerings, and important Service related notices, such as security and fraud notices. These emails and messages are considered part of the Service and you may not opt out of them. In addition, we sometimes send emails about new product features or other news about DiligenceVault. You can opt out of these at any time.
    • Billing and account management:
      We use account data to administer accounts and keep track of billing and payments.
    • Communicating with you and marketing:
      We often need to contact you for invoicing, account management, product updates, and other business reasons. We may also use your contact information for our own marketing or advertising purposes. You can opt out of these at any time.
    • Investigating and preventing bad stuff from happening:
      We work hard to keep the Service secure and to prevent abuse and fraud.
  3. This policy is not intended to place any limits on what we do with data that is aggregated and/or de-identified so it is no longer associated with an identifiable User or Customer of the Service.


Sharing and Disclosure

There are times when information described in this privacy policy may be shared by DiligenceVault. This section discusses only how DiligenceVault may share such information. Customers determine their own policies for the sharing and disclosure of Customer Data. DiligenceVault does not control how Customers or their third parties choose to share or disclose Customer Data.

DiligenceVault may share information as follows:

  • About you with the Customer:
    There may be times when you contact DiligenceVault to help resolve an issue specific to a diligence project of which you are a respondent. In order to help resolve the issue and given our relationship with our Customer, we may share your concern with our Customer.
  • With third party service providers and agents:
    DiligenceVault does not disclose your personal information to third parties, except as described in this policy. We may engage third party companies or individuals, such as third party payment processors, to process information on our behalf. Please know that DiligenceVault will not sell your personal information.
  • In the event of Business Transfers. If the ownership of all or substantially all of our business changes, or all or some of our assets are sold as part of a bankruptcy or other proceeding, we may transfer your information to the new owner so that the services can continue to operate. In such case, your information would remain subject to the promises and commitments contained in this Privacy Statement until the acquiring party updates it. If such transfer is subject to additional mandatory restrictions under applicable laws or agreements, DiligenceVault will comply with those restrictions.


Other Types of Disclosure

DiligenceVault may share or disclose Customer Data and other information as follows:

  • To comply with laws:
    To comply with legal or regulatory requirements and to respond to lawful requests, court orders and legal process.
  • To enforce our rights, prevent fraud and for safety:
    To protect and defend the rights, property, or safety of us or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud.

We may disclose or use aggregate or de-identified information. For example, we may share aggregated or de-identified information for business or research purposes like computing diligence workflow statistics, or partnering with research firms or academics to explore interesting questions about diligence trends.



DiligenceVault takes security seriously. We take various steps to protect information you provide to us from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the information we collect, process and store, and the current state of technology. We limit access to your personal information to authorized DiligenceVault employees or agents and, as described above in Disclosures of Your Personal Information to Third Parties, our service providers are held to stringent standards of privacy. We also maintain physical, electronic and procedural safeguards to protect the information against loss, misuse, damage or modification and unauthorized access or disclosure. Some of the other central features of our information security program are:

  • The CISO designs, implements and provides oversight to our information security program
  • The use of multiple layers of protection including use of firewalls and multi-factor controls
  • Testing of the security and operability of platform as well as ongoing vulnerability management
  • Internal and independent review of our security measures
  • Monitoring of our systems infrastructure to detect weaknesses and potential intrusions
  • Implementing controls to identify, authenticate and authorize access to various systems or sites
  • Protecting information during transmission and at rest through various means including encryption

Data Retention

We will retain your information for the period necessary to fulfill the purposes outlined in this Privacy Statement, to make our Services available to you, or as instructed by you, unless a longer retention period is required or permitted by law.

Changes to This Privacy Policy

We may change this policy from time to time, and if we do we will post any changes on this page. If you continue to use the Services after those changes are in effect, you agree to the revised policy.


Contacting Diligencevault

Please also feel free to contact us if you have any questions about DiligenceVault’s Privacy Policy or practices. The European Economic Area – Singapore, Switzerland, Hong Kong, Japan, Australia and New Zealand (This section applies only if your information is processed by DiligenceVault in a Member State of the European Economic Area (EEA), Singapore, Switzerland, Hong Kong, Japan, Australia or New Zealand.) You are entitled to access any personal data about you held by DiligenceVault by sending a written request to DiligenceVault. You may be required to supply a valid means of identification as a security precaution to assist us in preventing the unauthorized disclosure of your personal information. We will process your request within the time provided by applicable law. You are also entitled to have DiligenceVault modify or delete any information that you believe is incorrect or out of date. DiligenceVault may occasionally contact you by telephone, electronic mail, etc., with details of products and services that we believe may be of interest to you. If you do not wish to be contacted in this way, if you wish to exercise your rights of correction and access, or if you require further information regarding our privacy policies and practices in the above-referenced regions, you may contact You may contact DiligenceVault at or at our mailing address below.

DiligenceVault 1230 Avenue of the Americas, 15th Fl, New York, NY 10020