Privacy Policy
Effective Date: April 2026 | Last Updated: April 2026
Fundry AI, Inc. ("Fundry", "we", "us") operates the Fundry AI platform at fundry.ai. This Privacy Policy describes how we collect, use, and protect your information.
1. Information We Collect
Account Information
- Name, email address, firm name
- Authentication credentials (managed by Supabase Auth)
- Role and permissions within your organization
Financial Data (Processed on Behalf of Your Firm)
- DDQ documents and generated responses
- LP communications and draft responses
- K-1 tax documents and variance analysis results
- Expense records and P&L data
Usage Data
- Feature usage analytics (anonymized via PostHog)
- Agent invocation logs (retained per SEC requirements)
- Error reports (scrubbed of PII via Sentry)
Payment Information
- Billing details processed by Stripe (PCI DSS Level 1)
- We do not store credit card numbers on our systems
2. How We Use Your Information
We use your information to:
- Provide and maintain the Fundry AI service
- Process documents and generate AI-assisted outputs
- Communicate service updates and notifications
- Enforce subscription tier access controls
- Comply with legal obligations (SEC recordkeeping)
We do not:
- Sell your personal information to third parties
- Use your data to train AI models
- Share your data with other customers
- Send marketing emails without consent
3. Data Sharing
We share data only with:
- Sub-processors listed in our DPA (Supabase, Vercel, Anthropic, OpenAI, Stripe, Resend)
- Legal authorities when required by law or valid legal process
- Your organization's members as configured by your firm's admin
4. Data Security
We implement comprehensive security measures including:
- AES-256 encryption at rest and TLS 1.3 in transit
- Row-level security for multi-tenant data isolation
- PII detection and stripping before AI processing
- MFA-enabled authentication
- Regular security audits
See our Security Whitepaper for detailed information.
5. Data Retention
| Data Type | Retention Period |
|---|---|
| Account information | Duration of service + 30 days |
| Financial documents (raw) | Deleted within 24 hours of processing |
| Structured data | Customer-controlled |
| PII vault | 90 days (DDQ/email) or 7 years (tax) |
| Agent logs | 7 years (SEC compliance) |
| Payment records | Per Stripe retention policy |
6. Your Rights
You have the right to:
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate data
- Erasure: Request deletion of your data
- Portability: Export your data in CSV/JSON format
- Restriction: Limit how we process your data
- Object: Object to processing based on legitimate interests
To exercise these rights, contact privacy@fundry.ai.
7. Cookies
We use essential cookies for authentication and session management. We use PostHog for anonymized analytics. We do not use advertising cookies or trackers.
8. International Transfers
All data is processed and stored in the United States. EU/EEA customers are covered by Standard Contractual Clauses.
9. Children's Privacy
Fundry AI is a B2B service. We do not knowingly collect information from individuals under 18.
10. Google Workspace Add-on (Gmail Sidebar)
Fundry AI offers an optional Gmail Add-on that displays LP email classifications directly in the Gmail sidebar. This section describes specifically how that integration handles your data.
OAuth Scopes Requested
| Scope | Purpose |
|---|---|
https://www.googleapis.com/auth/gmail.addons.current.message.readonly |
Read the currently open email message to classify it |
https://www.googleapis.com/auth/gmail.addons.current.message.action.compose |
Create a draft reply in your Gmail account when you approve a suggested response |
https://www.googleapis.com/auth/userinfo.email |
Identify your Gmail address to link the add-on to your Fundry account |
What We Access
When you open an email in Gmail with the add-on installed, Fundry reads:
- The message body and subject
- Sender and recipient addresses
- Thread metadata (thread ID, reply count)
What We Store
To display classifications in your Fundry review queue, we store the following in our database:
- Email subject (full)
- Sender and recipient addresses
- A preview of the email body (up to 500 characters — not the full message)
- Classification results: category, confidence score, suggested action, linked LP/fund
- Draft response generated by the AI agent (if applicable)
We do not store:
- The full body of the email beyond the 500-character preview
- Email attachments
- Any email content from messages you do not open while the add-on is active
What We Do Not Store
Raw email files are never stored on Fundry infrastructure. Email content is fetched ephemerally via the Gmail API at the time the message is opened and is not retained beyond the structured fields listed above.
Draft Replies
If you click "Approve" in the Gmail sidebar, Fundry uses the gmail.addons.current.message.action.compose scope to create a draft reply in your Gmail Drafts folder. Fundry does not send emails on your behalf — you review and send the draft yourself.
Revoking Access
You can disconnect the Gmail Add-on at any time:
1. Go to your Google Account → Security → Third-party apps with account access
2. Find "Fundry AI" and click "Remove access"
You can also disconnect from within Fundry: Settings → Integrations → Gmail → Disconnect.
Disconnecting revokes all OAuth permissions and stops the add-on from accessing new messages. Previously stored classification data remains in your Fundry account until you delete it.
Google API Services User Data Policy
Fundry AI's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
11. Changes to This Policy
We will notify registered users of material changes via email at least 30 days before they take effect.
12. Contact
- Privacy inquiries: privacy@fundry.ai
- Data protection requests: privacy@fundry.ai
- General inquiries: support@fundry.ai
For questions about this privacy policy, contact privacy@fundry.ai.