Effective Date: January 1, 2026
Last Updated: March 12, 2026
Adelphoï Labs ("Adelphoï Labs," "we," "our," or "us") is committed to protecting the privacy, confidentiality, and security of personal information. This Privacy Policy explains how we collect, use, disclose, store, and protect information obtained through our website and related services (collectively, the "Services").
By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy.
1. Scope and Applicability
This Privacy Policy applies to:
- Visitors to our website
- Individuals who communicate with us electronically
- Prospective and current clients, partners, and subscribers
- Users of our business tools and member portal
This Policy is intended to comply with applicable privacy and data protection laws, including but not limited to:
- The General Data Protection Regulation (GDPR) (and UK GDPR, where applicable)
- The California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA)
- Other applicable U.S. state privacy laws (Virginia, Colorado, Connecticut, Utah, etc.)
2. Information We Collect
a. Personal Information You Provide
We may collect personal information you voluntarily provide, including:
- Name
- Email address
- Organization or company name
- Phone number
- Professional role, inquiry details, or other content you submit
- Account credentials (hashed passwords)
- Financial data you upload for analysis (processed confidentially)
b. Automatically Collected Information
When you use the Services, we may automatically collect certain technical and usage information, such as:
- IP address
- Browser type/version
- Device type and operating system
- Approximate location (derived from IP address)
- Pages viewed, session activity, access times, referring/exit URLs
c. Cookies and Similar Technologies
We may use cookies, pixels, SDKs, and similar technologies to support functionality, measure performance, and improve user experience. For detailed information about our cookie practices, please see our Cookie Policy.
Types of cookies we may use:
- Essential cookies (required for core site functions and security)
- Analytics cookies (to understand site usage and improve performance)
- Preference cookies (to remember selections, where enabled)
3. Global Privacy Control (GPC) and Opt-Out Preference Signals
We honor Global Privacy Control (GPC) signals. If your browser or device transmits a GPC signal, we will treat it as a valid request to opt out of:
- The sale of personal information
- Sharing of personal information for cross-context behavioral advertising
- Non-essential tracking and analytics cookies
When we detect a GPC signal, we will display a confirmation message indicating that your privacy preferences have been honored. To learn more about GPC and how to enable it in your browser, visit globalprivacycontrol.org.
4. Legal Bases for Processing (GDPR/UK GDPR)
Where GDPR/UK GDPR applies, we process personal data under one or more of the following legal bases:
- Consent: where you have provided consent (you may withdraw consent at any time)
- Legitimate Interests: to operate, secure, and improve the Services
- Contractual Necessity: to perform or prepare to perform a contract with you
- Legal Obligation: to comply with applicable laws and regulations
5. How We Use Personal Information
We may use personal information to:
- Respond to inquiries and requests
- Provide advisory, research, educational, or consulting services
- Communicate insights, updates, newsletters, or materials
- Maintain site security and prevent misuse
- Improve operational effectiveness and user experience
- Comply with legal, regulatory, and contractual obligations
We do not sell personal information. We also do not disclose personal information for third-party advertising or marketing purposes.
6. Disclosure of Information
We may disclose personal information only as follows:
- Service Providers: to vetted vendors that perform services for us under appropriate contractual protections
- Legal and Compliance: to law enforcement, regulators, courts, or other authorities when required or permitted by law
- Protection of Rights: to protect the rights, property, security, and integrity of Adelphoï Labs and others
- Business Transfers: in connection with a merger, acquisition, financing, reorganization, or sale of assets
7. Third-Party Service Providers
We use the following categories of third-party service providers to operate our Services:
| Provider | Purpose | Data Processed |
|---|---|---|
| Google Analytics | Website analytics | Usage data, IP address (anonymized) |
| Mapbox | Interactive maps | Location queries, IP address |
| Stripe | Payment processing | Payment information |
| AWS (Amazon Web Services) | Cloud hosting & storage | All data stored on our platform |
| Abacus.AI | AI processing & email delivery | Content for AI analysis, email addresses |
All service providers are bound by data processing agreements that require them to protect your personal information and use it only for the purposes specified.
8. Data Retention
We retain personal information for the following periods:
| Data Category | Retention Period | Reason |
|---|---|---|
| Contact form submissions | 3 years | Business relationship management |
| User accounts | Until deletion requested | Service provision |
| Financial analysis data | 7 years | Tax and regulatory compliance |
| M&A engagement records | 7 years after engagement ends | Legal and regulatory requirements |
| Newsletter subscriptions | Until unsubscribed | Consent-based marketing |
| Analytics data | 26 months | Performance analysis |
| Cookie consent records | 2 years | Compliance documentation |
After the retention period expires, data is securely deleted or anonymized.
9. Data Security
We maintain appropriate administrative, technical, and organizational safeguards designed to protect personal information against unauthorized access, disclosure, alteration, or destruction, including:
- Encryption of data in transit (TLS/SSL) and at rest
- Secure password hashing (bcrypt)
- Role-based access controls
- Regular security assessments
- Employee training on data protection
However, no system can guarantee absolute security. In the event of a data breach, we will notify affected individuals and authorities as required by applicable law.
10. Your Rights (EEA/UK – GDPR/UK GDPR)
If you are located in the European Economic Area (EEA) or the United Kingdom, you may have the right to:
- Access your personal data
- Request correction/rectification
- Request deletion ("right to be forgotten")
- Restrict or object to certain processing
- Request data portability
- Withdraw consent at any time
- Lodge a complaint with your local data protection authority
11. Your Rights (California – CCPA/CPRA)
If you are a California resident, you may have the right to:
- Right to Know: Request disclosure of personal information collected, including access to historical data back to January 1, 2022 (or longer if retained)
- Right to Access: Obtain a copy of your personal information
- Right to Delete: Request deletion of your personal information (subject to legal exceptions)
- Right to Correct: Request correction of inaccurate personal information
- Right to Opt-Out: Opt out of the sale or sharing of personal information
- Right to Limit: Limit use of sensitive personal information
- Non-Discrimination: Not be discriminated against for exercising your rights
We do not sell personal information. However, you may submit an opt-out request to ensure you are not included in any future data sharing.
To exercise your California privacy rights, please visit our Privacy Rights Request page or contact us using the information below.
12. Exercising Your Privacy Rights
To submit a privacy rights request (access, deletion, correction, opt-out, or data portability), you may:
- Visit our Privacy Rights Request page
- Email us at [email protected]
- Call us at 214-856-2268
Response Times:
- CCPA/CPRA requests: Within 45 days (extendable to 90 days)
- GDPR requests: Within 30 days (extendable to 60 days)
We may need to verify your identity before processing your request to protect your privacy.
13. International Data Transfers
Adelphoï Labs primarily serves North America. If you access the Services from outside the United States or Canada, you understand that your information may be transferred to, stored in, and processed in jurisdictions that may have different data protection standards.
For transfers from the EEA/UK, we rely on Standard Contractual Clauses approved by the European Commission.
14. Third-Party Websites
Our Services may contain links to third-party websites or services. We are not responsible for the privacy practices or content of these third parties.
15. Children's Privacy
Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information.
16. Contact Us
If you have any questions about this Privacy Policy, wish to exercise your rights, or have a complaint, please contact us at:
Adelphoï Labs
Email: [email protected]
General: [email protected]
Phone: 214-856-2268
17. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on our website with a new effective date. We encourage you to review this Privacy Policy periodically.