DiligenceVDR

Privacy Policy

Effective Date: March 1, 2026 · Last Updated: March 1, 2026

1. Introduction

DiligenceVDR, LLC ("DiligenceVDR," "we," "us," or "our") is committed to protecting the privacy of our customers, users, and website visitors. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website at diligencevdr.ai or use our virtual data room platform (collectively, the "Services").

By accessing or using our Services, you agree to the terms of this Privacy Policy. If you do not agree with the practices described herein, please do not use our Services.

2. Information We Collect

2.1 Customer Information

When you create an account, request a demo, or contact us, we may collect:

  • Full name and job title
  • Email address
  • Company name and address
  • Phone number
  • Billing and payment information
  • Deal size and transaction details you voluntarily provide

2.2 Content

We process files, documents, and other materials that you or your authorized users upload to our virtual data room ("Content"). You retain full ownership of your Content. We process Content solely to provide and maintain the Services.

2.3 Usage Data

We automatically collect certain information when you interact with our Services, including:

  • IP address and approximate geolocation
  • Browser type, version, and language
  • Device type and operating system
  • Pages viewed, time spent, and navigation paths
  • Document access logs and interaction events
  • Referring URLs and search terms

2.4 Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies to collect usage data and improve our Services. For detailed information, please see our Cookie Policy.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Services
  • Process transactions and send related billing information
  • Respond to your requests, inquiries, and customer support needs
  • Send product updates, security alerts, and administrative messages
  • Send marketing communications (with your consent, where required)
  • Monitor and analyze usage trends to improve and personalize the Services
  • Detect, prevent, and address fraud, abuse, and security issues
  • Comply with legal obligations and enforce our agreements

We do not use Content uploaded to our data rooms to develop, train, or improve artificial intelligence or machine learning models. AI-powered features (such as redaction) process Content in real-time and do not retain or learn from your documents.

4. How We Share Your Information

We may share your information with the following categories of recipients:

  • Service Providers: Hosting, payment processing, analytics, and customer support vendors who process data on our behalf under strict contractual obligations.
  • Data Room Participants: Information you share within a data room is visible to other authorized participants as configured by the data room administrator.
  • Legal Compliance: When required by law, regulation, legal process, or governmental request.
  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the successor entity.
  • With Your Consent: We may share information for any other purpose with your explicit consent.

We do not sell your personal information to third parties. We do not share personally identifiable information with advertising networks.

5. Data Security

We implement appropriate technical and organizational measures to protect the information we collect and store. These measures include:

  • AES-256 encryption for data at rest and TLS 1.3 encryption for data in transit
  • SOC 2 Type II Ready, SOC 3 Ready, ISO 27001, and ISO 42001 Ready security controls
  • Regular third-party penetration testing and security audits
  • Role-based access controls and multi-factor authentication
  • 24/7 infrastructure monitoring and intrusion detection
  • Comprehensive audit trails for all document interactions

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Services. When you close your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law or for legitimate business purposes (such as resolving disputes or enforcing agreements).

Content stored in data rooms is retained according to the data room administrator's configuration. Administrators may delete Content at any time. Upon account termination, Content is permanently deleted within 30 days.

7. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete information.
  • Deletion: Request deletion of your personal information, subject to legal retention requirements.
  • Portability: Request a machine-readable copy of your data.
  • Opt-Out: Unsubscribe from marketing emails at any time via the link in each email.
  • Cookie Preferences: Manage cookie settings through your browser or our cookie preference center.

To exercise any of these rights, please contact us at privacy@diligencevdr.ai.

8. International Data Transfers

DiligenceVDR is headquartered in the United States. By using the Services, you consent to the transfer of your information to the United States and other locations that may be outside your country of residence. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses approved by the European Commission where applicable.

9. Children's Privacy

Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete such information promptly.

10. Third-Party Links

Our Services may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date. Your continued use of the Services after any changes constitutes acceptance of the updated Privacy Policy.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

DiligenceVDR, LLC
Denver, Colorado
Email: privacy@diligencevdr.ai