What is digital due diligence?

Digital due diligence is a comprehensive assessment of a target company's technology infrastructure, cybersecurity posture, data privacy practices, and digital assets. Unlike traditional due diligence that requires full access to internal systems, our AI-powered approach analyzes publicly available information and proprietary data sources to deliver complete insights without disrupting the target company.

How does INNOVAIDEN work without target company access?

Our proprietary AI platform analyzes 500+ public and proprietary data sources including technical infrastructure mapping, dark web monitoring, regulatory filings, code repositories, employee networks, and vendor relationships. Machine learning algorithms identify patterns and risks that traditional methods miss, delivering insights that are often more comprehensive than access-based assessments.

How long does an assessment take?

Target Snapshots are delivered in under 3 hours for initial screening. Due Diligence Assessments take up to 48 hours for mid-level analysis. Comprehensive Digital DD is completed in 5-7 business days, which is 6x faster than traditional consulting approaches while delivering 30% cost savings.

What industries do you serve?

We serve Private Equity firms, Law Firms, Technology Sellers preparing for exit, Early Stage Companies, Insurers and Brokers for cyber underwriting, and Limited Partners for portfolio monitoring. Our platform is optimized for technology-enabled companies across all sectors including SaaS, healthcare IT, fintech, manufacturing, and professional services.

How accurate is your AI-powered analysis?

Our platform maintains a 97% accuracy rate validated against traditional due diligence findings. The AI processes information at unprecedented scale, analyzing patterns across thousands of previous assessments to identify risks that human analysts often miss. Every AI finding is validated by our expert panel including former Fortune 1000 CISOs and PE operating partners.

What makes INNOVAIDEN different from traditional consulting?

Traditional consulting requires 4-6 weeks, full target access, costs $150K-$300K, and alerts the target company. INNOVAIDEN delivers results in 48-72 hours, requires zero access, costs 30% less, and maintains complete confidentiality. Our AI analyzes 500+ data sources simultaneously, identifying patterns that human analysis cannot match at speed.

Can I use INNOVAIDEN for portfolio monitoring after acquisition?

Yes. Many PE firms use our Target Snapshot product for quarterly or annual monitoring of portfolio companies through the hold period and exit preparation. This tracks risk evolution, demonstrates improving security posture to LPs, and documents improvements for buyer diligence during exit processes.

What's included in the deliverables?

Deliverables vary by product tier. All include executive summaries, risk quantification across 11 functional areas, technology stack mapping, competitive benchmarking, and red flag identification. Comprehensive DD adds 200+ page technical reports, 100-day value creation roadmaps, integration planning guides, and expert consultation sessions with our VP team.

Privacy Policy | Innovaiden

Last Updated: October 7, 2025 Effective Date: October 7, 2025

Introduction

Welcome to Innovaiden Inc. ("Innovaiden," "we," "us," or "our"). Innovaiden provides AI-powered digital due diligence and continuous monitoring platforms for private equity firms, investment professionals, and enterprise organizations (collectively, the "Services"). This Privacy Policy explains how we collect, use, share, and protect personal information when you:

Visit our website at innovaiden.com (the "Website")
Use our platform and services
Interact with us through email, events, or other communications

Please read this Privacy Policy carefully. By accessing the Website or using the Services, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Website or Services.

1. Personal Information We Collect

We collect personal information in several ways:

1.1 Information You Provide Directly

Contact and Account Information: When you create an account, request a demo, contact us, or register for events or webinars, we collect:

Name, email address, phone number
Company name, job title, business address
Billing and payment information
Information submitted in forms, surveys, or support requests

Communication Information: When you communicate with us (via email, chat, phone, or support tickets), we collect and retain those communications, including your contact details and the content of your messages.

Event Information: If you register for or attend our webinars, conferences, or events, we may collect your name, contact information, company details, and participation records.

1.2 Information We Collect Automatically

Device and Usage Information: When you visit our Website or use our Services, we automatically collect:

IP address, browser type, operating system, device identifiers
Pages visited, time spent, referral URLs, clickstream data
Service usage patterns, feature utilization, and performance metrics

Cookies and Tracking Technologies: We use cookies, web beacons, pixels, and similar technologies to collect information about your browsing behavior. See our Cookie Policy for details on how to manage cookie preferences.

Log Information: Our servers automatically log information when you use the Services, including IP addresses, access times, browser types, and requested pages.

1.3 Information from Third-Party Sources

We may receive information about you from:

Public databases and commercially available sources for business intelligence and lead generation
Data enrichment services to validate, update, and supplement contact information
Analytics providers such as Google Analytics and LinkedIn Insights
Social media platforms when you interact with our content or share information through social media

1.4 Customer Data We Process on Behalf of Clients

When providing Services to our customers, we process information about third-party companies and individuals on behalf of our customers (e.g., target companies in due diligence assessments). We act as a data processor for this information and process it solely according to our customers' instructions and our contractual agreements.

If you are an individual whose information is being processed as part of our Services to a customer, your privacy rights should be directed to that customer, as they are the data controller.

2. How We Use Personal Information

We use personal information for the following purposes:

2.1 Service Delivery

Provide, operate, maintain, and improve the Services
Create and manage user accounts
Process transactions and deliver purchased services
Provide customer support and respond to inquiries
Generate reports, assessments, and analytics for our customers

2.2 Communication

Send administrative communications, such as service updates, security alerts, and policy changes
Respond to your questions, requests, and feedback
Provide technical support and customer service

2.3 Marketing and Business Development

Send you information about our Services, features, promotions, and events (you may opt out at any time)
Conduct market research and gather feedback
Personalize your experience and tailor communications to your interests
Analyze marketing campaign performance

2.4 Product Improvement and Analytics

Understand how users interact with our Services
Develop new features, products, and service offerings
Create de-identified, aggregated, or anonymized data for analytics, benchmarking, and research
Improve platform performance, security, and user experience

2.5 Compliance and Protection

Comply with legal obligations, court orders, and regulatory requirements
Enforce our Terms of Service and other agreements
Protect our rights, property, and safety, and that of our users and the public
Prevent, detect, and investigate fraud, security incidents, and illegal activities
Respond to law enforcement requests where legally required

3. How We Share Personal Information

We do not sell, rent, or lease your personal information to third parties. We share personal information only in the following limited circumstances:

3.1 Service Providers and Vendors

We share personal information with trusted third-party service providers who assist us in operating our business, including:

Cloud hosting and infrastructure providers (AWS, Azure, GCP)
Payment processors and billing services
Customer relationship management (CRM) systems
Email and communication platforms
Analytics and data enrichment services
Customer support and help desk software

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

3.2 Business Partners and Resellers

We may share your information with:

Channel partners and resellers who distribute our Services
White-label partners who offer Innovaiden Services under their own brand (with your consent or as disclosed at the point of collection)
Event co-sponsors when you register for joint webinars or events (based on your preferences)

3.3 Professional Advisors

We may share personal information with lawyers, accountants, auditors, insurers, and other professional advisors as necessary to facilitate the services they provide to us.

3.4 Business Transfers

If Innovaiden is involved in a merger, acquisition, asset sale, financing, reorganization, bankruptcy, or similar transaction, personal information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our Website of any change in ownership or use of your personal information.

3.5 Legal and Regulatory Requirements

We may disclose personal information when required by law, such as:

In response to valid legal process (subpoenas, court orders, warrants)
To comply with regulatory requirements or government requests
To protect the rights, property, or safety of Innovaiden, our users, or the public
To enforce our agreements and policies
In connection with legal claims, compliance audits, or investigations

3.6 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

4. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Our retention periods depend on:

The nature of the information and why we collected it
Contractual obligations with customers
Legal, regulatory, tax, accounting, or reporting requirements
Legitimate business needs (e.g., security, fraud prevention, dispute resolution)

When personal information is no longer needed, we securely delete or anonymize it. Anonymized and aggregated data may be retained indefinitely for analytics and research purposes.

5. International Data Transfers

Innovaiden is based in the United States (Wyoming). Our Services utilize global cloud infrastructure, and personal information may be transferred to, stored in, and processed in the United States and other countries where our service providers operate, including the European Union, United Kingdom, and other jurisdictions.

For users in the European Economic Area (EEA), United Kingdom, or Switzerland: When we transfer personal data outside these regions, we implement appropriate safeguards, including:

Standard Contractual Clauses (SCCs) approved by the European Commission and UK Information Commissioner's Office
Data Processing Agreements (DPAs) with customers and processors
Technical and organizational measures to protect data security

We ensure that all data transfers comply with applicable data protection laws, including the General Data Protection Regulation (GDPR) and UK GDPR.

6. Security

We implement industry-standard technical, administrative, and physical security measures to protect personal information from unauthorized access, loss, misuse, alteration, and destruction, including:

Encryption of data in transit (TLS/SSL) and at rest
Access controls and authentication mechanisms
Regular security audits and vulnerability assessments
Employee training on data protection and security practices
Incident response and breach notification procedures

Security Certifications: Innovaiden is pursuing SOC 2 Type 1 certification, scheduled for Q1 2026. We are committed to maintaining industry-leading security standards.

While we take reasonable measures to protect your information, no system is completely secure. You are responsible for maintaining the confidentiality of your account credentials and should notify us immediately of any unauthorized access.

7. Your Privacy Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

7.1 Access and Portability

You may request access to the personal information we hold about you and, in some cases, receive a copy of that information in a portable format.

7.2 Correction and Update

You may request that we correct inaccurate or incomplete personal information.

7.3 Deletion

You may request that we delete your personal information, subject to certain exceptions (e.g., legal obligations, legitimate business needs, or contractual requirements).

7.4 Opt-Out of Marketing

You may opt out of receiving promotional emails by:

Clicking the "unsubscribe" link in our emails
Contacting us at privacy@innovaiden.com
Updating your communication preferences in your account settings

Note: You will continue to receive transactional and service-related communications even after opting out of marketing.

7.5 Cookie Preferences

You can manage cookie preferences through your browser settings or our Cookie Preference Center. See our Cookie Policy for more details.

7.6 Do Not Track

We currently do not respond to "Do Not Track" signals from browsers.

7.7 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Email: privacy@innovaiden.com
Address: Innovaiden Inc., 30 N Gould St STE R, Sheridan, WY 82801

We may request additional information to verify your identity before processing your request. We will respond to verified requests within the timeframe required by applicable law (typically 30 days).

8. Rights for European Users (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) and UK GDPR:

8.1 Legal Basis for Processing

We process your personal data based on the following legal grounds:

Contract performance: To provide Services you have requested or contracted for
Legitimate interests: To improve our Services, ensure security, conduct marketing, and operate our business (where not overridden by your rights)
Legal compliance: To comply with legal and regulatory obligations
Consent: Where you have given explicit consent (which you may withdraw at any time)

8.2 Your GDPR Rights

Right of access: Confirm whether we process your personal data and receive a copy
Right to rectification: Correct inaccurate or incomplete data
Right to erasure (right to be forgotten): Request deletion of your data in certain circumstances
Right to restrict processing: Limit how we process your data in certain situations
Right to data portability: Receive your data in a structured, machine-readable format
Right to object: Object to processing based on legitimate interests or for direct marketing purposes
Right to withdraw consent: Withdraw consent at any time (without affecting prior processing)
Right to lodge a complaint: File a complaint with your national data protection authority

EU Data Protection Authorities:

UK: Information Commissioner's Office (ICO) – https://ico.org.uk/concerns
EEA: Find your local authority at https://edpb.europa.eu/about-edpb/about-edpb/members_en

8.3 Data Controller and Processor Roles

Innovaiden acts as a data controller when collecting and processing information from Website visitors, prospects, and account administrators
Innovaiden acts as a data processor when processing customer data on behalf of our customers during service delivery

9. Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

9.1 Your California Rights

Right to know: Request disclosure of the categories and specific pieces of personal information we have collected, including sources, purposes, and third-party sharing
Right to delete: Request deletion of your personal information (subject to exceptions)
Right to correct: Request correction of inaccurate personal information
Right to opt out: Opt out of the "sale" or "sharing" of personal information (Note: Innovaiden does not sell personal information)
Right to limit sensitive personal information use: Limit use of sensitive personal information (if applicable)
Right to non-discrimination: You will not be discriminated against for exercising your privacy rights

9.2 California "Shine the Light" Law

California residents may request information about our disclosure of personal information to third parties for direct marketing purposes. To make such a request, contact us at privacy@innovaiden.com.

9.3 How to Exercise California Rights

To exercise your California rights, contact us at:

Email: privacy@innovaiden.com
Toll-Free: (Contact information to be added)

We will verify your identity before processing requests. Authorized agents may submit requests on your behalf with proper documentation.

10. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have inadvertently collected information from a child under 18, we will promptly delete it. If you believe we have collected information from a child, please contact us at privacy@innovaiden.com.

11. Third-Party Links and Services

Our Website and Services may contain links to third-party websites, applications, and services not operated by Innovaiden. This Privacy Policy does not apply to third-party sites. We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party sites you visit.

Third-Party Analytics: We use third-party analytics services, including:

Google Analytics (managed by Google LLC) – Privacy Policy
LinkedIn Insights (managed by LinkedIn Corporation) – Privacy Policy

These services may collect information about your use of our Website over time and across different websites.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by:

Posting the updated Privacy Policy on this page with a new "Last Updated" date
Sending an email notification to registered users (where required by law)
Displaying a prominent notice on our Website

Your continued use of the Services after changes become effective constitutes acceptance of the updated Privacy Policy. We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Innovaiden Inc. Privacy Officer 30 N Gould St STE R Sheridan, WY 82801 United States

Email: privacy@innovaiden.com Legal Inquiries: legal@innovaiden.com

For data subject rights requests, please use the email address above and provide sufficient detail to verify your identity and process your request.

This Privacy Policy is effective as of October 7, 2025.