OakcapitaXBETA
Book a Demo

Legal

Privacy Policy

Last updated May 17, 2026

OakcapitaX (“OakcapitaX”, “we”, “us”) provides a Growth OS that unifies revenue, attribution, and investor reporting for post-Series A teams. This Privacy Policy explains what we collect, how we use it, and the controls available to you. It applies to our marketing site, the OakcapitaX application, and connected services.

1. Data we collect

We collect three categories of data:

  • Account data - name, work email, workspace, role, and authentication metadata.
  • Customer business data - metrics, events, and records you sync from third-party sources (e.g., HubSpot, Salesforce, Stripe, QuickBooks, GA4, PostHog) or upload to the data room.
  • Product telemetry - usage events, device and browser metadata, and error logs used to operate, secure, and improve the service.

2. How we use data

  • Deliver core features - signals, revenue truth, attribution, experiments, workflows, runway, and investor updates.
  • Generate AI insights and narratives across your connected metrics.
  • Secure the platform, prevent abuse, and meet legal obligations.
  • Communicate product updates and respond to support requests.

We do not sell your data and we do not use customer business data to train foundation models.

3. Third-party connectors

When you connect a data source, you authorize OakcapitaX to read the scopes you grant. Tokens are stored encrypted at rest. You can disconnect any source at any time from Data Sources; we stop further reads immediately and purge cached records on the next scheduled cleanup.

4. Sub-processors and hosting

We host infrastructure with reputable cloud providers in the United States and the European Union, and we use a limited set of sub-processors for storage, AI inference, email delivery, and analytics. A current list is available on request.

5. Security

  • Encryption in transit (TLS 1.2+) and at rest (AES-256).
  • Row-level security and workspace isolation in the application database.
  • Least-privilege access, audit logging, and SSO for staff systems.
  • Regular backups and incident response procedures.

6. Data retention

Customer business data is retained for the life of your subscription. On termination, data is deleted within 30 days unless a longer retention period is required by law. You may request earlier deletion at privacy@oakcapitax.com.

7. Your rights

Depending on your jurisdiction (including GDPR and CCPA), you may have the right to access, correct, export, or delete your personal data, and to object to certain processing. Contact us and we will respond within the statutory window.

8. International transfers

Where data moves across borders, we rely on Standard Contractual Clauses and equivalent safeguards. EU and UK customers can request a copy of the relevant transfer mechanism.

9. Children

OakcapitaX is built for businesses and is not directed to anyone under 16.

10. Changes

We will post material changes to this policy on this page and, where appropriate, notify workspace admins by email before the changes take effect.

11. Contact

Questions or requests? Email privacy@oakcapitax.com.

See also our Terms of Service.