Sign Up
Log In

Privacy Policy

Last updated: 23 January 2026

This Privacy Policy explains how InnMind Europe, S.L. (“InnMind”, “we”, “us”) collects, uses, shares, and protects personal data when you use:

  • innmind.com (marketing website)
  • app.innmind.com (the InnMind platform)
  • any related pages, subdomains, and services that link to this Privacy Policy (together, the “Services”)

If you do not agree with this Privacy Policy, please do not use the Services.

1) Data Controller

Controller: InnMind Europe, S.L.

Tax ID (NIF): ESB67475806

Registered address: C/ Melcior de Palau, 143 bajos, 08014 Barcelona, Spain

Email: support@innmind.com

2) What data we collect

We collect the following categories of personal data, depending on how you use the Services:

2.1 Account and profile data

  • Name, username, email address
  • Account identifiers, role/type (e.g., Startup, Investor, Service Provider, Corporation)
  • Profile information you provide (e.g., company/project details, bio, links, tags)

2.2 Content and files you upload

  • Files and documents you upload to the platform (e.g., pitch decks, profile images, supporting documents)
  • Metadata related to uploads (filename, size, upload time)

Note: We do not require KYC to use the Services and we do not intentionally collect passport/ID numbers for KYC.

2.3 Payment and billing data

  • Transaction identifiers, subscription status, billing history
  • Limited billing information (e.g., billing name, country)

Card details are processed and stored by Stripe (our payment processor). We do not store full card numbers.

2.4 Usage and analytics data

  • Device and browser information, IP address (typically in logs/analytics)
  • Pages/screens viewed, clicks, events, feature usage
  • Approximate location (derived from IP, depending on settings)

2.5 Communications

  • Messages you send to our support channels
  • Technical and account-related emails we send you

2.6 Cookies and similar technologies

We use cookies and similar technologies for essential functionality and analytics.

3) How we use your data (purposes)

We use personal data to:

  1. Provide and operate the Services (account creation, authentication, profiles, features)
  2. Process payments and manage subscriptions
  3. Store and deliver uploaded files
  4. Provide support and respond to requests
  5. Maintain security, prevent abuse, and enforce Terms
  6. Measure and improve product performance (analytics and product insights)
  7. Send essential service communications (e.g., confirmations, security notices, billing notices)
  8. Send onboarding, product, and engagement communications via Dashly (for example: onboarding sequences, feature updates, and account-related guidance)
  9. Send marketing communications (where permitted by law, and where required based on your consent), and provide an option to opt out
  10. Enable certain workflows and notifications (e.g., Telegram-based notifications for internal operations and, where applicable, access management)

4) Legal bases (GDPR/EEA)

If you are in the EEA/UK, we process personal data under the following legal bases:

  • Contract: to provide the Services you request (account, subscription, digital products) and to send essential service communications
  • Legitimate interests: to secure, maintain, and improve the Services, prevent fraud/abuse, understand product usage, and send onboarding/product communications where permitted by law
  • Consent: where required for certain cookies/technologies or for marketing communications, and where you can withdraw consent at any time
  • Legal obligation: to comply with applicable laws (e.g., accounting, tax)

5) How we share data (processors and recipients)

We share personal data with trusted third parties that help us run the Services (processors), subject to contractual safeguards.

5.1 Payment processing

  • Stripe — payment processing and subscription management

5.2 Analytics, support, engagement, and communications

  • Google Analytics (GA4) — website/app usage analytics
  • Dashly — product analytics, user engagement, support chat, and email communications (for example: onboarding and product updates)

5.3 Storage and infrastructure

  • Amazon Web Services (S3) — storage of uploaded files and related data
  • Meteor Galaxy — application hosting/infrastructure for the platform

5.4 Telegram-based workflows

  • Telegram — Telegram is used for optional user workflows. If you choose to provide a Telegram handle/identifier, we may use it to (a) send you invitations/links and (b) manage access to community spaces such as a premium Telegram group (where included in your plan). We only use the minimal data needed for this purpose.

5.5 Legal and compliance

We may disclose data if required by law, regulation, or valid legal process, or to protect rights, safety, and security.

6) International transfers

Some of our processors may process data outside the EEA/UK. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or equivalent mechanisms.

7) Data retention

We retain personal data only as long as necessary for the purposes described in this Policy:

  • Account data: for as long as your account is active; after deletion, we may retain limited records as required for legal, security, or audit purposes.
  • Payments: billing records may be retained for tax/accounting obligations.
  • Uploaded files: retained while your account is active or until you delete the files; backups may persist for a limited period.
  • Analytics: retained according to our analytics settings and operational needs.

You can request deletion as described below.

8) Security

We use reasonable administrative, technical, and organizational measures to protect personal data. For uploaded documents and files, we use protected storage and controlled access.

No method of transmission or storage is 100% secure; therefore, we cannot guarantee absolute security.

9) Your rights

Depending on your location, you may have rights to:

  • Access your personal data
  • Correct or update your data
  • Request deletion (subject to legal exceptions)
  • Object to or restrict processing
  • Data portability
  • Withdraw consent where processing is based on consent

Marketing opt-out: You can opt out of marketing emails at any time by using the unsubscribe link included in our emails.

To exercise your rights, contact support@innmind.com.

If you are in the EEA/UK, you also have the right to lodge a complaint with your local data protection authority.

10) Cookies and consent

We use cookies for essential functionality and analytics.

Cookie consent: If we use cookies that require consent under applicable law, we will request your consent before placing them.

Implementation note: If a dedicated cookie consent mechanism is not currently present, we recommend enabling one (and a Cookie Policy page) to reflect the tracking technologies used.

11) Children

The Services are not intended for children under 16 (or the minimum age required in your jurisdiction). We do not knowingly collect personal data from children.

12) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the “Last updated” date.

13) Contact

For privacy questions or requests, contact: support@innmind.com