1. Who We Are – Data Controller

For users located in the EU, UK, or Israel, the “data controller” responsible for your Personal Data is:

OpImpact Fund, LP
Tel Aviv, Israel
Email: privacy@opimpact.fund

Where required under EU/UK law, OpImpact may appoint an EU/UK representative. Updated details will be reflected in this Policy when applicable.

2. What Personal Data We Collect

We collect the following categories of Personal Data when you use our Site or interact with OpImpact:

A. Identity & Contact Information

• Full name

• Email address

• Phone number

• Company/organization

• Role/title

B. Investment-Related Information

Applicable to LPs, prospective LPs, founders, and dealflow submitters:

• Company information and pitch materials

• Due-diligence documents

• Information submitted via contact forms

• AML/KYC documentation where required (e.g., government ID, beneficial ownership info)

C. Technical & Usage Data

Collected automatically via cookies:

• IP address

• Browser type, device type, OS

• Pages viewed, time on site, referring URLs

• Basic location inferred from IP (region/country only)

(We do NOT collect GPS-level geolocation.)

D. Communications Data

• Emails, messages, and other interactions with OpImpact

• Preferences and consents regarding communications

E. Marketing & Event Interaction Data

• Registration data for newsletters, webinars, or events

• Preferences regarding marketing

F. Aggregated Data

We may use aggregated or anonymized data for analytics and performance measurement. This data does

not identify individuals.

3. How We Collect Personal Data

A. Directly from You

• Contact forms

• Newsletter sign-ups

• Email correspondence

• Event registration

• Dealflow submissions (pitch decks, summaries, data rooms)

B. Automatically

Cookies and analytics tools (Google Analytics).

We do not use Facebook SDK, mobile SDKs, or device-level advertising identifiers.

C. From Third Parties

• Service providers (analytics, CRM)

• Public sources (LinkedIn, company websites)

• Referral partners or co-investors

4. How We Use Your Personal Data

We use Personal Data for the following purposes, in accordance with applicable laws:

A. Operating the Site & Services

• Provide access to content

• Maintain security, detect misuse

• Improve site functionality and user experience

B. Responding to Inquiries

• Respond to your questions

• Facilitate introductory calls

• Evaluate dealflow submissions

C. Investment & Fund Operations

For founders, portfolio companies, LPs, and prospective LPs:

• Perform due diligence

• Assess investment opportunities

• Manage investor relations / subscriptions

• Comply with AML/KYC and regulatory obligations

D. Marketing & Communications

• Send updates, insights, reports

• Invite you to events

You may opt out at any time.

E. Legal & Compliance

• Meet obligations under GDPR/UK-GDPR, Israeli Privacy Law, and US regulatory requirements

• Maintain records for audits, compliance, or legal claims

5. Legal Bases for Processing (EU/UK Only)

Where GDPR/UK-GDPR applies, OpImpact relies on the following legal bases:

• Performance of a contract (e.g., with LPs or founders)

• Legitimate interests (e.g., operating a secure website, evaluating pitch submissions, fund operations)

• Compliance with legal obligations (e.g., AML/KYC, tax/regulatory reporting)

• Consent (only for marketing communications where required)

6. Cookies & Tracking Technologies

We use a minimal cookie stack:

We use:

• Essential cookies (site functionality)

• Analytics cookies (Google Analytics)

We do NOT use:

• Advertising/targeting cookies

• Facebook Pixel

• Firebase SDK

• Cross-app tracking technologies

You may adjust cookie settings via your browser.

7. Sharing Your Personal Data

We may share Personal Data with:

A. Service Providers

• Cloud hosting

• Analytics (Google)

• CRM and workflow tools

• Email delivery providers

These providers use Personal Data only on our instructions.

B. Legal / Regulatory Disclosures

Where required by:

• Courts

• Regulators

• Government authorities

• AML/KYC verification partners

C. Fund Operations & Transactions

• Professional advisors (legal, accounting, compliance)

• Co-investors during due diligence

• Potential acquirers or successors (in case of restructuring)

We do not sell Personal Data.

8. International Data Transfers

We may transfer your data to:

• Israel

• The United States

• EU/EEA member states

• Other jurisdictions in which OpImpact or its service providers operate

Transfers are made using:

• Standard Contractual Clauses (SCCs)

• Adequacy decisions (e.g., Israel recognized by EU as adequate)

• Contractual safeguards

9. Data Security

We implement administrative, technical, and physical controls to protect Personal Data, including:

• Secure infrastructure

• Access controls

• Encryption in transit

• Monitoring for suspicious activity

No security system is completely foolproof, but we take commercially

reasonable measures to protect

your data.

10. Data Retention

We retain Personal Data only as long as necessary for:

• Fund operations

• Investor relations

• Legal, tax, and compliance obligations

• Resolving disputes

Retention periods vary based on document type and regulatory requirements.

11. Your Rights

Depending on your jurisdiction (EU, UK, Israel, certain US states), you may

request:

• Access to your data

• Correction of inaccurate data

• Deletion of your data

• Restriction of processing

• Objection to processing (including marketing)

• Data portability

• Withdrawal of consent (where processing relies on consent)

Requests may require proof of identity.

Contact: privacy@opimpact.fund

12. Minors

The Site and Services are not intended for individuals under 18.

We do not knowingly collect data from minors.

13. Third-Party Links

Our Site may link to external websites.

We are not responsible for the privacy practices of third-party sites.

14. Changes to This Policy

We may update this Policy periodically.

The updated version will be posted with a revised “Last Updated” date.

15. Contact Us

OpImpact Ventures Fund, LP

Tel Aviv, Israel

Email: privacy@opimpact.fund