Effective Date: 20.04.2026

1. Introduction

TechAngels (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our investment platform and related services. We operate under Romanian jurisdiction and comply with applicable data protection laws, including the General Data Protection Regulation (GDPR).

By using our website, you consent to the data practices described in this policy.

2. Information We Collect About Our Members and Why

We collect information that identifies you including:

• Name, email address, telephone number, and postal address, social media links, due dilligence, referral – we will use this information to identify you, communicate and ask our members for feedback; social media links to allow people to connect with you, unless you disagree. Due dilligence questions are used to help us make a decision regarding your application while referral related to the member who referred you to our Association.
• IP address, device ID, and browser information – to access the website and the platform
• Payment and billing information for processing membership related transactions
• Investment history, preferences, financial information, expertise, bio, photo and accreditation status – in case you are accepted, your photo will be displayed on our website, unless you disagree.
• Activity data including content uploaded, startuos viewed, interacted with, members you communicate with, and usage patterns of our internal infrastructure (e.g. software)
• Information from third-party sources to verify identity and ensure accuracy
• Professional background and investment experience

Startup application form questionnaire

Startup documents that might contain personal data

On the legal basis of the legitimate interest of TechAngels Association to accept new startups for pitches:

• Name, surname – to identify you.
• Email and Phone number – to be able to communicate with you.
• Startup application form questionnaire – to allow members to better understand your company, solutions and the business issues they resolve.
• Key team members – here you can upload the names and details of the key people in your organization. Please bear in mind that you are a data controller for the personal data you are entering in these fields!
• Startup documents that might contain personal data – pitch deck, financials, media files, photos – if selected, you will present this in a call on Zoom to our interested members. Please bear in mind that you are a data controller for the personal data you are storing in these documents!
• We do not recommend including any sensitive, personally identifiable information or other sensitive confidential information.

3. How We Use Your Information

We use information to:

• Provide requested investment platform services and facilitate connections between entrepreneurs and investors
• Verify identity and accreditation status for investment compliance
• Process payments and manage billing
• Send communications about investment opportunities and platform updates
• Analyze usage patterns and improve our services
• Customize marketing and investment analyses (e.g. publishing reports and aggregated information on startups and investments made by the organisation and its members)
• Create aggregated statistical data for business insights
• Detect fraud and address security issues
• Comply with legal obligations and regulatory requirements
• Facilitate startup investment (e.g. by connecting members with startups)

4. Data Sharing and Third Parties

We share personal information with:

• Service providers: Payment processors, hosting providers, customer support, investment related platform
• Business partners: Verified entrepreneurs and investors on our platform (with appropriate consent)
• Legal compliance: In connection with legal process, court orders, or regulatory requirements
• Fraud prevention: To detect and prevent fraudulent activities
• Emergency situations: To protect rights, safety, and security of users and the public

5. User Rights (GDPR/CCPA)

Your GDPR Rights

You have the right to:

• Access your personal data and receive information about our processing
• Request correction of inaccurate or incomplete data
• Request deletion of your data (right to be forgotten)
• Object to processing of your personal data
• Request restriction of processing in certain circumstances
• Data portability to receive your data in a structured format
• Withdraw consent where processing is based on consent
• Lodge a complaint with your local supervisory authority

Your California Rights (CCPA)

California residents have the right to:

• Know what personal information is collected about you
• Request deletion of your personal information
• Opt-out of the sale of personal information
• Non-discrimination for exercising your privacy rights

We do not sell personal information without explicit consent.

To exercise these rights, contact us at contact@techangels.ro.

6. Payment Information

When you make payments for our organisation (e.g. subscription memebrship fee):

• We collect billing information including name, address, and payment method details
• Payment processing is handled by third-party processors who maintain PCI DSS compliance
• We do not store complete credit card numbers or sensitive payment data on our servers
• Payment information is used solely for processing transactions and fraud prevention
• Billing records are retained for accounting, tax, and legal compliance purposes

7. Data Security

We implement technical and organizational measures to protect personal data including:

• Encryption of data in transit and at rest using industry-standard protocols
• Access controls and authentication systems to limit data access
• Regular security assessments and vulnerability testing
• Employee training on data protection and security practices
• Incident response procedures for potential data breaches

However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

8. International Data Transfers

Personal information may be transferred to and processed in countries outside Romania and the European Union, including countries that may not provide equivalent data protection laws. We will implement appropriate safeguards for international transfers including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions where available
• Other lawful transfer mechanisms as required by applicable law
• Due diligence assessments of data protection standards in destination countries

9. Data Retention

We retain personal information for as long as necessary to:

• Fulfill the purposes outlined in this policy
• Comply with legal obligations and regulatory requirements
• Resolve disputes and enforce agreements
• Maintain records for investment compliance and audit purposes

Retention periods vary based on data type and legal requirements. Your personal data contained in your member application will be retained for three years, if you don’t become a member of the TechAngels Association, based on our legitimate interest to have a history of people who applied.

If you are a member, your personal data, including the data from the membership fee made to the TechAngels Association will be archived for five years since your last interaction with TechAngels Association.

The data from the startup pitches will be retained for three years, based on our legitimate interest to have a history of applications.

Your online activity data will be kept for the lifetime of the cookies or until you decide to delete the cookies.

10. Children’s Privacy

Our investment services are not directed to individuals under 18 years of age (or the age of majority in your jurisdiction). We do not knowingly collect personal information from minors. If we learn that we have collected information from a child without appropriate parental consent, we will delete such information promptly. Parents or guardians may contact us at contact@techangels.ro to review, modify, or delete their child’s information.

11. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. We will notify you of material changes by:

• Posting the updated policy on our website with a new effective date
• Sending email notifications for significant changes

Your continued use of our services after changes become effective constitutes acceptance of the updated policy.

12. Contact Information

For questions about this Privacy Policy, to exercise your rights, or to report privacy concerns, please contact us:

TechAngels

Email: contact@techangels.ro

Jurisdiction: Romania

For GDPR-related inquiries:

You can also contact the National Supervisory Authority for Personal Data Processing at www.dataprotection.ro and file a complaint with them.

This Privacy Policy is governed by Romanian law and complies with GDPR and other applicable data protection regulations.