Last updated: June 19, 2026
This Privacy Policy explains how OptImpact (the “Network”, “we”, “us”) collects, uses, shares, and protects information about you when you visit, register for, or use the Network's website and related services (the “Service”). The Network operates on the Artha Platform (the “Platform”), which is licensed from Artha Networks, Inc. (“ANI”). The Platform provides the underlying technology that runs the Service, and ANI processes information on the Network's behalf as a service provider.
This Privacy Policy is incorporated into and forms part of the OptImpact Terms and Conditions. Capitalized terms not defined here have the meaning given to them in the Terms and Conditions. By using the Service, you confirm that you have read this Privacy Policy and agree to the practices described in it.
For most personal information collected through the Service, the Network is the “data controller” (or equivalent) and decides how and why that information is processed. ANI acts as the Network's “data processor” (or equivalent service provider) and processes information on documented instructions from the Network. Where ANI determines its own purposes for processing — for example, to operate, secure, and improve the Platform itself — ANI acts as a data controller for those limited purposes.
If you have questions about how a particular Network handles your information, please contact that Network directly using the contact details on its website. If you have questions about the Platform, you can contact ANI using the details in Section 14.
We collect information that you provide directly to us, information generated automatically through your use of the Service, and information we receive from third parties.
Account and profile information. When you register or build out your profile, we collect identifiers and contact information such as your first and last name, username, email address, telephone or mobile number, mailing address (street, city, state/region, postal code, country), job title or position, and a password. You may also choose to provide a profile photo, cover image, short biography or status message, and links to social or professional accounts (for example, a Twitter, Skype, or LinkedIn handle). Some fields are optional; we indicate the required fields at the point of collection.
Organization and company information. If you represent or create a company, fund, investor entity, enterprise support organization, service provider, or other organization on the Service (an “Organization”), we collect information about that Organization, which may include its legal or trading name, business email and phone number, website, registered or operating address, country and state, year founded, number of employees, sectors, mission and impact information, tax identifier, descriptions of products and services, team members, affiliations, awards, and other content you choose to share. Where the Organization is a sole trader or natural person, this information may also constitute personal data about you.
Investment, deal, and impact information. Investors, promoters, enterprises, and other Users may submit information about investment opportunities or “Deals”, including narrative descriptions, sectors, geographies, sustainable development goals (SDGs) targeted, financial information (such as funds under management, current and total assets, current and total liabilities, equity, EBITDA, net cash, audited or unaudited financial statements, currency, and projected financials), beneficiaries reached, environmental or social outcomes, and supporting documents. Some of this information is sensitive, commercially confidential, or both, and is shared only with the Users you choose to share it with within the Network.
Due diligence information. Where a Deal moves into a diligence process, you and other diligence participants may upload, request, answer, or comment on diligence questions, supporting documents, financial models, references, and similar materials. Diligence information is visible to participants in that diligence process and to authorized administrators of the Network.
Communications. When you send messages through in-Service messaging, post comments or activity on a feed, request access to a deal, accept or decline an introduction or connection request, contact support, or interact with other Users, we collect the content of those communications and related metadata (such as recipients, timestamps, attachments, and read status).
Payment information. Where the Service involves a paid feature, subscription, or similar transaction, payments are processed by our third-party payment provider, Stripe. Stripe collects your card or bank details directly; we do not store full card numbers on our own systems. We retain limited transaction information such as your name, billing address, the last four digits and expiry of the card, transaction amounts, currency, and status.
Verification and accreditation representations. Where required, you may provide representations about accredited or qualified investor status under United States or other applicable securities laws, and supporting information for those representations. We may retain those representations and supporting information as a record of compliance.
Information about other people. If you invite a colleague, organization, or contact to join the Service, we collect their name, organization, and email address so that we can send the invitation. Please make sure you have their permission before sharing their details.
Device and usage information. When you use the Service, we automatically collect information such as your IP address, approximate location derived from that IP address, browser type and version, operating system, device identifiers, referring and exit pages, pages and features viewed, search terms, the date and time of your visit, and a unique session identifier. We use this information to operate the Service, secure it against abuse, and analyze how it is used.
Cookies and similar technologies. We and our service providers use cookies, pixels, local storage, and similar technologies. See Section 6 for details and your choices.
Single sign-on and social login. If you choose to sign up or sign in using Google, LinkedIn, or another supported third-party identity provider, we receive a unique identifier from that provider together with your name, email address, and profile picture. The information we receive depends on your privacy settings with that provider and the permissions you grant during sign-in.
Network administrators. The Network or its administrators may add you to the Service, pre-populate your profile, or update information about you and your Organization based on information they have collected from you offline (for example, application forms, due diligence, or events).
Public sources. We may, from time to time, supplement information already in our records with information from public sources (for example, public business registries, company websites, or public social profiles) where that information is relevant to operating the Service.
We use the information described above to:
(a) provide, operate, and maintain the Service, including creating and authenticating your account, displaying your profile and Organization to authorized Users, enabling messaging and connections, processing applications and deals, and supporting the diligence process;
(b) personalize your experience, including showing you relevant deals, organizations, and content within the Network;
(c) communicate with you, including sending transactional messages (such as account verification, password resets, deal updates, diligence notifications, message and connection alerts, and service announcements) and, where you have opted in or where permitted by law, newsletters or marketing communications;
(d) process payments, manage subscriptions, and prevent fraudulent transactions;
(e) generate optional AI-assisted summaries, drafts, or analyses of organization and deal content where this feature is enabled by the Network. Where AI features are used, the relevant content is sent to our AI service provider to produce the output, but is not used by us to train general-purpose AI models;
(f) monitor, secure, and improve the Service, including detecting and preventing fraud, abuse, spam, and security incidents, debugging errors, and producing aggregated statistics about how the Service is used;
(g) comply with legal and regulatory obligations, respond to lawful requests from public authorities, and enforce our Terms and Conditions; and
(h) carry out research, planning, and reporting about the activities of the Network and the impact achieved through the Service, in aggregated or de-identified form where reasonably possible.
If you are located in the European Economic Area, the United Kingdom, or Switzerland, we process your personal data on the following legal bases:
(a) Performance of a contract, where processing is necessary to provide you with the Service you have signed up for, including creating your account, processing your deals, and supporting diligence;
(b) Legitimate interests, where processing is necessary for our or a third party's legitimate interests — for example, securing the Service against abuse, communicating with you about changes to the Service, generating aggregate analytics, and supporting the impact-investing community — provided those interests are not overridden by your fundamental rights;
(c) Consent, where you have given consent (for example, to receive marketing communications, to enable optional AI features, or to set non-essential cookies). You may withdraw consent at any time without affecting the lawfulness of prior processing;
(d) Legal obligation, where processing is necessary to comply with applicable law (for example, accounting, tax, anti-money-laundering, or securities recordkeeping requirements).
With other Users on the Network. The Service is fundamentally a network. Information you make available on your profile, your Organization page, deal listings, comments, activity feed posts, and similar surfaces is visible to other Users of the Network according to the visibility rules of the Service and any choices you make. Only Users with whom you connect, who participate in the same deal or diligence process, or who are otherwise authorized within the Network can see information that is not designated as public. Where you mark your Organization or profile as “public”, that information may be visible to people outside the Network, including via search engines.
With Network administrators. The Network and its authorized administrators (including the license holder) have access to information about you, your Organization, and your activity for the purpose of governing and administering the Network, supporting Users, and producing reporting about Network activity.
Between Networks. Some Users may be introduced to participants from other investment networks operating on the Platform. Where you accept such an introduction or otherwise choose to connect with another network, we may share the information necessary to facilitate that connection in line with the rules of the relevant networks. We will not share your detailed profile, deal, or diligence information with another Network without your consent or another lawful basis.
With service providers. We share information with vendors that help us operate the Service. These providers are bound by contract to use the information only on our instructions and for the purposes described below. The current categories of providers are listed in Section 7.
With ANI as the platform operator. ANI processes information on the Network's behalf to provide, host, secure, and support the Platform. ANI also uses limited operational and technical information (such as platform-wide error logs, abuse signals, and aggregated usage statistics) to operate and improve the Platform itself.
For legal reasons. We may disclose information where we believe in good faith that doing so is necessary to: (a) comply with a law, regulation, court order, subpoena, or other valid legal process; (b) enforce our Terms and Conditions or investigate potential violations; (c) detect, prevent, or otherwise address fraud, security, or technical issues; or (d) protect the rights, property, life, health, or safety of the Network, ANI, our Users, or the public.
Business transfers. If the Network or ANI is involved in a merger, acquisition, financing, reorganization, sale of assets, or insolvency proceeding, your information may be transferred as part of that transaction, subject to standard confidentiality protections. We will notify you of any such change and of your choices, where required by law.
With your consent. We share your information for any other purpose with your consent.
We do not sell your personal information for money. We do not share your personal information for cross-context behavioral advertising.
We use the following categories of cookies and similar technologies:
(a) Strictly necessary cookies, which are required to operate the Service — for example, to keep you signed in, remember items in a workflow, protect against fraudulent or abusive sign-ins, and load-balance traffic. These cannot be turned off without breaking core functionality.
(b) Preference cookies, which remember choices you make such as language and display settings.
(c) Analytics cookies, which help us understand how the Service is used so that we can improve it. We use Google Tag Manager and Google Analytics for this purpose, and certain Networks may also use Hotjar to understand user journeys. These tools may set their own cookies and collect device, browser, and usage information.
(d) Anti-bot and security cookies, set by Cloudflare Turnstile to distinguish humans from automated traffic at sign-in and on certain forms.
When you first visit the Service, we display a cookie banner and record your choice. You can also control cookies through your browser settings — most browsers allow you to refuse new cookies, delete existing cookies, and be notified when cookies are set. If you disable cookies, parts of the Service may not function properly.
The Service relies on the following categories of service providers. The specific providers in use may evolve over time as the Service changes; we will keep this list reasonably current.
(a) Hosting and infrastructure — Amazon Web Services, Inc. (cloud hosting, file storage in Amazon S3, transactional email through Amazon SES);
(b) Transactional email — Mailgun (Sinch) and Postmark (ActiveCampaign) for delivering account, notification, and other transactional messages;
(c) Payments — Stripe, Inc. for processing card payments and subscriptions;
(d) Real-time messaging — Pusher (a Pusher Ltd. service) for delivering in-app notifications and messaging events;
(e) Identity and authentication — Google LLC and LinkedIn (Microsoft Corporation) for optional sign-in with those identity providers;
(f) Maps and location — Google Maps Platform and related geocoding services to display Organizations and deals on a map and to look up addresses;
(g) Analytics — Google Tag Manager and Google Analytics; some Networks also use Hotjar (Contentsquare) for session analytics;
(h) Bot protection — Cloudflare Turnstile (Cloudflare, Inc.) to protect public forms and sign-in;
(i) AI features — OpenAI, OpCo, LLC for optional AI-assisted summaries, drafts, and analyses where the Network has enabled those features. Content sent to OpenAI is processed under OpenAI's API Data Usage policies and is not used by OpenAI to train its general-purpose models;
(j) Customer relationship management — HubSpot, Inc. and Pipedrive OÜ, where the Network has connected its own CRM account to synchronize a subset of contact and Organization information selected by the Network;
(k) Productivity and storage tools — standard developer, support, and analytics tools used by ANI and the Network to operate and maintain the Service.
The Service is operated from, and most data is stored on infrastructure located in, the United States. Some of our service providers operate in other countries. As a result, your information may be transferred to, stored in, and processed in countries other than the country in which you live, including countries whose data-protection laws differ from those of your country.
Where required by law, we rely on appropriate safeguards for these transfers, such as the Standard Contractual Clauses approved by the European Commission and the UK International Data Transfer Addendum, together with supplementary measures where appropriate. You can request a copy of the safeguards we use by contacting us as described in Section 14.
We keep your information for as long as your account is active or as long as needed to provide the Service. After your account is closed or deleted, we may retain some information for a limited period to comply with legal, accounting, tax, securities, or recordkeeping obligations, to resolve disputes, to enforce our agreements, to maintain integrity of our backups, or to preserve information that is part of an ongoing diligence or transaction in which other Users have a legitimate interest. When we no longer have a need to retain personal information, we will delete or anonymize it. Backups are deleted on a rolling cycle.
We use a combination of technical, organizational, and physical safeguards designed to protect your information against unauthorized access, loss, alteration, and disclosure. These include encryption of traffic in transit using HTTPS/TLS, encryption of stored files in our cloud object storage, hashed and salted passwords, role-based access controls, audit logging, network segmentation, and regular review of access. No system is completely secure, and we cannot guarantee the absolute security of your information. You can help by choosing a strong, unique password, keeping your credentials confidential, and notifying us promptly of any suspected unauthorized access to your account.
Within the Service. You can review and update most of your account, profile, and Organization information directly in the Service. You can also adjust the visibility of your profile, mark your Organization as public or private, manage your connections, leave or delete deals you control, and manage your communication preferences in your account settings. You can ask the Network to delete your account by using the in-Service controls or by contacting the Network's administrators.
Email communications. Most non-essential email messages include an unsubscribe link, and you can adjust your communication preferences in your account settings. We will continue to send you essential service messages (for example, security alerts, billing notices, and material changes to the Service) for as long as you have an account.
EEA, UK and Switzerland. If you are in the EEA, the UK, or Switzerland, you have rights to (a) access the personal data we hold about you, (b) request correction of inaccurate or incomplete data, (c) request erasure of your data in certain circumstances, (d) request restriction of processing, (e) object to processing carried out on the basis of legitimate interests or for direct marketing, (f) request portability of data you have provided to us, and (g) lodge a complaint with your local supervisory authority.
California. If you are a California resident, you have rights under the California Consumer Privacy Act, as amended (the “CCPA”), to (a) know what personal information we have collected about you and how it has been used, shared, or disclosed, (b) request deletion of your personal information, (c) request correction of inaccurate personal information, and (d) opt out of any sale or sharing of personal information for cross-context behavioral advertising. As stated above, we do not sell personal information for money and we do not share personal information for cross-context behavioral advertising.
How to exercise your rights. You can exercise your rights by contacting us using the details in Section 14. We may need to verify your identity before responding to your request. We will respond within the time required by applicable law. You may authorize an agent to make a request on your behalf, subject to verification of the agent's authority. We will not discriminate against you for exercising any of these rights.
The Service is intended for adults engaged in professional, business, or investment activities and is not directed to children. We do not knowingly collect personal information from anyone under the age of 18. If you believe a child has provided us with personal information, please contact us so that we can take appropriate steps.
The Service may contain links to websites, applications, or content operated by third parties, including profiles or filings hosted elsewhere by Organizations. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy notices of any site you visit through a link from the Service.
If you have a question, complaint, or request relating to this Privacy Policy or your information, you can contact the Network at the address shown on its website. You can also contact ANI at privacy@arthanetworks.com, or by writing to Artha Networks, Inc., 1500 Mission Street, San Francisco, California 94103, United States. ANI is the platform operator; the Network remains the primary point of contact for questions about its own use of the Service.
We may update this Privacy Policy from time to time to reflect changes in the Service, our practices, or applicable law. When we make material changes, we will notify you by posting the updated policy on the Service and updating the “Last updated” date above and, where required by law, by sending you an additional notice. Your continued use of the Service after the changes take effect means that you accept the updated Privacy Policy.