Terms & Conditions
Contact: support@roundraise.co.uk
1. Data Controller
RoundRaise Ltd
Email: support@roundraise.co.uk
We are the Data Controller for all personal data collected through the RoundRaise platform.
2. Types of Data We Collect
We Collect and process the following categories of data:
2.1 Data You Provide Directly
Account information (name, email address, phone number).Company information, financial data, and operational details.Uploaded documents including pitch decks, PDFs, spreadsheets, presentations, and attachments.Preferences, settings, and responses to forms or surveys.Communications with our team (emails, messages, support requests).
2.2 Data Automatically Collected
Log files, device identifiers, IP address, browser type, operating system, session duration, timestamps.Platform analytics and interaction data (pages visited, actions taken).Cookies, local storage, and similar technologies.
2.3 Internal System and Model Data
Security logs, authentication entries, and audit trails.Internal features such as inputs to scoring algorithms, model training signals, and system performance metrics.
We do not intentionally collect any special category data unless you choose to submit such content.
3. Legal Basis for Processing
We process data under the following lawful bases:
3.1 Contract (Article 6(1)(b))
To deliver the RoundRaise Services you request, including:
- account creation
- platform functionality
- tool usage
- document processing
3.2 Legitimate Interests (Article 6(1)(f))
For purposes that are necessary and proportionate for operating and improving the platform, such as:
- internal analytics and service optimisation
- model training and product development
- detecting misuse and securing the platform
- ensuring service reliability and performance
We conduct balancing tests to ensure our legitimate interests do not override your rights.
3.3 Consent (Article 6(1)(a))
Where required, for cookies or optional features.3.4 Legal Obligation (Article 6(1)(c))Where we must retain or disclose data to comply with UK law.
4. How We Use Personal Data
We use personal and company data to operate, maintain, improve, and secure RoundRaise. Specifically:
4.1 Service Delivery
- Managing accounts, authentication, and user access.
- Displaying and processing information you submit.
- Providing tools such as fundability scoring, investor matching, and analytics.
4.2 Product Improvement and Internal Development
- Enhancing algorithms, models, and performance.
- Running internal tests, evaluations, and debugging.
- Developing new features and system capabilities.
4.3 Security and Fraud Prevention
- Monitoring access logs and system behaviour.
- Detecting suspicious or abusive activity.
- Protecting against unauthorised access and breaches.
4.4 Aggregated and Anonymised Insights
We may generate aggregated or anonymised data for internal research. This data cannot identify individuals.
4.5 Communication
We use personal data to communicate with you about your account and the Services. This includes:
- Transactional emails, onboarding instructions, password resets, and service notifications.
- Platform updates, security alerts, and administrative messages.
- Emails relating to new features, service improvements, educational content, and materials relevant to startups and fundraising.
- Messages sent through approved providers such as Mailchimp solely for delivering RoundRaise communications.
All communications are sent directly by RoundRaise.
We do not sell, rent, or share email addresses with third parties for their own marketing purposes.
You may opt out of non-essential or marketing communications at any time by using the unsubscribe link provided in the message or by contacting support@roundraise.co.uk.
5. What We Do Not Do
We do not sell your data.
We do not share your data with third parties for their own use.
We do not use your data for external advertising purposes.
Any third-party processor we use is strictly bound by a data processing agreement and acts solely on our instructions.
6. Third-Party Processors
We use service providers for:
- secure hosting
- authentication
- analytics
- infrastructure management
These providers may process data on our behalf under strict confidentiality and data-protection controls. They cannot use or access the data for any purpose other than fulfilling their contractual obligations to us.
No data is shared for commercial or marketing benefit.
7. International Data Transfers
If data is processed outside the UK, we use:
- UK Addendum to the EU Standard Contractual Clauses (SCCs), or
- ICO-approved transfer mechanisms
To ensure an equivalent level of protection.
8. Data Retention
We retain data only as long as necessary for operational, legal, or security purposes.
This includes:
- the duration of your account’s activity
- a reasonable period thereafter for audit, compliance, and backup integrity
You may request deletion, subject to legal obligations and fraud-prevention requirements.
9. Your Rights Under UK GDPR
You have the right to:
- Access your personal data.
- Rectify inaccurate or incomplete data.
- Erase data (“right to be forgotten”).
- Restrict processing in certain circumstances.
- Object to processing based on legitimate interests.
- Portability — request personal data in a machine-readable format.
- Withdraw consent at any time (where applicable).Requests may be made via: support@roundraise.co.uk. If you believe your rights are not being respected, you may lodge a complaint with the ICO (https://ico.org.uk).
10. Cookies
RoundRaise uses cookies and similar technologies for:
- authentication
- platform functionality
- usage analytics
- security
You may disable non-essential cookies through your browser settings.
11. Data Security
We implement strong industry-standard security controls, including:
- encryption in transit and at rest
- secure access controls
- monitoring and logging
- infrastructure isolation
- regular vulnerability reviews
No system is completely secure, but we take all reasonable measures to protect your data.
12. Automated Decision-Making
Some features involve automated processing, including scoring algorithms and investor-matching outputs. These systems:
- are designed to assist your decision-making,
- are not legally binding,
- include safeguards,
- andcan be reviewed on request.
13. Changes to this Policy
We may update this Privacy Policy to reflect operational or legal changes. Updates take effect upon publication on our website.