Privacy Policy

This Privacy Policy describes the data practices of Base28, Inc. with respect to information collected through its platform, applications, and diagnostic tooling. It applies to founders, operators, investors, partners, and visitors interacting with any Base28 digital property.

Base28 collects identity information voluntarily submitted during intake and onboarding; venture metadata necessary for program participation; telemetry generated through engagement with platform tooling; and communications exchanged with the Base28 team.

The platform does not collect biometric data, government-issued identifiers, or special categories of personal data without explicit, granular consent.

All personal and venture data is processed in accordance with a defense-in-depth protocol that includes encryption at rest and in transit, least-privilege access controls, segregated production environments, and continuous monitoring of access patterns. Privileged operations are logged and subject to periodic review.

Information is used exclusively to operate the foundry, evaluate applications, deliver programmatic value, facilitate investor and partner introductions where authorized, and improve the underlying methodology. Base28 does not sell personal information, and does not deploy third-party advertising trackers on its core platform.

Member-submitted content may be processed by AI systems operated by Base28 or its vetted infrastructure providers for the limited purpose of generating diagnostic outputs requested by the Member. Member content is not used to train foundation models without express, separate consent.

Base28 retains a limited number of subprocessors for hosting, analytics, authentication, and AI inference. Each subprocessor is bound by contractual obligations consistent with the standards set forth in this Policy.

Personal data is retained for the duration of the Member relationship and for a defined period thereafter, after which records are anonymized or deleted in accordance with internal retention schedules. Members may submit deletion requests through the channels designated below.

Members may request access to, correction of, portability of, or deletion of their personal information, subject to applicable legal limitations. Requests are processed within a commercially reasonable period and acknowledged in writing.

Inquiries regarding this Policy may be directed to the Base28 privacy office through the designated contact channels published on the platform.