Last updated · 14 May 2026

Privacy Policy

ArtVault Inc. ("ArtVault", "we", "us", "our") respects your privacy. This Privacy Policy explains what personal data we collect when you interact with artvault.fund and our related services (the "Services"), how we use and share that data, how long we keep it, and what rights you have. It applies to prospective and existing borrowers, capital providers, contacts at counterparties, and visitors to our website.

1. Scope and Controller

ArtVault is the data controller of personal data we collect through the Services. References to "personal data" mean any information that identifies, or could reasonably identify, a natural person. For questions about this Policy or to exercise the rights described below, contact us at info@artvault.fund.

2. Information We Collect

2.1 Identity and KYC data

When you submit a Loan Application or Capital Allocation form, or proceed toward a transaction, we collect identifying information about you and, where applicable, your entity and beneficial owners: legal entity name, contact name, country of residence, government-issued identifiers, date of birth, beneficial-ownership structure, accreditation status, and source-of-funds documentation.

2.2 Collateral data

For borrowers, we collect information about the proposed collateral: asset class, appraised value, provenance documentation, condition, insurance, and any descriptive narrative you provide. We may also receive third-party appraisals, condition reports, and images.

2.3 Communications data

We collect the contents of emails, calls, messages, and meeting notes exchanged with us, including any attachments you provide.

2.4 Technical and analytics data

When you visit the Services, we automatically receive limited technical data: IP address, browser type, device identifiers, referring URL, pages viewed, approximate location, and timestamps. We use only functional and basic first-party analytics cookies; we do not use third-party advertising cookies.

3. How We Use Personal Data

We process personal data for the following purposes:

4. Legal Bases (EEA and UK)

Where the EU or UK General Data Protection Regulation applies, we rely on the following legal bases: performance of a contract with you or steps taken at your request prior to entering into a contract; compliance with our legal obligations; our legitimate interests in operating a regulated financial business, preventing fraud, and securing our services; and your consent where required (which you may withdraw at any time).

5. Sharing

We share personal data only as needed and only with parties bound by appropriate confidentiality and data-protection terms:

We do not sell personal data and we do not share personal data for cross-context behavioural advertising.

6. Retention

We retain personal data only as long as necessary for the purposes for which it was collected and to comply with applicable legal, regulatory, and audit obligations. See our Data Retention Policy for the standard periods we apply.

7. Your Rights

7.1 EU / UK residents

Subject to applicable law, you may request access to your personal data, correction of inaccurate data, erasure, restriction of processing, portability, and objection to processing based on legitimate interests. You may also lodge a complaint with your local data-protection authority. To exercise these rights, contact info@artvault.fund.

7.2 California residents

If you are a California resident, you have the right under the California Consumer Privacy Act and California Privacy Rights Act to know what personal information we collect about you and how we use and disclose it; to request deletion or correction; and to opt out of any sale or sharing of personal information. ArtVault does not sell personal information for monetary consideration and does not share it for cross-context behavioural advertising. To exercise these rights, contact info@artvault.fund.

7.3 Identity verification

We may need to verify your identity before responding to a rights request and may decline requests where verification fails or an exception applies under law.

8. Cookies

We use only essential first-party cookies necessary to operate the Services and limited first-party analytics to understand aggregate usage. We do not use third-party advertising or tracking cookies. You can disable cookies in your browser settings; some features may not work as a result.

9. International Transfers

ArtVault is established in the United States, and personal data we process may be transferred to and stored in the United States and other jurisdictions. Where the EU or UK GDPR applies, we rely on Standard Contractual Clauses or equivalent transfer mechanisms, and we implement additional safeguards where appropriate.

10. Security

We maintain commercially reasonable administrative, technical, and physical safeguards designed to protect personal data against unauthorised access, alteration, disclosure, or destruction. No system is fully secure, and we cannot guarantee absolute security.

11. Children

The Services are not directed to children and we do not knowingly collect personal data from anyone under 18.

12. Changes

We may update this Policy from time to time. The "Last updated" date above reflects the most recent revision. Material changes will be communicated through the Services or by email.

13. Contact and Data Protection Officer

Privacy questions, rights requests, and any other correspondence regarding personal data: info@artvault.fund.