Privacy Policy

Effective Date: January 21, 2026
Version: 1.0

1. Introduction

Haleos, Inc. ("Haleos," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at haleos.com (the "Website") and when you use our Haleos Atlas platform at atlas.haleos.com and related services (collectively, the "Services").

Please read this Privacy Policy carefully. By accessing or using our Website or Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our Website or Services.

Key Points:

• We collect different types of information depending on whether you're visiting our Website or using our Services

• We use artificial intelligence (Jane) to provide personalized assistance, powered by your data

• You have control over your information and can exercise your privacy rights at any time

• We comply with GDPR, CCPA, and other applicable privacy laws

2. Scope and Application

This Privacy Policy applies to:

2.1 Our Website (haleos.com)

Information collected when you visit our marketing website, including:

• Browsing our public pages

• Submitting contact forms or demo requests

• Signing up for newsletters or updates

• Accessing public resources or blog content

2.2 Haleos Atlas Application (atlas.haleos.com)

Information collected when you create an account and use our platform, including:

• Atlas FounderOS™ (for startup founders and teams)

• Atlas InvestorOS™ (for venture capitalists and angel investors)

• Jane (our artificial intelligence cofounder/copartner)

• All integrated tools and features within the platform

2.3 Related Services

• Customer support interactions

• Community forums or events

• Beta programs or product testing

This Privacy Policy does not apply to third-party websites, applications, or services that you may access through our Services, even if we link to them.

3. Information We Collect

We collect information in three primary ways: (1) information you provide directly to us, (2) information we collect automatically, and (3) information we receive from third parties.

3.1 Information Collected on Our Website

When you visit haleos.com, we may collect:

Information You Provide:

• Contact Information: Name, email address, phone number, company name when you submit forms

• Communication Preferences: Newsletter subscriptions, beta waitlist subscriptions, notification preferences

• Demo Requests: Information you provide when requesting a product demonstration

• Job Applications: Resume and professional information when applying for positions

• Feedback: Survey responses, comments, or other feedback you provide

Information Collected Automatically:

• Device Information: IP address, browser type and version, operating system, device type

• Usage Data: Pages visited, time spent on pages, links clicked, referring/exit pages

• Location Data: General geographic location based on IP address

• Cookies and Tracking: See Section 6 for detailed information

3.2 Information Collected in Our Application

When you create an account and use Haleos Atlas at atlas.haleos.com, we collect:

Account Information:

• Registration Data: Full name, email address, password (encrypted), phone number

• Profile Information: Job title, company role, location, professional bio, work experience, education

• Company Information: Company name, industry, founding date, team size, headquarters location

• Billing Information: Payment card details (processed through Stripe), billing address, transaction history

Business and Operational Data:

• Startup Information: Business plans, pitch decks, financial models, cap tables, company profiles

• Fundraising Data: Investor relationships, fundraising rounds, campaign details, deal pipeline information

• Communication Data: Team messages, email content (if you enable email integration), calendar events, meeting transcriptions

• Task and Project Data: Tasks, projects, notes, documents, files uploaded to the platform

• Data Room Content: Documents and files shared with investors, access logs and analytics

Datanode Information:

Haleos Atlas uses "Datanodes" - atomic data points structured as [Metric | Value] pairs that capture discrete pieces of information about your startup, company, or investment activities. These datanodes are automatically generated from:

• Your platform activity and interactions

• Third-party integrations (see Section 3.3)

• Files you upload

• Manual entries you create

Jane Interaction Data:

• Conversation History: All chat messages, voice conversations, and phone interactions with Jane

• Voice Recordings: Audio recordings of voice and phone conversations (retained for 30 days for quality purposes unless required for longer retention)

• Usage Patterns: Frequency of interactions, types of queries, features used

• Relic Creation: Charts, visualizations, and other content generated during Jane sessions

• Context Data: Information about which pages or tools you're using when interacting with Jane

Usage and Analytics Data:

• Platform Activity: Login history, feature usage, navigation patterns, time spent in different sections

• Performance Data: Load times, error logs, system performance metrics

• Behavioral Data: Click patterns, scroll depth, mouse movements (for UX optimization)

3.3 Information We Receive from Third Parties

Third-Party Integration Data (Connectors):
When you connect third-party services to Haleos Atlas, we receive data from those services according to your authorization:

• Google Workspace: Gmail content and metadata, Calendar events, Drive files, Docs/Sheets content

• Microsoft 365: Outlook emails, Teams messages, OneDrive files

• Financial Services:

  • Stripe: Transaction history, revenue metrics, customer data

  • QuickBooks: Financial records, income/expense data, invoices

  • Xero: Accounting data, bank connections

• CRM Systems:

  • Salesforce: Contact data, opportunity pipeline, account information

  • HubSpot: Marketing campaigns, lead data, customer interactions

  • Pipedrive: Sales pipeline, deal information

• Development Tools:

  • GitHub: Repository data, commit history, code activity

  • Linear: Project tasks, issues, team activity

  • Jira: Project management data, bug tracking

• Marketing and Analytics:

  • Google Analytics: Website traffic, user behavior

  • Mailchimp: Email campaign data, subscriber lists

  • Intercom: Customer support interactions

• Other Services: AngelList profiles, Crunchbase company data, Typeform responses

The specific data we access depends on the permissions you grant during the integration process. You can review and revoke these permissions at any time in your account settings.

Data Enrichment Services:
We may use third-party services like Clearbit, ZoomInfo, Crunchbase, or PitchBook to enrich your contact and company information with publicly available data.

Social Media:
If you link your social media accounts (LinkedIn, X, etc.), we may receive your public profile information.

Referral Information:
If someone refers you to Haleos, we may receive your name and contact information from that person.

4. How We Use Your Information

4.1 Website Use

We use information collected on our Website to:

• Respond to your inquiries and communicate with you

• Send you marketing communications about our products and services (with your consent)

• Improve our Website content and user experience

• Analyze website traffic and usage patterns

• Detect and prevent fraud or security issues

• Comply with legal obligations

4.2 Application Use

We use information collected in Haleos Atlas to:

Provide and Improve Our Services:

• Create and manage your account

• Deliver the features and functionality you request

• Process payments and manage billing

• Provide customer support and respond to your requests

• Send service-related notifications and updates

• Improve platform performance and user experience

• Develop new features and functionality

Power Jane:

• Personalized Intelligence: Your datanodes populate your personal Jane data layer within Jane's Universal Knowledge system. This enables Jane to provide contextual, personalized assistance based on your specific business data, interactions, and history. This data remains isolated within your user namespace and is never shared with other users.

• Universal Knowledge: Jane's core intelligence includes universal startup knowledge, methodologies, and frameworks that are not user-specific. This foundation is built from publicly available information and curated business expertise.

• AI Model Training: We do not use your individual business data, conversations, or files to train Jane's universal knowledge base. However, we may analyze anonymized, aggregated usage patterns (not tied to your identity) to improve Jane's overall performance and capabilities.

• Contextual Assistance: Jane accesses your datanodes, documents, and platform activity to provide relevant recommendations, insights, and automation.

Facilitate Connections:

• Enable founders to share information with investors through data rooms and campaigns

• Allow investors to discover and evaluate investment opportunities

• Track interactions between founders and investors

• Facilitate team collaboration and communication

Analytics and Insights:

• Generate performance metrics and analytics dashboards

• Identify trends and patterns in your business data

• Provide benchmarking and comparative insights

• Create visualizations and reports

Security and Compliance:

• Detect and prevent fraud, abuse, or security incidents

• Enforce our Terms of Use and other policies

• Comply with legal obligations and respond to legal requests

• Protect the rights, property, and safety of Haleos, our users, and others

4.3 Marketing and Communications

We may use your information to:

• Send you promotional emails about new features, updates, or events (you can opt out at any time)

• Display targeted advertisements on third-party platforms

• Conduct market research and surveys

• Personalize your experience with relevant content

4.4 Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), UK, or Switzerland, our legal basis for collecting and using your information depends on the data and the context:

• Contract Performance: Processing necessary to provide our Services to you

• Legitimate Interests: Our business interests in operating and improving our Services, provided these interests don't override your privacy rights

• Consent: Where you have given explicit consent (e.g., marketing communications, optional features)

• Legal Obligation: Where we must process data to comply with legal requirements

5. How We Share Your Information

We do not sell your personal information. We share your information only in the following circumstances:

5.1 Within the Haleos Platform

Founder-Investor Sharing:
When you (as a founder) explicitly share information with investors:

• Investors can view data rooms, pitch decks, financial models, and other materials you grant access to

• Investors can see your founder and company profiles

• We track and log investor access to your materials (viewable in your analytics)

• You control exactly what information each investor can access

Team Collaboration:
When you add team members to your account:

• Team members can access shared company information based on their role and permissions

• Communication within team channels is visible to other team members

• You control team member permissions through role-based access controls

InvestorOS™ Users:
Information you make available through investment campaigns or public profiles may be visible to investors using Haleos Atlas InvestorOS™ according to the access you grant.

5.2 Service Providers and Partners

We share information with trusted third-party service providers who assist us in operating our business:

Essential Service Providers:

• Cloud Hosting: Render & Supabase for infrastructure and data storage

• Payment Processing: Stripe for subscription billing and payment processing

• Email Services: Resend or similar for transactional and marketing emails

• Analytics: Google Analytics for website analytics

• Customer Support: Intercom or similar for customer communication

• Monitoring: Third-party monitoring services for uptime and performance tracking

Professional Advisors:
Lawyers, accountants, auditors, and other professional advisors under confidentiality obligations.

Security and Fraud Prevention:
Services that help us detect and prevent fraud, abuse, and security incidents.

All service providers are contractually obligated to protect your information and use it only for the purposes we specify.

5.3 Business Transfers

If Haleos is involved in a merger, acquisition, sale of assets, bankruptcy, or other business transaction, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our Website of any change in ownership or use of your information.

5.4 Legal Requirements and Protection

We may disclose your information if required to do so by law or in response to:

• Valid legal requests from government authorities

• Court orders, subpoenas, or other legal processes

• Requests to protect the rights, property, or safety of Haleos, our users, or others

• Enforcement of our Terms of Use or investigation of potential violations

• Detection, prevention, or addressing of fraud, security, or technical issues

5.5 Aggregated and De-Identified Data

We may share aggregated, de-identified, or anonymized data that cannot reasonably be used to identify you:

• Industry research and reports

• Usage statistics and trends

• Benchmarking data

• Product improvement insights

This data does not contain personally identifiable information and is not subject to this Privacy Policy.

6. Cookies and Tracking Technologies

6.1 What Are Cookies?

Cookies are small text files placed on your device when you visit our Website or use our Services. We use cookies and similar tracking technologies (web beacons, pixels, local storage) to recognize you, remember your preferences, and analyze how you use our Services.

6.2 Types of Cookies We Use

Essential Cookies (Required):
Necessary for the Website and Services to function properly. These cookies enable core functionality like account authentication, security, and session management. You cannot opt out of these cookies.

Analytics and Performance Cookies:
Help us understand how visitors use our Website and Services, which pages are popular, and how users navigate. We use this information to improve our Services. Examples: Google Analytics.

Functionality Cookies:
Remember your preferences and settings, such as language selection, dashboard layout, or notification preferences.

Marketing and Advertising Cookies:
Track your activity across websites to show you relevant advertisements and measure campaign effectiveness. These cookies may be set by us or third-party advertising networks.

6.3 Your Cookie Choices

Cookie Consent Management:
When you first visit our Website, you'll see a cookie consent banner. You can manage your cookie preferences at any time through our Cookie Settings (link in footer).

Browser Settings:
Most browsers allow you to refuse cookies or delete existing cookies. However, disabling essential cookies may affect your ability to use certain features of our Services.

• Chrome: Settings > Privacy and Security > Cookies

• Firefox: Options > Privacy & Security > Cookies

• Safari: Preferences > Privacy > Cookies

• Edge: Settings > Privacy > Cookies

Opt-Out Tools:

• Google Analytics: https://tools.google.com/dlpage/gaoptout

• Network Advertising Initiative: https://optout.networkadvertising.org

• Digital Advertising Alliance: https://optout.aboutads.info

Do Not Track:
Some browsers have a "Do Not Track" feature. Currently, there is no industry standard for how to respond to Do Not Track signals, so we do not respond to them at this time.

6.4 Third-Party Cookies

Our Website and Services may contain content or integrations from third parties (e.g., social media plugins, embedded videos) that may set their own cookies. We do not control these third-party cookies. Please review the privacy policies of these third parties for information about their use of cookies.

7. Your Rights and Choices

7.1 Access and Portability

You have the right to:

• Access: Request a copy of the personal information we hold about you

• Data Portability: Receive your data in a structured, commonly used, machine-readable format (JSON, CSV)

To request access or download your data, log in to your account and navigate to Settings > Privacy > Download My Data, or contact us at privacy@haleos.com.

7.2 Correction and Update

You can update most of your personal information directly within your account settings:

• Profile Information: Settings > Profile

• Company Information: Settings > Company

• Notification Preferences: Settings > Notifications

• Integration Connections: Settings > Integrations

For information you cannot update yourself, contact us at privacy@haleos.com.

7.3 Deletion and Account Closure

Right to Deletion:
You have the right to request deletion of your personal information, subject to certain exceptions (e.g., legal retention requirements, ongoing disputes).

How to Delete Your Account:

1. Log in to your Haleos Atlas account

2. Navigate to Settings > Account > Delete Account

3. Follow the confirmation steps

4. Your data will be permanently deleted within 30 days

What Happens When You Delete:

• Your account and all associated data will be permanently deleted after 30 days

• You will receive email confirmation before final deletion

• Backup copies will be removed within 30 days per our retention schedule

• Some information may be retained for legal compliance (e.g., transaction records, tax documents)

• De-identified, aggregated data may remain in our systems

Inactive Account Deletion:
Per our SLA, accounts with no activity for 6 months will receive multiple email warnings before data deletion. See Section 8 (Data Retention) for details.

7.4 Marketing Opt-Out

Email Marketing:
Click the "Unsubscribe" link at the bottom of any marketing email, or update your preferences in Settings > Notifications > Marketing Preferences.

Push Notifications:
Disable in Settings > Notifications or through your device settings.

Cookies and Advertising:
See Section 6.3 for cookie management options.

Note: Even if you opt out of marketing communications, we will still send you essential service-related messages (e.g., account notifications, security alerts, billing updates).

7.5 Object to Processing

You have the right to object to certain processing of your personal information, particularly:

• Processing based on legitimate interests

• Direct marketing activities

• Automated decision-making or profiling

To object, contact us at privacy@haleos.com with details about the specific processing you wish to object to.

7.6 Restrict Processing

You may request that we restrict processing of your personal information in certain circumstances:

• While we verify the accuracy of disputed information

• When processing is unlawful but you don't want deletion

• When we no longer need the data but you need it for legal claims

• While we verify whether our legitimate interests override your objection

7.7 Withdraw Consent

Where we rely on your consent to process your information, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing before withdrawal.

Examples:

• Disconnect third-party integrations: Settings > Integrations

• Revoke Jane access to specific data: Settings > Privacy > Jane Permissions

• Disable voice recordings: Settings > Privacy > Voice Data

7.8 How to Exercise Your Rights

Self-Service Options:
Many rights can be exercised directly through your account settings.

Contact Us:
For rights that require assistance, email us at privacy@haleos.com with:

• Your full name and email address associated with your account

• Specific right you wish to exercise

• Any additional details needed to fulfill your request

Verification:
We may ask you to verify your identity before processing your request to protect your information.

Response Time:
We will respond to your request within 30 days (or as required by applicable law). If we need more time, we'll notify you and explain the reason for the delay.

7.9 EEA, UK, and Swiss Residents

If you are located in the European Economic Area, United Kingdom, or Switzerland, you have additional rights under GDPR:

• Lodge a complaint with your local data protection authority

• Request details about the legal basis for processing

• Object to automated decision-making and profiling

7.10 California Residents (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

Right to Know:
You can request:

• Categories of personal information we collected

• Specific pieces of personal information we hold

• Categories of sources from which we collected information

• Business purposes for collecting information

• Categories of third parties with whom we share information

Right to Delete:
Request deletion of your personal information (subject to exceptions).

Right to Opt-Out of Sale:
We do not sell personal information, so there is nothing to opt out of.

Right to Non-Discrimination:
We will not discriminate against you for exercising your CCPA rights.

Authorized Agents:
You may designate an authorized agent to make requests on your behalf. The agent must provide proof of authorization.

California Shine the Light:
California residents may request information about our disclosure of personal information to third parties for direct marketing purposes (we do not currently engage in this practice).

To Exercise CCPA Rights:
Email us at privacy@haleos.com.

8. Data Retention

8.1 How Long We Keep Your Information

We retain your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Active Accounts:

• Account and profile information: Retained while your account is active

• Business and operational data: Retained while your account is active

• Communication data: Retained while your account is active

• Jane conversation history: Retained indefinitely while your account is active

• Backup data: Rolling 30-day retention of backups

Inactive Accounts:
As described in our :

• At 5 months of inactivity: First email warning

• At 5.5 months: Second email warning

• At 6 months: Final email notification

• At 6 months + 14 days: Permanent deletion (unless you log in or contact support)

Deleted Accounts:

• Account data: Permanently deleted within 30 days of account closure

• Backup copies: Removed within 30 days of account closure

• Transaction records: Retained for 7 years for tax and accounting purposes

• Legal hold data: Retained as long as legally required

Specific Data Types: