Connect Capitals
Last Updated: May 23, 2026
Effective Date: May 23, 2026
Welcome to Connect Capitals ("we," "our," or "us"). We are Europe's Fastest Verified Growing Business Brokerage firm Educational Center and AI Automation Agency, fully dedicated to the valuation, preparation, presentation, and brokerage of digital business assets—including e-commerce stores, SaaS products, digital media properties, mobile applications, and other online enterprises.
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://connectcapitals.com (the "Site"), use our services, or participate in our Educational Center programs.
Please read this Privacy Policy carefully. By accessing our Site or using our services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy and our Terms of Service.
For purposes of the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the data controller responsible for your personal data is:
Connect Capitals
Website: https://connectcapitals.com
Email: [privacy@connectcapitals.com]
Response Time: Under 24 hours
This Privacy Policy applies to:
We collect the following categories of personal data that you voluntarily provide:
| Category | Specific Data Points | Purpose |
|---|---|---|
| Identity Data | First name, last name, date of birth, nationality, government-issued ID | Account creation, verification, certification |
| Contact Data | Email address, phone number, billing address, shipping address | Communication, service delivery, invoicing |
| Professional Data | Business experience, professional background, industry expertise, company information | Matching buyers/sellers, certification, mentorship |
| Financial Data | Payment card information, bank account details, investment capacity, financial qualifications | Payment processing, buyer qualification, escrow services |
| Account Data | Username, password, security questions, authentication tokens | Account security, access control |
| Communication Data | Emails, chat messages, webinar Q&A, form submissions, support tickets | Customer service, service delivery |
| Business Data | Business financial statements, revenue metrics, KPIs, operational data, legal documents, due diligence packages | Business valuation, preparation, brokerage, listing |
When you visit our Site, we automatically collect:
| Category | Data Points | Legal Basis |
|---|---|---|
| Technical Data | IP address, browser type, operating system, device information, unique device identifiers | Legitimate interest (security, analytics) |
| Usage Data | Pages visited, time spent, click patterns, navigation paths, download history, course progress | Legitimate interest (improvement, personalization) |
| Cookies & Tracking | Cookie IDs, pixel tags, web beacons, local storage, session data | Consent (marketing cookies), Legitimate interest (essential cookies) |
| Location Data | General geographic location (country, city) based on IP address | Consent (personalization), Legitimate interest (analytics) |
We process business data for the following categories
We use your personal data for the following purposes:
| Purpose | Data Used | Legal Basis (GDPR) |
|---|---|---|
| Professional Valuation | Business financials, revenue metrics, growth data, contact information | Performance of contract (Art. 6(1)(b)) |
| Preparation & Presentation | Financial documents, KPIs, business operations data, legal documents | Performance of contract (Art. 6(1)(b)) |
| Brokerage & Closing | Buyer/seller identities, financial qualifications, negotiation records, contracts, escrow details | Performance of contract (Art. 6(1)(b)), Legal obligation (Art. 6(1)(c)) |
| Educational Center & Courses | Registration data, course progress, payment information, attendance, certification | Performance of contract (Art. 6(1)(b)) |
| Free Resources Downloads | Email address, download history, user preferences | Consent (Art. 6(1)(a)) |
| Webinars & Events | Registration data, attendance records, Q&A interactions, payment data | Performance of contract (Art. 6(1)(b)), Consent (Art. 6(1)(a)) |
| Certified Program | Full identity verification, professional background, payment data, mentorship records | Performance of contract (Art. 6(1)(b)) |
| AI-Powered Tools | Usage data, account data, business data | Consent (Art. 6(1)(a)), Legitimate interest (Art. 6(1)(f)) |
| Expert Advisory | Communication records, professional background, business data | Performance of contract (Art. 6(1)(b)) |
We also use your data for:
| Purpose | Legal Basis |
|---|---|
| Site Security & Fraud Prevention | Legitimate interest (Art. 6(1)(f)) |
| Website Improvement & Analytics | Legitimate interest (Art. 6(1)(f)), Consent (Art. 6(1)(a)) |
| Marketing & Promotional Communications | Consent (Art. 6(1)(a)) |
| Customer Support & Service | Performance of contract (Art. 6(1)(b)) |
| Legal Compliance & Regulatory Requirements | Legal obligation (Art. 6(1)(c)) |
| Business Transfers (M&A) | Legitimate interest (Art. 6(1)(f)) |
Under GDPR Article 6, we process your personal data based on the following legal grounds:
| Legal Basis | When We Use It |
|---|---|
| Consent (Art. 6(1)(a)) | Marketing communications, non-essential cookies, optional features, free resource downloads |
| Performance of Contract (Art. 6(1)(b)) | Core services (valuation, preparation, brokerage, courses, certified program, advisory) |
| Legal Obligation (Art. 6(1)(c)) | Tax reporting, financial regulation compliance, anti-money laundering (AML) checks |
| Legitimate Interest (Art. 6(1)(f)) | Site security, fraud prevention, analytics, website improvement, business operations |
Your Right to Withdraw Consent: Where we process data based on consent, you may withdraw it at any time by contacting us or using unsubscribe links. Withdrawal does not affect the lawfulness of processing before withdrawal.
We share your personal data with the following categories of recipients:
| Category | Examples | Purpose | Data Shared |
|---|---|---|---|
| Payment Processors | Stripe, PayPal, credit card processors | Payment processing | Payment card data, billing address |
| Escrow Services | Authorized Banks in EU and other verified escrow providers | Business transfer security | Identity data, financial data, contract details |
| Email Marketing Platforms | Mailchimp, SendGrid, ActiveCampaign and others | Newsletter, course updates, marketing | Email address, name, preferences |
| Analytics Providers | Google Analytics, similar tools | Site usage analysis | IP address, usage data, cookies |
| Webinar Platforms | Zoom, Teams, WebinarJam, similar platforms | Live webinars and events | Name, email, attendance data, Q&A |
| Cloud Hosting Services | AWS, Google Cloud, Azure | Site hosting, data storage | All data (encrypted) |
| CRM Systems | HubSpot, Salesforce | Customer relationship management | Contact data, communication history |
| Document Storage | Dropbox, Google Drive, secure vaults | Due diligence packages, legal documents | Business data, legal documents |
| Professional Advisors | Lawyers, accountants, business appraisers | Due diligence, valuation, legal compliance | Relevant business and financial data |
| Potential Buyers/Sellers | Qualified parties in M&A transactions | Business brokerage | Anonymized/pseudonymized business data, contact info (with consent) |
| Certification Bodies | Industry-recognized certifying organizations | Certified Program credentials | Identity data, professional background, certification data |
We will never share your personal data with third parties for their marketing purposes without your explicit, opt-in consent.
If Connect Capitals is involved in a merger, acquisition, sale of assets, financing, or acquisition of all or a portion of our business by another company, your information may be transferred as part of that transaction. You will be notified via email and/or a prominent notice on our website of any change in ownership or use of your personal data.
We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, government agencies, law enforcement).
Your personal data may be transferred to and processed in countries other than your own. These countries may have data protection laws that are different from the laws of your country.
Countries where data may be transferred:
When we transfer your data outside the EU/EEA, we ensure appropriate safeguards are in place:
| Transfer Mechanism | Applicable When |
|---|---|
| EU-US Data Privacy Framework | Transfers to US companies self-certified under the Framework |
| Standard Contractual Clauses (SCCs) | Transfers to countries without adequacy decision |
| Binding Corporate Rules (BCRs) | Transfers within our corporate group |
| Adequacy Decisions | Transfers to countries deemed adequate by EU Commission |
We implement appropriate technical and organizational measures to protect your personal data:
| Category | Measures |
|---|---|
| Technical Measures |
|
| Organizational Measures |
|
| Physical Measures |
|
No method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.
In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay and in accordance with GDPR Article 33-34 requirements.
We retain your personal data only for as long as necessary to fulfill the purposes set out in this Privacy Policy:
| Data Category | Retention Period | Rationale |
|---|---|---|
| Account Data | Duration of account + 6 years after closure | Contract performance, legal obligations (tax, accounting) |
| Brokerage Transaction Data | 10 years after transaction completion | Legal obligations (contract law, statute of limitations) |
| Financial/Payment Data | 6 years after last transaction | Legal obligations (tax, accounting, PSD2) |
| Marketing Contact Data | Until consent is withdrawn + 3 months | Consent-based marketing |
| Course/Certification Data | Lifetime access (Certified Program) or 5 years after course completion | Contract performance, certification records |
| Website Analytics Data | 26 months (Google Analytics default) | Legitimate interest (analytics) |
| Cookie Data | As per cookie shelf life (up to 13 months) | Consent-based tracking |
| Due Diligence Documents | 7 years after transaction or termination | Legal obligations, liability protection |
| Webinar Attendance Data | 3 years after event | Legitimate interest (follow-up, improvement) |
When retention periods expire, we will securely delete or anonymize your personal data in accordance with our data destruction policies.
As a data subject in the European Economic Area (EEA), you have the following rights:
| Right | Description | How to Exercise |
|---|---|---|
| Right to Access (Art. 15) | Request a copy of your personal data and information about how we process it | Email us at privacy@connectcapitals.com |
| Right to Rectification (Art. 16) | Request correction of inaccurate or incomplete personal data | Update in account settings or contact us |
| Right to Erasure (Art. 17) | Request deletion of your personal data ("right to be forgotten") | Submit deletion request via email |
| Right to Restrict Processing (Art. 18) | Request limitation of how we use your personal data | Contact us with specific restriction request |
| Right to Data Portability (Art. 20) | Receive your data in a structured, machine-readable format | Request data export via email |
| Right to Object (Art. 21) | Object to processing based on legitimate interest or for direct marketing | Use unsubscribe link or contact us |
| Rights Related to Automated Decision-Making (Art. 22) | Right not to be subject to automated decision-making with legal/significant effects | Contact us for human review |
| Right to Withdraw Consent (Art. 7) | Withdraw consent at any time where processing is based on consent | Unsubscribe or update cookie preferences |
To exercise any of your rights, please:
You will not have to pay a fee to access your personal data or exercise any of your rights. However, we may charge a reasonable fee or refuse to act on requests that are clearly unfounded, repetitive, or excessive.
We use cookies and similar tracking technologies to collect information about your browsing activities.
| Category | Purpose | Essential? | How to Opt-Out |
|---|---|---|---|
| Strictly Necessary | Site functionality, security, authentication | Yes - cannot be disabled | Not applicable (required for site to work) |
| Performance/Analytics | Understand site usage, improve performance | No | Cookie settings or browser blocking |
| Functional | Remember preferences, personalize content | No | Cookie settings or browser blocking |
| Targeting/Marketing | Track across sites for advertising, measure ad effectiveness | No | Cookie settings, opt-out links |
Currently, we do not alter our data collection practices when we receive a "Do Not Track" browser signal.
We do not intentionally collect special categories of personal data under GDPR Article 9, including:
Our services are not intended for children under 18 years of age. We do not knowingly collect personal data from children under 18. If we learn we have collected such data, we will delete it immediately.
We handle sensitive business information including financial statements, customer lists, and proprietary metrics. This data is protected with enhanced security measures and access controls.
Our Site may contain links to third-party websites (e.g., payment processors, webinar platforms, external resources). We are not responsible for the privacy practices or content of these third-party sites. We encourage you to review their privacy policies before providing any personal data.
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations.
When we make material changes:
Your continued use of our Site or services after changes constitutes acceptance of the updated Privacy Policy.
For questions about this Privacy Policy or our data practices:
Connect Capitals
Data Protection Officer (DPO): [dpo@connectcapitals.com]
General Privacy Inquiries: [privacy@connectcapitals.com]
Website: https://connectcapitals.com
Response Time: Under 24 hours
Data Collection:
Due Diligence Process:
Buyer Qualification:
Data Processing:
Connect Capitals is committed to compliance with:
| Regulation/Standard | Status |
|---|---|
| GDPR (EU 2016/679) | Compliant |
| ePrivacy Directive (Cookie Law) | Compliant |
| PSD2 (Payment Services) | Compliant (via payment processors) |
| ISO 27001 | In progress |
| SOC 2 Type II | In progress |
| Revenue Stream | Primary Data Used | Legal Basis |
|---|---|---|
| Brokerage Commission (primary) | Buyer/seller identities, business financials, contracts | Contract performance |
| Professional Valuation Fees | Business financials, growth metrics, market data | Contract performance |
| Preparation & Presentation Fees | KPIs, operational data, legal documents | Contract performance |
| Course & Certification Fees | Registration, progress, payment data | Contract performance |
| Webinar & Event Fees | Registration, attendance, payment data | Contract performance + Consent |
| AI Tools Subscription | Usage data, business data, account data | Consent + Contract performance |
| Expert Advisory Fees | Communication records, professional background | Contract performance |
| Memberships | All account and usage data | Contract performance |
END OF PRIVACY POLICY