Privacy Policy

Last Updated: 30 June 2025
This Privacy Policy explains how DMT DATA DRIVEN VENTURE CAPITAL LTD, a company incorporated in the Republic of Cyprus ("DMTech", "we", "us", or "our"), collects, uses, and protects personal data when you interact with us or visit our website dmtech.vc.

1. Information We Collect We may collect and process the following categories of personal data: - Contact Information (e.g. name, email address, phone number) - Founder or Startup Data (e.g. pitch decks, LinkedIn profiles, funding info) - Website usage data (e.g. IP address, browser type, referral source, pages viewed) - Correspondence with us (e.g. via email or forms on the Website) We do not intentionally collect sensitive personal data unless required by legal obligations (e.g. AML/KYC).

2. How We Use Your Information We process your personal data for the following purposes: - Evaluating startup applications and investment opportunities - Managing communication with founders, partners, or stakeholders - Performing due diligence and risk assessment - Administering and monitoring our investments - Ensuring regulatory and legal compliance (e.g. AML, GDPR, MiCA) - Improving our website and understanding visitor behavior - Responding to legal requests or regulatory inquiries

3. Legal Basis for Processing Our processing is based on one or more of the following: - Legitimate Interests – to operate our venture capital business effectively - Legal Obligations – to comply with AML, GDPR, and other applicable laws - Consent – where required (e.g. for newsletter sign-up) - Contractual Necessity – e.g. when you engage with us as an investee or service provider

4. Sharing of Data We may share personal data with: - Service Providers (e.g. cloud hosting, KYC platforms) - Professional Advisors (e.g. lawyers, auditors, compliance consultants) - Regulatory Authorities if required by law - Portfolio Management Tools where part of your interaction involves investment processes We do not sell or rent your personal data.

5. International Transfers Your data may be transferred outside the EEA, including to countries that may not offer the same level of data protection. In such cases, we ensure appropriate safeguards are in place (e.g. Standard Contractual Clauses).

6. Data Retention We retain personal data only as long as necessary to fulfill the purposes outlined or to comply with legal obligations. Investment-related data may be retained for regulatory and audit reasons.

7. Your Rights Under GDPR, you have the right to: - Access your data - Correct inaccurate data - Request deletion of data - Object to processing - Request data portability - Withdraw consent (where applicable) To exercise your rights, please contact us.

8. Cookies & Tracking We may use cookies or analytics tools (e.g. Google Analytics) to collect anonymized usage data. You can control cookie settings via your browser.

9. Security We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or misuse.

10. Updates to this Policy We may update this Privacy Policy from time to time. Any significant changes will be posted on this page with an updated date.

11. Contact Us If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us.