1. Introduction

Welcome to Jupiter Smith ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of the information you entrust to us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you access our SaaS platform, including our deal room, document analysis tools, AI-driven features, and mobile authentication services (collectively, the "Service").

By accessing or using our Service, you agree to the terms of this Privacy Policy.

2. Information We Collect

We collect information to facilitate connections between microcap issuers, broker-dealers, and investors, and to provide our AI-driven analytics.

A. Information You Provide to Us

• Account Registration: When you register as an Issuer, Investor, or Investment Banker, we collect personal details such as your name, professional email address, job title, company name, and phone number.
• Authentication & Mobile Data: To secure your account, we collect your phone number directly from you to send One-Time Passcodes (OTP) and security alerts via SMS. This is part of our Multi-Factor Authentication (MFA) process.
• Deal & Financial Data: We collect sensitive business information you upload to the platform, including financial statements, pitch decks, and corporate governance documents used for our "Document Analyzer" and "Deal Rating" features.
• Communications: If you use our secure chat or messaging features to communicate with other users or our support team, we retain records of those communications.

B. Information Collected Automatically

• Usage Data: We track how you interact with our Service, including which AI modules (e.g., Issuer Educator) you use, the duration of your sessions, and your navigation paths.
• Device & Log Data: We automatically collect technical data such as your IP address, browser type, operating system, and access times for security monitoring and SOC 2 audit logs.

3. How We Use Your Information

We use the collected data for the following business purposes:

• Service Delivery: To create and manage your account, facilitate deal room interactions, and generate AI-driven insights (e.g., Deal Ratings).
• Mobile Security (MFA): Your phone number is used solely to provide the services you have requested, specifically for account security and authentication purposes via SMS. We do not use your phone number for marketing campaigns or promotional messaging. Message frequency depends on your account activity (typically one message per login or security-sensitive action). Message and data rates may apply. You may reply HELP for help or STOP to opt out of SMS authentication at any time; note that opting out will require you to use an alternative MFA method to access your account.
• AI Improvement: To refine the accuracy of our AI models, such as the Issuer Educator and Document Analyzer. (Note: We do not use your confidential proprietary data to train models for other clients without your explicit consent.)
• Security & Compliance: To monitor for unauthorized access, enforce MFA, encrypt database entries, and maintain evidence for our SOC 2 Type 1 compliance.
• Communication: To send you administrative updates, security alerts, and subscription-related notices.

4. SMS Authentication Program Details

This section provides specific details regarding our SMS-based Multi-Factor Authentication (MFA) program, as required by mobile carriers and CTIA messaging guidelines.

• Program Name: Jupiter Smith Account Authentication
• Program Purpose: Delivery of One-Time Passcodes (OTP) and security alerts for user account login, signup verification, and sensitive account changes.
• Message Frequency: Variable. Messages are triggered by user-initiated authentication events (e.g., signing in, updating account settings, or confirming a sensitive action). Frequency depends on your individual usage of the Service.
• Cost: Message and data rates may apply. Jupiter Smith does not charge for SMS messages, but your mobile carrier's standard rates apply.
• Help: Reply HELP to any authentication SMS, or contact us at info@jupitersmith.com for support.
• Opt-Out: Reply STOP to any authentication SMS to unsubscribe from SMS-based MFA. After opting out, you will be required to use an alternative MFA method (such as an authenticator app) to access your account.
• Supported Carriers: This program is supported on all major U.S. mobile carriers. Carriers are not liable for delayed or undelivered messages.

5. Disclosure of Your Information

We do not sell, lease, or rent your personal information to third parties. We disclose information only in the following circumstances:

• Strict Prohibition on Sharing Mobile Information: No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. All other categories of data sharing described below exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties under any circumstances.
• Platform Functionality: Your profile and authorized deal data may be visible to other users (e.g., an Issuer's data visible to an accredited Investor) strictly based on the permissions you set within the Deal Room.
• Service Providers: We share non-mobile data with trusted third-party vendors who assist us in operating our Service, such as:
  • Cloud hosting providers (e.g., AWS).
  • Chat and communication infrastructure providers (excluding mobile opt-in data for marketing).
  • Security and compliance auditors (e.g., for SOC 2 certification).
• Legal Requirements: We may disclose information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

6. Data Security

We implement industry-standard security measures designed to protect your data, including:

• Encryption: Data is encrypted at rest and in transit.
• Access Control: Strict role-based access control (RBAC) and Multi-Factor Authentication (MFA) for all user accounts.
• Monitoring: Continuous security monitoring and regular vulnerability assessments in preparation for SOC 2 compliance.

However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your personal and business information only for as long as is necessary for the purposes set out in this Privacy Policy, or to comply with our legal obligations (such as record-keeping for financial audits), resolve disputes, and enforce our legal agreements.

8. Your Data Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your account and associated data.
• Export your data in a structured format.

To exercise these rights, please contact us at info@jupitersmith.com.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

10. Contact Us

If you have questions or comments about this policy, please contact us at:

Jupiter Smith Email: info@jupitersmith.com