DealOS is a due-diligence platform for mergers and acquisitions. Buyers and sellers run a series of recorded “Understand Sessions”, and our analysis engine (ALICE) turns those conversations and supporting documents into structured findings. This policy explains what personal data we collect, why, who we share it with, and the rights you have over it.
DealOS is operated by [Legal entity name](“DealOS”, “we”, “us”), [registered address]. For any privacy question or to exercise your rights, contact [privacy@yourdomain].
It applies to everyone who uses DealOS: buy-side and sell-side users invited to a deal, and anyone who takes part in an Understand Session. If your organisation invited you to a deal, that organisation decides what data is processed on the deal (it is the “controller”), and DealOS processes it on their behalf as well as being a controller for our own account and security data.
Understand Sessions are recorded and transcribed — that is the core of how DealOS works. Anyone joining a session is shown that it is being recorded before it begins. Recordings and transcripts are used to produce the deal’s findings and can be re-processed to improve accuracy. Do not use a session to discuss information you are not authorised to record or share.
We do not sell your personal data, and we do not use your deal content to train third-party foundation models beyond what is required to return a result for your own request.
We share data with vetted providers who process it only to run DealOS on our instructions:
A current list of sub-processors is available on request at [privacy@yourdomain].
A deal is collaborative. Members of your side see your team’s activity; findings, tasks, and shared documents are visible to the relevant parties on the deal. Documents you upload privately, and the facts our engine derives, are visible only to your side unless you choose to share them. We may also disclose data where required by law or to protect our rights and users.
Some providers may process data outside the UK/EEA. Where they do, we rely on appropriate safeguards such as UK/EU Standard Contractual Clauses or an adequacy decision.
We keep deal data — including recordings, transcripts, documents, and findings — for as long as the deal is active and for a reasonable period afterwards to support the parties, unless a controller instructs deletion sooner. Account data is kept while your account is open. When data is no longer needed, we delete or anonymise it.
Data is encrypted in transit, access is restricted on a need-to-know basis, integration tokens and secrets are stored securely, and financial connections are read-only. No system is perfectly secure, but we work to protect your data with appropriate technical and organisational measures.
Subject to law, you may request access to your data, correction, erasure, restriction, a portable copy, or object to certain processing, and you can withdraw consent for optional integrations. To make a request, contact [privacy@yourdomain]. If your data is processed on a deal by another organisation, we may direct your request to them as the controller. You can also complain to the UK Information Commissioner’s Office (ICO) or your local data-protection authority.
DealOS is a business tool and is not intended for anyone under 18.
We may update this policy from time to time. Material changes will be reflected by the “last updated” date above and, where appropriate, communicated to you.
Questions about this policy or your data? Email [privacy@yourdomain], or write to [Legal entity name, registered address].