All systems operational

Your data. Your rules.

SeedForge is built for founders who protect their competitive edge. Here's exactly how we protect yours.

At a glance

Security summary

Six things every founder needs to know before submitting data. Everything else on this page is detail.

Data hosting

EU-based servers. All data stored and processed within the European Union.

Encryption

AES-256 at rest. TLS 1.3 in transit. Your data is encrypted everywhere it exists.

Who sees your data

Only you. No investor, fund, or third party sees anything unless you explicitly share it.

Deletion

Contact us to delete your data. All identifiable data removed within 30 days. Backups purged within 90 days.

AI training

Contact us to opt out anytime. Training uses de-identified patterns only — never your pitch content, financial data, or proprietary IP.

Compliance

GDPR compliant. Full data portability. Right to erasure. Transparent processing records.

Data flow

Who sees what — and when

Your data moves through four stages. The critical gate is between your report and any investor — you control that gate.

You

Pitch deck, data sources, interview

Encrypted

AI Analyst

Private evaluation, no human access

Automatic

Your Report

Score, insights, data room

You decide

Investors

Only see what you share

Infrastructure

How we protect your data

Encryption

AES-256 encryption for data at rest. TLS 1.3 for data in transit. All database fields containing sensitive content are encrypted at the application layer.

EU data residency

All data is stored and processed on EU-based servers. We do not transfer data outside the EU except to process evaluations through AI providers with DPAs in place.

Access controls

Role-based access internally. Data room sharing includes access logging and view-only controls. Investors cannot download, copy, or redistribute your materials.

Data retention

Active data retained while your account is open. On deletion: identifiable data removed within 30 days. All backups purged within 90 days. No exceptions.

Audit logging

Every access to your data room is logged — who viewed it, when, and what they saw. You can review access logs in your dashboard.

Right to erasure

Contact us to delete your account and data. We process the request immediately. No retention, no cooling-off period games, no dark patterns.

Third-party AI providers

AI providers we use

We use best-in-class AI models to evaluate pitches. Here's what they can and cannot do with your data.

OpenAI

No training on your data

Evaluation models

Anthropic

No training on your data

Evaluation models

Google

No training on your data

Evaluation models

xAI

No training on your data

Evaluation models

ElevenLabs

No data retention

Voice synthesis

Tavus

No data retention

Avatar generation

All providers operate under Data Processing Agreements (DPAs) that contractually prohibit them from training on, retaining, or sharing your data. API calls are ephemeral — data is processed and discarded.

Our commitments

What we will never do

Never share your data with competitors.

Your pitch deck, financial data, and competitive strategy will never be shared with other startups, competitors, or made public. Ever.

Never sell your data.

We monetize through subscriptions and services — not by selling founder data to third parties.

Never show investors your data without consent.

No investor, fund, or third party sees your interview, report, or data room unless you explicitly share your link with them.

Never use your raw content for AI training.

Training uses de-identified patterns only. Your specific pitch content, financial figures, and proprietary IP stay yours.

Never make deletion difficult.

Contact us and we delete your data. No retention tricks. No dark patterns. If you want out, you're out.

Common questions

Security FAQ

Ready to start?

30 minutes. One interview. Complete diligence for every investor.

Get Started →