logo
hero bg

Privacy Policy

This Privacy Policy describes how TokenShare, a Texas-based exempt reporting adviser that offers private fund investments under Regulation D (the "Service"), collects, uses, and protects your personal information. Please read this Privacy Policy carefully. By using the Service, you consent to the practices described herein.

Privacy Policy

Privacy Policy

Last Updated: January 2026

This Privacy Policy describes how TokenShare, a Texas-based exempt reporting adviser that offers private fund investments under Regulation D (the "Service"), collects, uses, and protects your personal information. Please read this Privacy Policy carefully. By using the Service, you consent to the practices described herein.

Personal Information We Collect
We collect personal information in several ways:
Information You Provide to Us
Personal information you may provide to us through the Service or otherwise includes:
  • Contact data, such as your first and last name, professional title, organizational affiliation, email address, phone number, and mailing address.
  • Profile data, such as the username and password that you may set to establish an online account on the Service, and any other information that you add to your account profile.
  • Financial and Investment Data (for investors), including:
    • o Investment amounts and transaction history
    • o Bank account or wire transfer details for funding and distributions
    • o Tax identification numbers (SSN, EIN)
    • o Accreditation status and investor suitability/qualification responses
    • o Risk tolerance and investment preferences
    • o Net worth and income information (for accreditation verification and Form PF reporting as required)
  • Government Identifiers, such as government-issued ID numbers (Social Security number, driver's license, passport number, state ID), collected for customer identification, sanctions screening, anti-money laundering (AML), and know-your-customer (KYC) compliance.
  • User-Generated Content, such as comments, questions, feedback, messages, images, photos, videos, and other content or information that you submit to, or use with, the Service.
  • Communications, that we exchange with you, including when you contact us through the Service, social media, or otherwise.
Automatic data collection.
We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and your interaction over time with the Service, our communications and other online services, such as:
  • Device Data, such as your computer's or mobile device's operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, and general location information such as city, state, or geographic area.
  • Online Activity Data, such as pages you viewed, how long you spent on a page, the website you visited before browsing to the Service, navigation paths between pages, information about your activity on a page, access times and duration of access, and whether you have opened our emails or clicked links within them.
  • Device Data, (repeated for emphasis on mobile devices), including location information when you use our mobile application.
Third party sources.
We may combine personal information we receive from you with personal information we obtain from other sources, such as:
  • Public Sources, such as government agencies, public records, social media platforms, and other publicly available sources.
  • Data Providers, such as information services, data licensors, and brokers that provide demographic, credit, and other information.
  • Marketing Partners, such as joint marketing partners and event co-sponsors.
  • Third Party Services such as social media services that you use to log into, or otherwise link to, your Service account. This data may include your username, profile picture, and other information associated with your account on that third party service based on your account settings on that service.
Cookies and similar technologies. Some of the automatic collection described above is facilitated by the following technologies:
  • Cookies, which are small text files that websites store on user devices and that allow web servers to record users’ web browsing activities and remember their submissions, preferences and login status as they navigate a site. Cookies used on our sites include both “session cookies” that are deleted when a session ends, “persistent cookies” that remain longer, “first party” cookies that we place and “third party” cookies that our third party business partners and service providers place.
  • Web beacons, also known as pixel tags or clear GIFs, which are clear images placed in web content or HTML emails to record when a user visits a web page or views an email.
  • Local storage technologies, like HTML5 and Flash, that provide cookie-equivalent functionality but can store larger amounts of data on your device outside of your browser in connection with specific applications.
These technologies are used for the following purposes:
  • Technical operation. To allow the technical operation of the Service, such as by remembering your selections and preferences as you navigate the site, and whether you are logged in when you visit password protected areas of the Service.
  • Functionality. To provide enhanced functionality and personalization on the Service.
  • Analytics. To help us understand user activity on the Service, including which pages are most and least visited and how visitors move around the Service, as well as user interactions with our emails. For example, we use Google Analytics for this purpose. You can learn more about Google Analytics and how to prevent the use of Google Analytics relating to your use of our sites here:

Data about invitees. We may offer features that help users invite their friends or contacts to use the Service, and may collect contact details about these invitees so that we can deliver their invitations. Please do not refer someone to us or share their contact details with us unless you have their permission to do so.

California Privacy Rights (CCPA/CPRA)
California residents have the right to:
  • Access/Know: Request what personal information we have collected about you and the categories of sources, purposes of use, and categories of third parties with whom we share it;
  • Delete: Request deletion of personal information we have collected from you, subject to limited exceptions (e.g., information needed to complete transactions, comply with law, or detect fraud);
  • Correct: Request that we correct inaccurate personal information;
  • Opt-Out of Sale/Sharing: Direct us not to sell or share your personal information for cross-context behavioral advertising; and
  • Limit Use of Sensitive Personal Information: Request that we limit our use of sensitive personal information (including SSN, account credentials, biometric data, precise location, and financial account information) to purposes necessary to provide the Service or as otherwise permitted by law.

How we use your personal information

We may use your personal information for the following purposes or as otherwise described at the time of collection:
Service delivery.
We may use your personal information to:
  • Provide, operate, and improve the Service and our business;
  • Facilitate your invitations to friends who you want to invite to join the Service;
  • Communicate with you about the Service, including by sending announcements, updates, security alerts, and support and administrative messages;
  • Understand your needs and interests, and personalize your experience with the Service and our communications; and
  • Provide support for the Service, and respond to your requests, questions, and feedback.
Investment Processing and Customer Service
  • Process and manage your investment account, including funding, distributions, and account-related transactions;
  • Verify your accreditation status and eligibility to invest in private fund offerings under Regulation D;
  • Respond to inquiries about private fund opportunities and your account status;
  • Send account statements, confirmations, and transaction-related communications;
  • Fulfill investor documentation and tax reporting requirements (K-1s, annual reports, etc.).
Research and Development

We may use your personal information for research and development purposes, including to analyze and improve the Service and our business. As part of these activities, we may create aggregated, de-identified, or other anonymous data from personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes, including to analyze, improve and promote the Service and our business.

Marketing and Advertising

We may collect and use your personal information to send you direct marketing communications. You may opt-out of our marketing communications as described in the Opt-out of Marketing Communications section below.

Compliance and Protection
We may use your personal information to:
  • Comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
  • Protect our, your, or others' rights, privacy, safety, or property (including by making and defending legal claims);
  • Audit our internal processes for compliance with legal and contractual requirements or our internal policies;
  • Enforce the terms and conditions that govern the Service; and
  • Prevent, identify, investigate, and deter fraudulent, harmful, unauthorized, unethical, or illegal activity, including cyberattacks and identity theft.
Regulatory and Audit Compliance
  • Maintain records required by securities, anti-money-laundering (AML), know-your-customer (KYC), tax reporting, and anti-fraud laws;
  • Respond to regulatory inquiries from the SEC and other authorities;
  • Support internal and external audits and compliance reviews;
  • File required reports with regulatory bodies (Form ADV, Form PF, and other SEC filings as applicable to exempt reporting advisers).

Data Sharing and Disclosure

Regulatory and Compliance Sharing
We may share your personal information with:
  • Securities Regulators, including the SEC and other authorities as required by law or regulation.
  • Service Providers and Business Partners, including:
    • o Custodians and financial institutions holding private fund assets
    • o KYC/AML service providers and background check vendors
    • o Tax reporting and compliance service providers
    • o Third-party advisors and service providers you authorize
General Sharing
We may share your personal information with:
  • Service Providers that perform services on our behalf under contracts requiring them to maintain the confidentiality and security of that information;
  • Business Partners for joint marketing or co-branded offerings (with your consent where required);
  • Third Parties as required or permitted by law, such as in response to lawful requests from government authorities;
  • Successors in the event of a merger, acquisition, bankruptcy, or other business transaction.

We do not sell or rent your personal information to unaffiliated third parties for their own direct marketing purposes. We may, however, share non-identifiable or anonymized data for lawful business purposes.

Cookies and Similar Technologies
Some of the automatic collection described above is facilitated by the following technologies:

Cookies are small text files that websites store on user devices and that allow web servers to record users' web browsing activities and remember their submissions, preferences and login status as they navigate a site. Cookies used on our sites include both "session cookies" that are deleted when a session ends, "persistent cookies" that remain longer, "first party" cookies that we place and "third party" cookies that our third party business partners and service providers place.

Web Beacons

Web Beacons, also known as pixel tags or clear GIFs, are clear images placed in web content or HTML emails to record when a user visits a web page or views an email.

Local Storage Technologies

Local Storage Technologies, like HTML5 and Flash, that provide cookie-equivalent functionality but can store larger amounts of data on your device outside of your browser in connection with specific applications.

Purposes of These Technologies
These technologies are used for the following purposes:
  • Technical Operation: To allow the technical operation of the Service, such as by remembering your selections and preferences as you navigate the site, and whether you are logged in when you visit password-protected areas of the Service.
  • Functionality: To provide enhanced functionality and personalization on the Service.
  • Analytics: To help us understand user activity on the Service, including which pages are most and least visited and how visitors move around the Service, as well as user interactions with our emails. For example, we use Google Analytics for this purpose. You can learn more about Google Analytics and how to opt out of Google Analytics’ collection of data from your use of our sites here.
  • Marketing and Advertising: To support our marketing and advertising activities. Some cookies and tracking technologies may constitute a "sale" or "sharing" of personal information under state privacy laws (see State Privacy Rights section below).
Cookie Preferences and Opt-Out

Local Storage Technologies, You may manage cookie preferences through your browser settings. You can typically refuse cookies or delete them through your browser controls. Many browsers also allow you to control whether you receive "Do Not Track" signals. However, blocking or deleting cookies may impact the functionality of the Service.

Data About Invitees

We may offer features that help users invite their friends or contacts to use the Service and may collect contact details about these invitees so that we can deliver their invitations. Please do not refer someone to us or share their contact details with us unless you have their permission to do so.

Data Retention
We retain different categories of personal information for different periods, as follows:
  • Account and Profile Information: Retained for the duration of your account and for a reasonable period thereafter to respond to inquiries and resolve disputes.
  • Financial and Investment Data: Retained as required by securities regulations, anti-money-laundering laws, and tax laws, typically at least 6 years after the date of a transaction or account closure, to comply with SEC rules for investment advisers and IRS requirements.
  • Government Identifiers and KYC/AML Records: Retained in accordance with FinCEN and SEC requirements for investment advisers, typically 5–7 years after account closure.
  • Communications and Support Records: Retained for 3 years from the date of the communication, or as required by law.
  • Cookies and Tracking Data: Session cookies are deleted when your session ends; persistent cookies and local storage are typically retained for up to 24 months unless cleared by you.
  • Aggregated and De-Identified Data: Retained indefinitely, as it no longer identifies you.

When information is no longer needed, we securely delete or anonymize it, except where we are required by law to retain it longer.

Security

We employ a number of technical, organizational, and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies, and we cannot guarantee the security of your personal information.

Despite these precautions, no method of transmission over the Internet or method of electronic storage is completely secure. If you believe your information has been compromised, please contact us immediately (see How to Contact Us section below).

Security Measures

Our security program includes:

  • Encryption: Encryption of personal information in transit (TLS/SSL) and at rest;
  • Access Controls: Restricted access to personal information on a need-to-know basis and authentication (password, multi-factor authentication) for user and employee access;
  • Vendor Management: Due diligence on service providers and regular vendor security audits;
  • Internal Policies: Security training, incident response plans, and data handling procedures;
  • Compliance: Regular security assessments and penetration testing to identify and remediate vulnerabilities.
    • Despite these precautions, no method of transmission over the Internet or method of electronic storage is completely secure. If you believe your information has been compromised, please contact us immediately (see How to Contact Us section below).

    International Data Transfer

    We are headquartered in the United States and may use service providers that operate in the United States and other countries. Your personal information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country. By using the Service, you consent to the transfer of your information to the United States and other countries that may not have privacy protections equivalent to those in your home jurisdiction.

    State Privacy Rights

    If you are a resident of California, Colorado, Connecticut, Delaware, Indiana, Iowa, Montana, New Hampshire, New Jersey, Tennessee, Utah, Virginia, Texas, or another US state with a comprehensive privacy law, you may have the following rights regarding your personal information:

    California Privacy Rights (CCPA/CPRA)
    California residents have the right to:
    • Access/Know: Request what personal information we have collected about you and the categories of sources, purposes of use, and categories of third parties with whom we share it;
    • Delete: Request deletion of personal information we have collected from you, subject to limited exceptions (e.g., information needed to complete transactions, comply with law, or detect fraud);
    • Correct: Request that we correct inaccurate personal information;
    • Opt-Out of Sale/Sharing: Direct us not to sell or share your personal information for cross-context behavioral advertising; and
    • Limit Use of Sensitive Personal Information: Request that we limit our use of sensitive personal information (including SSN, account credentials, biometric data, precise location, and financial account information) to purposes necessary to provide the Service or as otherwise permitted by law.
    How to Exercise Your Rights

    To exercise any of the above rights, please submit a request to us using the contact information in the How to Contact Us section below. We will verify your identity and respond to your request within 45 calendar days (or as otherwise required by law). You may also authorize an agent to submit a request on your behalf.

    Right to Appeal

    If we deny your request, you have the right to appeal that decision by contacting us again with "Appeal" in the subject line.

    Opt-Out of Marketing Communications

    You may opt-out of receiving marketing emails from us by clicking the "unsubscribe" link in any email we send you or by contacting us at the email address below. Note that even if you opt out of marketing communications, we will still send you transactional and administrative messages related to your account and legal compliance.

    Other US State Privacy Rights

    Residents of other states with privacy laws may have similar rights. Please contact us if you have questions about your state's privacy rights.

    Children

    The Service is not intended for use by anyone under 18 years of age. We do not knowingly collect personal information from children under the age of 18, nor do we offer private fund investment opportunities to individuals under 18. Under Regulation D, only accredited investors (as defined by SEC rules) may invest in our private funds. Our KYC procedures and accreditation verification processes are designed to prevent investment by minors. If you are a parent or guardian and you believe we have collected personal information from a child in a manner prohibited by law, please contact us. If we learn that we have collected personal information through the Service from a child without the consent of the child's parent or guardian as required by law, we will comply with applicable legal requirements to delete the information.

    Other sites and services

    The Service may contain links to websites, mobile applications, and other online services operated by third parties. In addition, our content may be integrated into other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control any online services operated by third parties, and we are not responsible for their actions. We encourage you to read the privacy policies of the other online services you use.

    Changes to this Privacy Policy

    We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Service or other appropriate means. Any modifications to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your use of the Service after the effective date of any modified Privacy Policy indicates your acceptance of the modified Privacy Policy.

    We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Service or other appropriate means. For material changes, we may provide you with additional notice (such as a prominent banner, email notification, or a pop-up on the Service prior to the changes becoming effective). Any modifications to this Privacy Policy will be effective upon our posting of the modified version (or as otherwise indicated at the time of posting).

    In all cases, your use of the Service after the effective date of any modified Privacy Policy indicates your acceptance of the modified Privacy Policy. If you do not agree with any changes to this Privacy Policy, you should discontinue use of the Service

    Please note that investment and offering documents may contain additional privacy terms or disclosures specific to your investment relationship.

    How to contact us

    If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

    Email: Questions@tokenshare.ioMailing Address:
    TokenShare, LLC
    210 Adriatic Parkway Suite 200
    McKinney, TX 75072
    United States
    We will respond to inquiries and requests in a timely manner as required by applicable law.