Privacy Notice

Last updated: April 6, 2026

Effective Date: March 25, 2026

Identity of Controller

This Privacy Policy applies to the processing of personal data in connection with the Venture Papers website, platform, and related services (collectively, the “Service”). For the purposes of applicable data protection laws, Venture Papers (“Venture Papers”, “we”, “us”, or “our”) acts as the data controller in respect of personal data collected through or in connection with the Service. As data controller, Venture Papers determines the purposes for which, and the manner in which, personal data is collected, used, and processed.

Venture Papers operates the Service as an independent provider of digital products and related communications, and any personal data you provide or that is collected during your interaction with the Service is processed under the control and responsibility of Venture Papers.

Where the Service relies on third-party providers to support operations, including hosting, analytics, communications, and payment processing, such providers may process personal data on behalf of Venture Papers or as independent controllers, depending on the service provided. In particular, payment transactions are processed by an independent third-party merchant of record, which acts as a separate controller for payment and billing information and processes that data under its own terms and privacy practices.

This Privacy Policy applies solely to the processing activities for which Venture Papers acts as a data controller, and it does not apply to the independent processing of personal data by third parties like the merchant of record. If the operation of the Service is transferred to an affiliated or successor legal entity, that entity will become the data controller for the purposes of this Privacy Policy, and the policy may be updated accordingly.

Where required under applicable law, Venture Papers may designate a representative or point of contact for data protection matters in relevant jurisdictions, with details made available in the “Contact Information” section. By accessing or using the Service, you acknowledge that your personal data will be processed by Venture Papers in accordance with this Privacy Policy and applicable data protection laws.

Information We Collect

We collect and process limited categories of personal data in connection with your access to and use of the Service. The types of data collected depend on how you interact with the Service, including whether you browse the Site, subscribe to communications, or complete a purchase through a third-party provider.

Information You Provide Directly: We may collect personal data that you voluntarily provide to us, including:

  • Contact Information: such as your email address, including where you subscribe to receive updates, notifications, or communications relating to us and our Digital Products.
  • Communications Data: any information you provide when contacting us directly, including via email or any forms made available through the Service.

Provision of such information is voluntary; however, certain features of the Service (such as receiving updates or communications) may not be available without it.

Transaction-Related Information: Where you purchase a Digital Product, payment transactions are processed by an independent third-party merchant of record. We do not collect or store payment card details or billing credentials. However, we may receive and process limited transaction-related information necessary to operate the Service and fulfil our obligations, including:

  • Confirmation that a transaction has been completed.
  • The Digital Product purchased.
  • Date and time of the transaction.
  • A transaction identifier or reference provided by the payment processor.

Such information is used solely for service delivery, record-keeping, and operational purposes.

Usage and Technical Data: We may automatically collect certain information relating to your interaction with the Service, including:

  • Device and Technical Information: such as IP address, browser type, device type, operating system, and general location information derived from IP address.
  • Usage Data: such as pages visited, time spent on the Site, navigation paths, referring URLs, and interactions with content.
  • Log Data: including access times, system activity, and diagnostic data relating to the performance and use of the Service.

This information is collected to support the operation, security, and improvement of the Service.

Cookies and Tracking Technologies: Our third-party service providers and we may use cookies, pixels, tags, and similar tracking technologies to collect information about your interactions with the Service, including for analytics and advertising purposes. Further details on the use of such technologies, including how you can manage your preferences, are set out in the Cookie Notice.

Aggregated and Non-Identifiable Data: We may generate or receive aggregated, anonymized, or de-identified data that does not directly identify you. Such data may be used for analytical, statistical, or operational purposes and is not treated as personal data to the extent permitted under applicable law.

Children’s Privacy: The Service is not directed at children. You must be at least eighteen (18) years of age, or the age of legal majority in your jurisdiction, to access or use the Service. We do not knowingly collect personal data from minors. If we become aware that a minor has provided us with personal data, we will take immediate steps to delete such information from our records.

How We Use Information

We process personal data solely for legitimate and defined purposes in connection with the provision, operation, and improvement of the Service.

General Compliance: All processing activities, data uses, and legal bases outlined in this Privacy Policy are strictly governed by and subject to applicable data protection laws. Any processing activities, such as advertising, analytics, or communications, are conducted only where necessary, proportionate, and legally permitted.

Service Delivery and Operation: We use personal data to enable and support the delivery of the Service, including:

  • Providing access to Digital Products following a confirmed transaction.
  • Maintaining records of purchases and access rights.
  • Administering and managing the functionality, availability, and performance of the Service.
  • Ensuring the proper operation, security, and integrity of the Service and its underlying systems.

Communications: We may use your personal data, in particular contact information such as your email address, to communicate with you in connection with the Service, including:

  • Sending administrative or service-related communications, such as confirmations, updates, or notices relating to the Service.
  • Responding to inquiries, requests, or communications initiated by you.
  • Providing updates, notifications, or information regarding Digital Products, new releases, or related offerings where you have opted to receive such communications.

You may manage or opt out of non-essential communications using the mechanisms provided within such communications.

Analytics and Service Improvement: We use personal data, including usage and technical data, to analyze, monitor, and improve the Service, including:

  • Understanding how users access, navigate, and interact with the Service.
  • Evaluating the performance, effectiveness, and reliability of the Service.
  • Identifying trends, usage patterns, and areas for improvement.
  • Developing, refining, and optimizing features, content, and user experience.

Such processing may involve the use of aggregated or de-identified data where appropriate.

Security, Fraud Prevention, and Compliance: We may process personal data to maintain the security and lawful use of the Service, including:

  • Detecting, preventing, and addressing technical issues, unauthorized access, or misuse of the Service.
  • Enforcing our terms, policies, and usage conditions.
  • Complying with legal, regulatory, or enforcement obligations.

Advertising and Measurement: We may use personal data in connection with advertising and marketing activities, including:

  • Measuring the effectiveness of advertising campaigns.
  • Understanding audience engagement and behavior.
  • Delivering relevant communications or promotional content through third-party platforms.

Such activities may involve the use of tracking technologies and third-party analytics or advertising services, as further described in the Cookie Notice.

Legal Basis for Processing

We process personal data only where a valid legal basis exists. The applicable legal basis depends on the nature of the data and the context in which it is collected and used, including:

  • Performance of a Contract: We process personal data where necessary for the performance of a contract or to take steps at your request prior to entering into a contract. This includes enabling access to Digital Products following a transaction, maintaining purchase records, and facilitating essential communications. Where such data is not provided, we may be unable to provide certain aspects of the Service.
  • Legitimate Interests: We may process personal data where necessary for the purposes of our legitimate interests, provided that such interests are not overridden by your rights and freedoms. These interests include operating and improving the Service, understanding user engagement, ensuring security, preventing fraud, and evaluating marketing effectiveness. Where we rely on legitimate interests, we undertake a balancing assessment to ensure processing is proportionate.
  • Consent (Where Applicable): In certain circumstances, we may rely on your consent to process personal data, such as for specific communications or the use of certain tracking technologies. You have the right to withdraw your consent at any time, though this will not affect the lawfulness of processing carried out prior to withdrawal.
  • Compliance with Legal Obligations: We may process personal data where necessary to comply with legal or regulatory obligations, including record-keeping and responding to lawful requests from public authorities.
Third-Party Services and Sharing

We may engage third-party service providers and partners to support the operation, delivery, and improvement of the Service. In the course of providing such services, limited personal data may be shared with or accessed by these third parties, strictly as necessary and in accordance with applicable data protection laws.

Service Providers and Limitation of Liability: We may share personal data with third-party service providers that perform functions on our behalf, including hosting, communication, analytics, and marketing platforms. Such providers process personal data only to the extent necessary and are contractually or legally required to handle personal data in accordance with applicable data protection standards. However, to the maximum extent permitted by applicable law, we make no representations or warranties regarding any third-party services and shall not be liable for the availability, security, or the handling of your data by such independent third parties. Your interactions with any third-party services are governed solely by the terms and policies of those third parties.

Merchant of Record: All payment transactions are processed by an independent third-party merchant of record (MoR). We do not process or store payment card details or billing credentials. In connection with a transaction, we may receive limited transaction-related information (such as confirmation of payment and the product purchased), while the MoR independently collects and processes payment and billing information in accordance with its own terms and privacy practices. The MoR acts as a separate data controller in respect of such payment data. While we do not control the MoR’s internal data handling, we ensure that our selected third-party partners comply with recognized, industry-standard data protection regulations..

Analytics and Advertising Partners: We may use third-party analytics and advertising services to understand user behavior, measure the effectiveness of marketing activities, and improve the Service. These third parties may collect or receive information about your interactions with the Service through cookies and similar tracking technologies. Such processing is governed by the respective privacy policies of those third parties.

Legal and Compliance Disclosures: We may disclose personal data where required to do so by applicable law or where such disclosure is reasonably necessary to comply with legal obligations, enforce applicable terms, protect the rights and safety of us or others, or address fraud and security issues.
5.5 Business Transfers: In the event of a reorganization, merger, acquisition, or transfer of assets, personal data may be transferred as part of such transaction, subject to applicable confidentiality and data protection requirements.

International Data Transfers

We operate on a global basis and may process personal data in multiple jurisdictions. As a result, personal data collected in connection with the Service may be transferred to, stored in, or accessed from countries outside your country of residence. These jurisdictions may have differing data protection laws and may not provide the same level of legal protection. Where personal data is transferred across borders, we take reasonable steps to ensure that appropriate safeguards are implemented, such as transferring data to jurisdictions recognized as providing adequate protection or entering into contractual arrangements with recipients. By accessing or using the Service, you acknowledge that your personal data may be transferred to and processed in jurisdictions outside your country of residence.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, unless a longer retention period is required or permitted under applicable law. The duration depends on the nature of the data: service-related data is retained to ensure continuity of service; communication data is retained to manage interactions; transaction-related data is retained for accounting and compliance purposes; and usage data is retained for analytical and security monitoring. Where personal data is no longer required, we will take reasonable steps to delete, anonymize, or securely dispose of it, unless retention is necessary to comply with legal obligations, resolve disputes, or protect our rights.

Your Rights

Subject to applicable data protection laws, you may have certain rights in relation to your personal data. These rights are not absolute and may vary depending on your jurisdiction, but may include the following:

  • Right of Access: You may have the right to request confirmation as to whether we process your personal data and to request access to such data, including information about how it is used.
  • Right to Rectification: You may have the right to request that inaccurate or incomplete personal data be corrected or updated.
  • Right to Erasure: You may have the right to request the deletion of your personal data, subject to certain conditions, including where the data is no longer necessary or where you withdraw consent.
  • Right to Restrict Processing: You may have the right to request that the processing of your personal data be restricted in certain circumstances.
  • Right to Object: You may have the right to object to the processing of your personal data where such processing is based on legitimate interests, including for direct marketing purposes.
  • Right to Data Portability: Where applicable, you may have the right to receive your personal data in a structured, commonly used, and machine-readable format and to request that such data be transmitted to another controller.
  • Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time, without affecting the lawfulness of processing carried out prior to withdrawal.

Exercising Your Rights: You may exercise your rights by contacting us using the details provided in the “Contact Information” section. We may take reasonable steps to verify your identity before responding and may decline or limit requests where permitted under applicable law, including where requests are manifestly unfounded or excessive.

Regulatory Complaints: Where applicable, you may have the right to lodge a complaint with a competent data protection authority in your jurisdiction if you believe that your personal data has been processed in a manner that does not comply with applicable regulatory frameworks.

Data Security and Cyberattack Waiver

We implement reasonable technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure. Such measures may include access controls, secure infrastructure, and system monitoring.

However, no method of transmission over the internet or electronic storage is completely secure. To the maximum extent permitted by applicable law, we shall not be liable for unauthorized access, data loss, or disclosure resulting from sophisticated cyberattacks, illegal hacking, malicious third-party acts, or other events beyond our reasonable control, provided we have maintained industry-standard baseline protections. In the event of a data security incident, we will take appropriate steps to investigate, mitigate, and notify affected individuals or authorities as required by applicable law.

Changes to This Privacy Policy

We reserve the right to modify, update, or replace this Privacy Policy at any time, at our sole discretion. Where changes are made, the updated version will be made available on the Site with a revised “Last Updated” date. Any changes will take effect immediately upon publication, and your continued access to or use of the Service constitutes your acknowledgment of such changes. If you do not agree with any updates, you should discontinue use of the Service.

Contact Information

If you have any questions, requests, or concerns regarding this Privacy Policy or the processing of your personal data, you may contact us through the methods made available on the Contact page of the Site. We will make reasonable efforts to respond to inquiries in accordance with applicable laws.

Governing Law and Dispute Resolution

While you retain the right to lodge regulatory complaints with local data protection authorities as outlined in Section 8.9, any civil dispute, claim, or controversy arising out of or relating to this Privacy Policy, our data practices, or the handling of your personal data shall be strictly governed by the laws of the Republic of Kenya, without regard to its conflict of law principles.

To the maximum extent permitted by applicable law, you agree that any such civil disputes shall be subject to the jurisdiction of the competent courts of Kenya; however, if you are a consumer, you may bring legal proceedings regarding disputes in your local courts as permitted by your regional consumer protection laws.

Furthermore, any claims or damages arising from data privacy matters are strictly subject to the Limitation of Liability and Indemnification clauses set forth in our Terms of Use.

Scroll to Top