Privacy Policy

Privacy Policy

Effective Date: Nov 25, 2025

Monsterra Capital LLC ("Monsterra," "we," "us," or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and share your personal information when you use our website or services. We comply with applicable privacy laws worldwide, including the European Union’s General Data Protection Regulation (GDPR) and UK GDPR, as well as U.S. privacy norms, to ensure your data is handled lawfully and transparently. By using our site or services, you agree to the practices described in this Privacy Policy.

Personal Data We Collect

We collect only the personal data that is necessary for specific purposes. This includes:

  • Contact Information: Your name, email address, phone number, and mailing address (for example, when you contact us or sign up for updates).

  • Identification & KYC Data: Information required for Know-Your-Customer (KYC) and onboarding to our investment funds, such as date of birth, nationality, government-issued identification numbers or copies of ID documents, and any other data needed to verify your identity and comply with anti-money laundering laws.

  • Account & Investment Information: Details you provide as part of fund subscription or account creation, including financial information or accreditation status if applicable.

  • Newsletter/Marketing Preferences: If you opt-in to receive our newsletter or marketing emails, we collect your email address and any preferences or interests you indicate.

  • Website Usage Data: When you visit our website, we and third parties (like analytics and advertising partners) automatically collect data about your device and browsing activities via cookies or similar technologies. This may include your IP address, browser type, pages viewed, date/time of visit, and interactions with our site. We use Framer’s platform to host our site, which has built-in analytics that count page views and unique visitors in a privacy-focused manner. We also use third-party analytics and tracking tools (described below) that collect usage data to help us improve our site and marketing.

We do not intentionally collect any sensitive personal data unless necessary (for instance, certain KYC data might be considered sensitive under law). Our website is not intended for children under the age of 18, and we do not knowingly collect data from them.

How We Use Personal Data and Legal Bases

We only use your personal data for specific, legitimate purposes and under a proper legal basis as permitted by law. These purposes and bases include:

  • Providing Services and Contractual Necessity: To onboard you as an investor in our funds, manage your account, and provide the services you request. For example, we use your contact and identification details to process your investment, communicate with you about fund performance, and fulfill our contract with you. This use is necessary for the performance of a contract with you or to take steps at your request before entering a contract.

  • Legal Compliance (KYC/AML): To meet our legal obligations related to anti-money laundering (AML), counter-terrorist financing, and other financial regulations. As part of this, we process KYC data to verify identities and screen investors as required by law. The legal basis for this processing is compliance with a legal obligation.

  • Communication and Customer Support: To respond to your inquiries, send service-related announcements, or provide customer support. We may process your contact information and any messages for our legitimate interest in ensuring effective communication and user satisfaction. If the communication is about your contract with us, it may also be necessary for performing that contract.

  • Marketing and Updates (With Consent): If you subscribe to our newsletter or marketing communications, we use your email to send you news, product updates, or promotional materials. We rely on your consent for this activity (where required by law), and you can withdraw your consent at any time. Each marketing email will include an unsubscribe link to opt out easily.

  • Analytics and Service Improvement: We analyze how users interact with our website to understand and improve our services, user experience, and marketing effectiveness. For this, we use tools like Google Analytics and ContentSquare that gather usage data (e.g. which pages you visit, for how long, what links you click). In jurisdictions where required, we rely on your consent (obtained via our cookie banner) before using non-essential cookies for analytics. In other cases, we may process website usage data based on our legitimate interest in improving our services, but only in ways that do not override your privacy rights.

  • Advertising and Personalization: We use Google Ads (including remarketing features) to show relevant ads to users who have visited our site. This involves processing of cookie identifiers and browsing behavior to display targeted ads on other platforms based on your past interactions with our site. Such processing is based on your consent where required (e.g., via the cookie consent banner) or our legitimate interests in reaching interested audiences, in compliance with applicable laws. You can opt out of personalized advertising as described in the Cookies section below.

  • Security and Fraud Prevention: To protect our business, website, and users, we may process personal data as needed to detect, investigate, and prevent fraud, security incidents, or other malicious activity. This is in our legitimate interests and in some cases may be required by law. For example, we might log and analyze IP addresses to guard against unauthorized access or attacks.

  • Other Legitimate Interests: We may process personal data for additional purposes in our legitimate interests, such as corporate transactions (if we are involved in a merger or acquisition, for instance) or to establish or defend legal claims. We will always consider your rights and freedoms and will not process data under legitimate interests if they are overridden by your interests. You have the right to object to processing based on legitimate interests (see Your Privacy Rights below).

We will not use your personal data for purposes that are incompatible with those described above without first obtaining your consent or unless required or permitted by law. We do not engage in automated decision-making or profiling that produces legal or similarly significant effects on you without human intervention.

Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to provide functionality, analyze usage, and enable advertising features. When you first visit, you will be presented with a cookie consent banner (in jurisdictions that require it) to choose which non-essential cookies you accept. You can adjust your preferences at any time via the banner or your browser settings.

The types of cookies and trackers we use include:

  • Essential Cookies: These are necessary for our website to function (e.g., to enable core site features or remember your cookie preferences). They are always active and do not require consent.

  • Analytics Cookies (Google Analytics, ContentSquare): We use Google Analytics to collect information about how visitors use our site. Google Analytics uses first-party cookies to track metrics such as page visits, traffic sources, and user interactions. This data helps us understand website performance and improve content. IP addresses may be collected by Google Analytics, but we have configured the service to anonymize IP data where applicable. ContentSquare is an analytics tool that uses first-party cookies and other means to analyze user behavior (such as clicks, scrolling, and navigation patterns) on our site. The insights from ContentSquare allow us to improve user experience and design. All analytics data we collect is aggregated and does not directly identify individual visitors.

  • Advertising Cookies (Google Ads): Google Ads cookies help us and our advertising partners show you relevant advertisements on Google’s network and across the web. For example, if you visit our site, a cookie may remember your visit so that you might see a Monsterra Capital ad on a later Google search or on a site in Google’s ad network. These cookies and similar identifiers record information about your visit and interests to facilitate remarketing/retargeting. We only use advertising cookies with your consent where required. Google and other third-party vendors use cookies to serve ads based on your prior visits to our site.

  • Third-Party Service Cookies (Payhip): We use Payhip to power certain transactions or digital content delivery on our site. If you engage in a purchase or signup facilitated by Payhip, that service may place cookies to manage your session or payment. Payhip may collect information like your name, email, address, and order details in order to process the transaction. Payhip’s use of your data is governed by their privacy policy, but we ensure that any data we receive from Payhip related to your purchase is handled in line with this Privacy Policy.

Cookie Consent & Opt-Out: Non-essential cookies (analytics and advertising) will not be activated unless you consent via the cookie banner, in compliance with EU ePrivacy laws. You can also refuse or delete cookies through your browser settings; however, note that doing so may affect some features of our site. For instance, blocking all cookies might prevent some pages from loading correctly.

To specifically opt out of Google Analytics, you can install the Google Analytics Opt-out Browser Add-on. To opt out of Google Ads personalized advertising, you can adjust your Google Ad Settings or use industry opt-out tools such as the Network Advertising Initiative opt-out page. Additionally, most modern browsers offer global privacy control settings or "Do Not Track" signals; while our site does not currently respond to Do Not Track signals, you can use these controls as an extra measure.

Mobile App: Finly – Additional Data Practices

If you use our mobile game Finly (available on Google Play), we collect additional data to enhance the game experience and provide relevant in-game advertising opportunities. This includes:

  • In-game behavior (e.g., time spent, level progress, purchase history, user interactions)

  • Device information (e.g., device ID, Android version, IP address)

  • Advertising identifiers (e.g., Google Ad ID)

  • Engagement data related to ads or sponsored in-game content

We may use this information to:

  • Improve gameplay and personalize in-game experiences

  • Analyze player trends and behavior

  • Serve targeted marketing or advertising content from third-party businesses within the app

Legal Basis: We process this data based on your consent (where required under law, including GDPR and applicable U.S. state laws) or our legitimate interest in offering and monetizing our app.

We may share certain anonymized or aggregated gameplay insights with third-party advertisers or marketing partners to support in-game campaigns or offers. This data does not directly identify individual users but may be used to display tailored content or offers within Finly.

Opt-Out Options: You can limit ad personalization via your Android device’s settings (e.g., “Opt out of Ads Personalization” in Google settings), or through any in-app privacy controls we provide.

Planned Integrations: In future versions of Finly, we may enable users to sign in using their Google account. If and when this feature is introduced, we will collect limited profile information (such as your Google ID, name, and email address) to support account linking and personalized gameplay. Any such data will be handled in accordance with this Privacy Policy and applicable data protection laws. We will notify users in-app when this feature goes live and update this Policy accordingly.

For more details on how we use cookies, analytics tools, and share data with third parties, please refer to the “Cookies and Tracking” and “How We Share Your Data” sections of this Policy.

How We Share Your Data

We do not sell your personal information to third parties for money or other valuable consideration, and we do not share personal data with third parties for their own direct marketing use without your permission. However, we do share your data in certain circumstances, as necessary to run our business or comply with legal obligations, as detailed below:

  • Service Providers: We employ trusted third-party companies to perform functions on our behalf and help deliver our services. This includes web hosting and platform services (e.g., Framer, which hosts our website), analytics providers (e.g., Google Analytics, ContentSquare), advertising partners (e.g., Google Ads), email marketing platforms (for sending newsletters), KYC/identity verification services, and payment or transaction processors (e.g., Payhip). These service providers process personal data only under our instructions and for the purposes described in this Policy. We ensure they are bound by contracts (including Data Processing Agreements where applicable) to protect your data and use it only within the scope of the services they provide to us.

  • Affiliates and Partners: If Monsterra Capital is part of a corporate group or collaborates with business partners in providing services (for example, a fund administration partner or co-investment partner), we may share necessary information with those affiliated entities or partners. They will be required to maintain the confidentiality and security of the information and to use it only for the agreed purposes.

  • Legal Compliance and Protection: We may disclose personal data when required to do so by law or in response to valid requests by public authorities (e.g., law enforcement, regulators). For instance, we might need to share information to comply with court orders, governmental regulations, or other legal processes, or to meet KYC/AML regulatory requirements with authorities. We may also share data as necessary to exercise, establish, or defend legal claims or protect against fraud, security threats, or other illegal activities.

  • Business Transfers: If we undergo a business transaction such as a merger, acquisition, corporate reorganization, or asset sale, your personal data may be transferred to the successor or acquiring entity as part of that transaction. If such a transfer occurs, the use of your personal data will remain subject to this Privacy Policy (unless you are notified of changes and given an opportunity to opt out).

  • Consent: We will share your information with other third parties (or allow them to collect it) only if you have given us consent to do so. For example, if you agree to our use of advertising cookies, we will enable those third-party ad networks to collect data via our site.

When sharing data with any third party, we adhere to the principle of data minimization – only the data that is necessary for the specific purpose will be shared. All third parties must handle personal data in accordance with applicable privacy laws and protect it with appropriate security measures.

International Data Transfers

Monsterra Capital is based on a web platform that may operate servers in various locations, and our third-party service providers may be located in countries outside of your own. If you are located in the European Economic Area (EEA) or the UK, this means your personal data could be transferred to countries that may not be deemed to have equivalent data protection laws, such as the United States (where companies like Google have servers).

Whenever we transfer personal data out of the EEA/UK, we take steps to ensure it remains protected. In particular, we rely on applicable legal mechanisms for international data transfers:

  • Standard Contractual Clauses: For transfers to our service providers outside the EEA/UK, we typically use the European Commission’s Standard Contractual Clauses (SCCs) or UK International Data Transfer Agreements/Addendums as part of our contracts with those service providers. These clauses contractually oblige the recipient to safeguard your personal data to EU GDPR standards.

  • Adequacy Decisions: Where applicable, we may transfer data to countries that have been officially deemed to provide an adequate level of data protection by the European Commission or UK authorities.

  • Other Safeguards: We also assess on a case-by-case basis whether additional technical and organizational measures are needed to ensure transferred data is secure (for example, encryption in transit and at rest, pseudonymization, or limiting the data shared).

You can contact us (see Contact Us section below) for more information about the safeguards we have in place for international data transfers or to request a copy of them.

Data Security

We have implemented appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, alteration, or disclosure. These measures include encryption of data where applicable, access controls to limit who within our organization can access information, firewalls and network security measures, and policies to ensure any personal data is handled securely and confidentially. We also ensure that our staff are trained in data protection and that our service providers are required to maintain strong security standards.

Despite our efforts, please note that no method of transmission over the internet or method of electronic storage is completely secure. We cannot guarantee absolute security of your information. However, we continuously review and update our security practices to address new threats and vulnerabilities. If you have reason to believe that your interaction with us or your data might no longer be secure (for example, if you feel that the security of an account you have with us has been compromised), please contact us immediately.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. In general:

  • User Account and Contact Data: We keep your account information and contact details for as long as you maintain an active relationship with us (e.g., you are an active investor or subscriber). If you close your account or unsubscribe, we will delete or anonymize your data within a reasonable period, except where retention is required by law or legitimate business needs.

  • KYC and Legal Compliance Data: For information collected as part of legal compliance (such as KYC/AML documentation), we may be required by law to retain this data for a certain period. For example, anti-money laundering regulations may mandate retaining identity verification records for a number of years after the end of the business relationship. We will securely retain such data for the duration required (e.g., five years after your investment ends, or as specified by applicable law) and then delete or archive it safely.

  • Analytics Data: We generally aggregate or anonymize website analytics data over time. Raw analytics logs and cookie data are typically retained for a shorter period (for instance, Google Analytics data may be retained for 14 months by default, unless we configure otherwise) and are used only to analyze trends in the aggregate.

  • Marketing Data: If you have consented to receive marketing communications, we will retain your contact details for that purpose until you opt out or unsubscribe from marketing. Upon your withdrawal of consent or request to unsubscribe, we will remove you from our marketing list promptly, though we may keep a record of your contact details on a suppression list to ensure we respect your opt-out.

  • Backup & Archive: Some data may remain in our routine backups or archives for a short duration beyond the active retention period, but we maintain safeguards to protect it and will purge it in the normal course of our backup rotation.

Once the retention period expires, or if we determine that the data is no longer needed, we will ensure it is either securely destroyed, deleted, or anonymized so that it can no longer be associated with you.

Your Privacy Rights

Depending on where you reside, you have certain rights regarding your personal data. Monsterra Capital is committed to honoring these rights and has processes to enable you to exercise them.

Rights Under GDPR/UK GDPR (for EU, UK and analogous jurisdictions): If you are in the European Union, United Kingdom, or a region with similar laws, you have the following rights with respect to your personal data:

  • Right to Be Informed: The right to receive clear and transparent information about how your data is collected and used (which is why we provide this Privacy Policy).

  • Right of Access: The right to request a copy of the personal data we hold about you, as well as information on how we process it.

  • Right to Rectification: The right to request correction of inaccurate personal data and to have incomplete data completed.

  • Right to Erasure: The right to request deletion of your personal data in certain circumstances (also known as the "right to be forgotten"). For example, you can ask us to erase data if it’s no longer needed for the purposes for which it was collected or if you withdraw consent and no other legal basis for processing applies. Note that we may not be able to delete data that we are legally required to keep (e.g., for compliance reasons), but we will inform you if such an exception applies.

  • Right to Restrict Processing: The right to request that we limit the processing of your data in certain scenarios – for instance, while we are verifying the accuracy of data you contested or if you objected to processing and we are considering that request.

  • Right to Data Portability: The right to receive your personal data in a structured, commonly-used, machine-readable format and to have that data transmitted to another controller where technically feasible. This right applies when your data is processed by automated means and the processing is based on your consent or on a contract with you.

  • Right to Object: The right to object to certain processing of your personal data. You have an absolute right to object to the use of your data for direct marketing at any time. You can also object when we process your data based on legitimate interests or for a task in the public interest, and we will honor your objection unless we have compelling legitimate grounds to continue (or if the processing is needed for legal claims).

  • Rights related to Automated Decision Making: The right not to be subject to decisions based solely on automated processing (including profiling) that have legal or similarly significant effects on you. (Note: Monsterra Capital does not engage in such automated decision-making without human oversight as of the date of this Policy.)

To exercise any of these GDPR/UK GDPR rights, please contact us using the information in the Contact Us section. We may need to verify your identity before fulfilling your request (for example, by asking you to provide information to confirm your identity). We will respond to your request within the timeframe required by law (generally within one month for GDPR, with the possibility to extend by two further months for complex requests). There is no fee for exercising these rights unless a request is manifestly unfounded or excessive.

Rights Under U.S. Privacy Laws: If you are a resident of certain U.S. states, such as California, you may have additional rights under state laws like the California Consumer Privacy Act (CCPA) (as amended by the CPRA), or similar laws in other states. If these laws apply to our processing of your data, your rights may include:

  • Right to Know: You can request that we disclose the categories and specific pieces of personal information we have collected about you, as well as information about our data practices (such as the categories of sources, purposes of collection, and third parties with whom we share data).

  • Right to Delete: You can request that we delete personal information we have collected from you, subject to certain exceptions (for example, we may retain data if required by law or to complete a transaction you requested).

  • Right to Opt-Out of Sale or Sharing: You have the right to direct us not to sell your personal information to third parties or share it for cross-context behavioral advertising purposes. However, as noted above, Monsterra Capital does not sell personal data in the traditional sense, and we do not share your personal information for targeted advertising without your consent. If in the future we engaged in any activity deemed a "sale" or "sharing" under applicable law, we would provide a clear opt-out mechanism (such as a “Do Not Sell or Share My Personal Information” link).

  • Right to Correct: You may request correction of inaccurate personal information that we maintain about you.

  • Right to Limit Use of Sensitive Information: If we collect any sensitive personal information (as defined by law), you can ask us to limit its use/disclosure to what is necessary to perform the services or provide the goods (for example, if we ever collected data like a Social Security number or passport number beyond KYC needs, which we generally do not, you could restrict its use).

  • Right to Non-Discrimination: We will not deny services, charge different prices, or provide a different quality of services to you for exercising any of your privacy rights under applicable law.

To exercise U.S. privacy rights, you (or an authorized agent acting on your behalf) can send us a request via the contact methods below. We will verify your identity (or authority of your agent) and respond as required by law. Typically, we will need at least two or three data points from you to match against our records to verify identity for an access or deletion request. If you have an online account with us, you can make certain requests through your account if available.

Do Not Track: Some browsers offer a "Do Not Track" (DNT) signal. Currently, our website does not respond to DNT signals due to lack of an industry standard, but as mentioned above, we provide other ways to opt out of analytics and advertising cookies and you may use those controls to manage your preferences.

Lodging Complaints: If you believe we have infringed your privacy rights or data protection laws, you have the right to lodge a complaint with a supervisory authority. For EU residents, this would be your national Data Protection Authority (DPA); for UK residents, the Information Commissioner’s Office (ICO); and for others, your local privacy regulator. We encourage you to contact us first so we can address your concerns directly.

Opting Out of Communications

  • Marketing Emails: If you no longer wish to receive our newsletter or promotional emails, you can opt out at any time by clicking the "unsubscribe" link in any marketing email, or by contacting us at our email address below and requesting removal. Please note that even if you opt out of marketing messages, we may still send you non-promotional communications about your account or transactions (such as administrative emails or customer service responses).

  • Cookies: As detailed in the Cookies and Tracking section, you can control cookies through our consent banner and/or your browser settings. You can revoke consent by updating your preferences on the banner (if available) or clear cookies from your browser to remove existing trackers. For mobile apps (if any in future), you can typically limit ad tracking via your device settings.

Third-Party Links and Services

Our website may contain links to third-party websites or services (for example, a link to our social media pages, or a payment page hosted by Payhip). If you click those links, you will be directed to sites that we do not control. This Privacy Policy does not cover the privacy practices of third-party websites or platforms. We recommend that you review the privacy policies of any third-party site or service that you visit or use, as their practices will differ from ours.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the bottom of this Policy. If the changes are material, we may also provide a more prominent notice (such as by posting a notice on our website or sending an email notification). We encourage you to review this Policy periodically to stay informed about how we are protecting your information.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us:

  • Email: privacy@monsterracapital.com

  • Postal Address: Monsterra Capital, Attn: Privacy Officer, 30N Gould St, Sheridan, Wyoming 82801

We will respond to your inquiries as promptly as possible.

Last Updated: November 25, 2025

Growth rarely announces itself — it happens in the silence between who you were and who you’re becoming.

Let’s talk today

Phone

(302) 208-8995

Email

info@monsterracapital.com

Address

Salesforce Tower, 415 Mission St, San Francisco, CA 94105, United States

1 Sussex St, Barangaroo, NSW 2000, Australia

Contact Hours

Mon to Fri: 9.00am-5.00pm PDT

4:11:30 AM

Pages

About

Services

Insights

Career

Contact

Services

Income solutions

Asset Management

Business Advisory

Socials

Linkedin

TikTok

Privacy Policy

Terms

Growth rarely announces itself — it happens in the silence between who you were and who you’re becoming.

Let’s talk today

Phone

(302) 208-8995

Email

info@monsterracapital.com

Address

Salesforce Tower, 415 Mission St, San Francisco, CA 94105, United States

1 Sussex St, Barangaroo, NSW 2000, Australia

Contact Hours

Mon to Fri: 9.00am-5.00pm PDT

4:11:30 AM

Pages

About

Services

Insights

Career

Contact

Services

Income solutions

Asset Management

Business Advisory

Socials

Linkedin

TikTok

Privacy Policy

Terms

Growth rarely announces itself — it happens in the silence between who you were and who you’re becoming.

Let’s talk today

Phone

(302) 208-8995

Email

info@monsterracapital.com

Address

Salesforce Tower, 415 Mission St, San Francisco, CA 94105, United States

1 Sussex St, Barangaroo, NSW 2000, Australia

Contact Hours

Mon to Fri: 9.00am-5.00pm PDT

4:11:30 AM

Pages

About

Services

Insights

Career

Contact

Services

Income solutions

Asset Management

Business Advisory

Socials

Linkedin

TikTok

Privacy Policy

Terms