RepInvestBack to Home

Legal

Privacy Policy

This Privacy Policy explains how RepInvest collects, uses, shares, and protects your personal information when you use our platform.

Last updated: June 1, 2026

1. Overview

RepInvest, Inc. (“RepInvest,” “we,” “our,” or “us”) operates the RepInvest investment platform at joinrepinvest.com. As a financial services platform, we are subject to federal and state laws governing personal and financial information, including the Gramm-Leach-Bliley Act (GLBA).

We do not sell your personal information to third parties for marketing purposes.

2. Information We Collect

2.1 Information You Provide Directly

  • Identity Information: Full name, date of birth, government-issued ID details
  • Contact Information: Email address, phone number, mailing address
  • Financial Information: Bank account details (via Plaid), investment amounts, transaction history
  • Tax Information: Last four digits of Social Security Number (we never store your full SSN)
  • KYC Documents: Government-issued ID scans, proof of address, identity selfies
  • Investment Preferences: Risk profile, investment goals, income range, net worth range

2.2 Information Collected Automatically

  • Device Information: Browser type, operating system, device identifiers
  • Log Data: IP address, pages visited, time and date of visits
  • Usage Data: Features used, actions taken, session duration
  • Security Data: Login attempts, session tokens, authentication events

2.3 Information from Third Parties

  • Plaid: Bank account ownership verification, account type, masked account number, institution name
  • Straddle: Identity verification results, KYC/AML screening outcomes, payment status updates, fraud monitoring signals
  • Morgan Stanley: Fund valuation data used to calculate daily NAV

3. How We Use Your Information

3.1 Providing Our Services

  • Creating and managing your investor account
  • Processing deposits and withdrawals via ACH through Straddle
  • Issuing and redeeming fund units at NAV
  • Maintaining your investment ledger and transaction history

3.2 Compliance & Legal Obligations

  • Verifying your identity as required by KYC/AML regulations (Section 326, USA PATRIOT Act)
  • Complying with the Bank Secrecy Act and FinCEN requirements
  • Detecting, investigating, and preventing fraud via Straddle's Watchtower monitoring
  • Responding to legal process, court orders, and regulatory inquiries
  • Maintaining required financial records

3.3 Communications

  • Sending transactional notifications (deposits, withdrawals, KYC status)
  • Providing account statements and fund performance updates
  • Sending important notices about changes to our services or policies

4. How We Share Your Information

We do not sell your personal information. We share information only in the following circumstances:

4.1 Service Providers

  • Supabase: Database hosting and authentication
  • Plaid Technologies: Bank account linking and processor token generation
  • Straddle, Inc.: ACH payment processing, KYC/AML identity verification, fraud monitoring
  • Morgan Stanley: Fund custody and asset management
  • Resend: Transactional email delivery
  • Vercel: Platform hosting and infrastructure

4.2 Legal Requirements

We may disclose your information in response to subpoenas, court orders, regulatory examinations, or anti-money laundering reporting obligations.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity subject to the same privacy protections.

5. Third-Party Services

5.1 Plaid

We use Plaid Technologies, Inc. to enable bank account linking. When you connect your bank account, you interact with Plaid's interface and your data is subject to Plaid's Privacy Policy (plaid.com/legal/privacy-policy). Plaid generates a secure processor token shared with Straddle for ACH processing — your full credentials are never shared with RepInvest.

5.2 Straddle

ACH transactions are processed and identity verification is performed by Straddle, Inc. Your personal information — including name, date of birth, address, and SSN — is transmitted to Straddle for KYC/AML screening. This includes screening against OFAC, PEP, global sanctions lists, and adverse media. Straddle conducts ongoing monitoring for the duration of your relationship with RepInvest. Straddle's services are subject to their Privacy Policy and Terms of Service.

5.3 Morgan Stanley

Fund assets are custodied with Morgan Stanley. Fund-level valuation data is shared with RepInvest daily. Individual investor information is not shared with Morgan Stanley beyond what is required for regulatory reporting.

6. Data Security

  • Encryption in Transit: TLS 1.3 for all data transmissions
  • Encryption at Rest: AES-256 for sensitive stored data
  • Access Controls: Role-based access limits employee access on a need-to-know basis
  • Audit Logging: All access to sensitive data is logged and monitored
  • No Full SSN Storage: Your complete SSN is never stored — only the last four digits
  • Bank Credentials: Your bank username and password are never shared with RepInvest — handled through Plaid's secure infrastructure
  • Payment Tokens: Bank accounts are represented as Straddle Paykeys — secure tokens that cannot be reverse-engineered to obtain account details

7. Data Retention

  • Active Accounts: Retained for the life of your account
  • Closed Accounts: Minimum 7 years following account closure (financial regulation requirement)
  • Transaction Records: Minimum 7 years
  • KYC Documents: 5 years following termination of the business relationship
  • Audit Logs: Minimum 3 years
  • PSA Consent Records: Retained indefinitely as required by NACHA and Straddle compliance rules

8. Your Rights & Choices

8.1 Access & Correction

Update most personal information in account settings. For other requests, contact privacy@joinrepinvest.com.

8.2 Account Deletion

You may request account deletion. Certain financial records must be retained for regulatory compliance even after deletion.

8.3 Communications Preferences

Opt out of non-essential communications in account settings. Essential transactional emails cannot be disabled.

8.4 Data Portability

Request a copy of your personal data at privacy@joinrepinvest.com.

9. Cookies & Tracking

  • Essential Cookies: Required for authentication and security — cannot be disabled
  • Analytics Cookies: Help us understand platform usage — may be disabled
  • Preference Cookies: Remember your settings and preferences

10. Children's Privacy

The Platform is not directed to individuals under 18. We do not knowingly collect information from children. Contact privacy@joinrepinvest.com if you believe we have collected information from a minor.

11. California Privacy Rights

California residents have additional rights under CCPA/CPRA including: right to know, right to delete, right to correct, right to opt out of sale or sharing, right to non-discrimination, and right to limit use of sensitive personal information.

To exercise California privacy rights, contact privacy@joinrepinvest.com. We respond to verified requests within 45 days. Note that certain financial information is exempt from CCPA/CPRA when subject to GLBA.

12. Changes to This Policy

We may update this Policy periodically. We will notify you of material changes by posting the updated Policy and, where required, by email. Continued use of the Platform constitutes acceptance of the revised Policy.

13. Contact Us

Questions about this document? Contact us at legal@joinrepinvest.com

Terms of UsePrivacy PolicyDisclosures