Privacy
Privacy Policy
Effective Date: May 28, 2026
Plain-English summary
We collect only the information you choose to share with us — primarily through our founder inquiry form, contact form, and any documents you upload. We use that information to evaluate whether there’s a fit between your company and our advisory platform, to communicate with you, and to operate this website. We don’t sell your information. We don’t share your pitch materials with anyone outside Metis MedTech without your permission. You can ask us to delete your information at any time.1.1 Who we are
Metis MedTech is a DBA of Metis Consulting LLC, an Illinois limited liability company (“Metis MedTech,” “we,” “us,” or “our”). Our principal business address is 130 N. Garland Court, Suite 4802, Chicago, IL 60602. You can reach us at info@metismedtech.com regarding this Privacy Policy or any data-related question.
1.2 Scope
This Privacy Policy describes how we collect, use, and protect information when you visit metismedtech.com (the “Website”) or submit information to us through the Website. It does not apply to third-party websites, services, or platforms that may be linked from the Website.
1.3 Information we collect
Information you provide to us directly:
- Founder Inquiry Form data: name, email address, company name, founder role or title, company stage, focus area, written company descriptions, and any optional pitch deck or supporting documents you choose to upload (PDF, PPT, or PPTX, up to 25MB).
- Contact form data: name, email address, and the contents of your message.
- Newsletter / mailing list opt-in data (if and when offered): name, email address, and any preferences you indicate.
- Scheduling data: if you book a meeting through an integrated scheduling tool such as Calendly, you provide that tool with your name, email, and meeting preferences. We receive that information from the tool. Use of any third-party scheduling tool is governed by that tool’s own privacy policy.
Information collected automatically:
- Usage and analytics data: when you visit the Website, our analytics provider (currently Google Analytics 4) and our hosting infrastructure collect information such as your IP address, approximate geographic location (typically at the city level), browser type, operating system, device type, pages viewed, time spent, referring URLs, and similar diagnostic information.
- Cookies and similar technologies: see our Cookie Policy for full detail on what cookies and similar technologies are used and how to manage them.
Information we do NOT seek:
We do not seek and we ask that you do not submit through this Website: (a) information protected under the U.S. Health Insurance Portability and Accountability Act of 1996 (“HIPAA”); (b) protected health information (“PHI”); (c) patient records or any patient-identifiable clinical information; (d) information regarding research subjects that could identify them; or (e) other sensitive personal information about third parties. If you inadvertently submit any such information, please contact us at info@metismedtech.com so that we can delete it.
Non-Personal Information:
Statistics or aggregated information. Statistical or aggregated data does not directly identify a specific person, but we may derive non-personal statistical or aggregated data from personal data. For example, we may aggregate personal data to calculate the percentage of users accessing a specific Website feature.
Technical information. Technical information includes information about your internet connection and usage details about your interactions with the Website, such as clickstream information to, through, and from our Website (including date and time); page response times, download errors, length of your visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), or methods used to browse away from a page.
If we combine or connect non-personal statistical or technical data with personal data so that it directly or indirectly identifies an individual, we treat the combined information as personal information.
1.4 How we use information
We use information you provide and information collected automatically to:
- Evaluate founder inquiries and assess potential strategic, advisory, or other engagement fit;
- Communicate with you in response to inquiries or submissions;
- Operate, maintain, secure, and improve the Website;
- Send you communications you have opted in to receive (such as future newsletters);
- Comply with applicable law, respond to legal processes, and protect our rights and the rights of others;
- Conduct statistical or demographic analysis;
- For any other purpose disclosed at the time of collection or to which you consent.
Because Non-Personal Information does not personally identify you, we may use and disclose such information for any purpose. In some instances, we may combine this information with personal information (such as combining your name with your location data), but in such instance, we will treat the combined information as personal information.
1.5 Legal basis for processing
To the extent applicable law (such as the EU/UK General Data Protection Regulation) requires us to identify a legal basis for processing personal information, we rely on:
- Your consent, where you have provided it (e.g., newsletter signup, optional pitch deck upload);
- Our legitimate interests in operating, improving, and securing the Website and in evaluating founder inquiries;
- The performance of a contract or pre-contractual steps you have requested; and
- Compliance with legal obligations.
1.6 Sharing of information
We do not sell personal information. We share information only as follows:
- Service providers and processors: vendors that host the Website, provide analytics, deliver email, store files, process forms, or otherwise support our operations. These vendors are bound by confidentiality and data-protection obligations.
- Professional advisors: our legal, accounting, and similar professional advisors when reasonably necessary.
- Affiliated investment vehicles: with your consent, we may share information about your company with affiliated investment vehicles where there is potential mutual interest. We will not share your pitch deck or proprietary submission materials outside Metis MedTech without first obtaining your consent, except as required by law.
- Legal compliance and protection of rights: when we believe in good faith that disclosure is required by law, legal process, or to protect our rights, your safety, or the safety of others.
- Business transactions: in connection with a merger, acquisition, financing, or sale of all or part of our business, subject to customary confidentiality protections.
1.7 Retention
We retain personal information only for as long as reasonably necessary for the purposes described in this Policy, including for the duration of any ongoing relationship and for a reasonable period thereafter to address inquiries, comply with legal obligations, and protect our interests. Founder inquiry submissions and uploaded materials are generally retained for twenty-four (24) months from the date of your last meaningful contact with us, after which they are deleted or anonymized, unless we are required or permitted by law to retain them longer or you have requested earlier deletion.
1.8 Security
We use commercially reasonable administrative, technical, and physical safeguards to protect personal information. No method of transmission over the internet and no method of electronic storage is completely secure, however, and we cannot guarantee absolute security. In particular, email, texts, and chats sent to or from the Website may not be secure, and you should carefully decide what information you send to us via such communications channels. Any transmission of personal data is at your own risk.
1.9 International users
The Website is operated from the United States. If you access the Website or submit information to us from outside the United States, you understand that your information will be transferred to, stored in, and processed in the United States, where data-protection laws may differ from those in your jurisdiction. We are not actively marketing this Website to individuals located in the European Economic Area, United Kingdom, or Switzerland, and we do not intentionally process information from such individuals beyond what is necessary to respond to inquiries they affirmatively initiate.
1.10 Your rights about your information
This section describes mechanisms you can use to control certain uses and disclosures of your information and rights you may have under state law, depending on where you live.
Advertising, marketing, cookies, and other tracking technologies choices:
- Cookies and Other Tracking Technologies. You can set your browser to refuse all or some browser cookies or other tracking technology files, or to alert you when these files are being sent. If you disable or refuse cookies or similar tracking files, some Website features may be inaccessible or not function properly. Some browsers include a “Do Not Track” (DNT) setting that can send a signal to the online services you visit indicating you do not wish to be tracked.
- Promotions by the Company. If you do not wish us to use your information to promote our own or third parties’ products or services, you can opt out by sending us an email stating your request to info@metismedtech.com.
Location data choices:
- Location Data. You can choose whether or not to allow the Website to collect and use real-time information about your device’s location through the device’s privacy settings.
Depending on your state of residency, you may also have certain rights related to your personal data, including:
- Access and Data Portability. You may confirm whether we process your personal data and access a copy of the personal data we process. To the extent feasible and required by state law, depending on your state, data will be provided in a portable format. Depending on your state, you may have the right to receive additional information and it will be included in the response to your access request.
- Correction. You may request that we correct inaccuracies in your personal data that we maintain, taking into account the information’s nature and processing purpose.
- Deletion. You may request that we delete personal data about you that we maintain, subject to certain exceptions under applicable law.
- Opt Out of Using Personal Data for Targeted Advertising, Profiling, and Sales. You may request that we do not use your personal data for these purposes.
Important: The exact scope of these rights vary by state. There are also several exceptions where we may not have an obligation to fulfill your request.
To exercise any of these rights, please contact info@metismedtech.com.
Some browsers and browser extensions support the Global Privacy Control (“GPC”) that can send a signal to process your request to opt out from certain types of data processing, including data “sales” as defined under certain laws. When we detect such a signal, we will make reasonable efforts to respect your choices indicated by a GPC setting as required by applicable law.
California residents and EU/UK individuals should also review our GDPR + CCPA policy below. To exercise any right, contact us at info@metismedtech.com.
1.11 Children’s privacy
The Website is intended for business users (medtech founders, operators, investors, and professionals). It is not directed to children under the age of 16, and we do not knowingly collect personal information from children. If you believe a child has provided personal information to us, contact info@metismedtech.com and we will delete it.
1.12 Updates
We may update this Privacy Policy from time to time. The “Effective Date” at the top reflects the most recent update. Material changes will be highlighted on the Website. Continued use of the Website after an update constitutes acceptance of the updated Policy.
1.13 Contact
Questions about this Privacy Policy or our data practices may be sent to:
Metis Consulting LLC d/b/a Metis MedTech
Attn: Privacy
130 N. Garland Court, Suite 4802, Chicago, IL 60602
info@metismedtech.com
2. Cookie Policy
Plain-English summary
We use cookies and similar technologies to make the site work, to understand how people use it, and to improve it. You can control cookies through your browser settings or, where required, through a consent banner.
2.1 What cookies are
Cookies are small text files placed on your device when you visit a website. They are widely used to make websites function properly, to enhance performance, and to provide information to site owners. Similar technologies include web beacons, pixels, tags, and local storage.
2.2 Categories of cookies we use
| Category | Purpose | Examples |
|---|---|---|
| Strictly necessary | Required for the Website to function (e.g., security, form submission, basic navigation) | Session cookies, form-token cookies |
| Analytics / performance | Help us understand how visitors use the Website so we can improve it | Google Analytics 4 cookies |
| Functional | Remember choices you make to provide a more personalized experience | Preference cookies |
2.3 Managing cookies
Most browsers allow you to refuse or delete cookies. Doing so may affect Website functionality. If a consent banner is presented, you may also make your selections there.
3. Data Usage & Retention Policy
Plain-English summary
Here’s how long we keep the things you send us, and why. Anything you send us for a founder inquiry sticks around for about two years unless we’re actively working with you (or you ask us to delete it sooner).
3.1 Retention principles
Metis MedTech retains personal information and submitted materials only for as long as reasonably necessary to: (a) fulfill the purposes for which the information was collected; (b) comply with applicable legal, tax, or regulatory obligations; (c) resolve disputes; and (d) enforce our rights and agreements.
3.2 Retention periods
| Category | Default retention | Notes |
|---|---|---|
| Founder inquiry form data and uploaded materials | 24 months from last meaningful contact | Earlier on documented request; longer if active engagement is ongoing |
| General contact form data | 24 months from submission | Earlier on documented request |
| Newsletter / mailing list data (when launched) | Until unsubscribe + reasonable suppression-list period | We retain unsubscribe records to honor the request |
| Website analytics data | Per the retention controls of our analytics provider (currently Google Analytics 4 default settings) | Configurable in GA4 |
| Cookie-consent records | 12 months or as required by applicable law | Refreshed on re-prompt |
| Records of data-rights requests | Minimum required by law (CCPA: 24 months) | Required for audit purposes |
| Legal-hold or litigation-relevant materials | Until legal hold released | Overrides the defaults above |
3.3 Disposal
When information is no longer needed, we delete, anonymize, or otherwise dispose of it using commercially reasonable methods appropriate to the sensitivity of the information.
3.4 Backups and archived copies
Information deleted from active systems may remain in routine backup archives for a limited period before being overwritten. We do not actively access or use such archived copies except as needed for backup-restoration or legal-compliance purposes.
3.5 Your right to request deletion
You may request deletion of personal information you have submitted by contacting info@metismedtech.com. We will respond to such requests in accordance with applicable law. See the GDPR + CCPA policy and the Contact & Data Rights policy.
4. GDPR + CCPA Compliance Policy
Plain-English summary
If you’re a California resident or a person in the EU/UK, you have specific data rights. Here’s how to exercise them.
4.1 For California residents (CCPA / CPRA)
This section applies to California residents to the extent the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, “CCPA”), applies to Metis MedTech and our processing of personal information.
Categories of personal information collected (last 12 months):
| Category (per CCPA) | Collected? | Source |
|---|---|---|
| Identifiers (name, email, IP address) | Yes | You; automatic |
| Commercial information (e.g., company details) | Yes | You |
| Internet or other electronic network activity | Yes | Automatic |
| Geolocation (general / city-level) | Yes (city-level) | Automatic |
| Professional or employment information | Yes | You |
| Inferences (e.g., to assess inquiry fit) | Limited | Internal analysis |
| Sensitive personal information | No | — |
Sale or sharing of personal information: Metis MedTech does not sell personal information for monetary consideration. Metis MedTech does not “share” personal information for cross-context behavioral advertising as defined under the CCPA.
California residents’ rights:
- Right to know what personal information we have collected, used, disclosed, and sold or shared;
- Right to delete personal information we have collected, subject to certain exceptions;
- Right to correct inaccurate personal information;
- Right to opt out of sale or sharing (not applicable, as Metis does not sell or share for cross-context advertising);
- Right to limit use of sensitive personal information (not applicable, as Metis does not collect sensitive personal information for purposes that would require this right);
- Right to non-discrimination for exercising any CCPA right.
How to exercise: submit a request to info@metismedtech.com or by mail to the address we provided. We will verify your identity using information you have previously provided and respond within the timeframes required by the CCPA. You may use an authorized agent; we will require written proof of authorization.
4.2 For individuals in the EU, UK, or Switzerland (GDPR)
The Website is not targeted to individuals located in the European Economic Area, the United Kingdom, or Switzerland, and Metis MedTech does not actively market to such individuals. To the extent the EU/UK General Data Protection Regulation applies to our processing of your personal information (for example, because you affirmatively submitted an inquiry from such a jurisdiction):
Controller: Metis Consulting LLC d/b/a Metis MedTech, 130 N. Garland Court, Suite 4802, Chicago, IL 60602, info@metismedtech.com.
Legal bases: as described in the Privacy Policy.
Your rights:
- Access, correction, deletion, and portability of your personal information;
- Restriction of, or objection to, certain processing;
- Withdrawal of consent at any time, where processing is based on consent;
- The right to lodge a complaint with a supervisory authority in your jurisdiction.
International transfers: information you submit will be transferred to and processed in the United States. We rely on appropriate safeguards (such as Standard Contractual Clauses or other lawful transfer mechanisms) where required by law.
No designated EU/UK representative: Metis MedTech has not appointed a representative under Article 27 of the GDPR or under UK data-protection law, on the basis that processing is occasional, low-risk, and unrelated to the marketing of goods or services to EU/UK individuals.
4.3 Other U.S. state privacy laws
Residents of other U.S. states with comprehensive privacy laws (including, without limitation, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and Delaware) may have similar rights to access, correct, or delete personal information. Please direct any such request to info@metismedtech.com; we will respond consistently with the rights and timeframes provided under applicable law.
5. Contact & Data Rights Request Policy
5.1 General contact
For all inquiries — general questions, founder submissions, privacy and data-rights requests, and accessibility support — please email:
info@metismedtech.com
Mailing address: Metis Consulting LLC d/b/a Metis MedTech, Attn: Legal, 130 N. Garland Court, Suite 4802, Chicago, IL 60602
5.2 How to submit a data-rights request
To submit a request to access, correct, delete, port, restrict, or object to processing of your personal information, please email info@metismedtech.com with the following:
- Your full name;
- The email address(es) and any other identifiers you have used to interact with us;
- A clear description of your request;
- Whether you are submitting on your own behalf or as an authorized agent (and, if the latter, written authorization).
We will acknowledge receipt within ten (10) business days and substantively respond within the timeframes required by applicable law (generally 45 days under the CCPA, with one 45-day extension permitted; one month under the GDPR, with extensions where permitted).
5.3 Verification
To protect your information, we will verify your identity before processing any access, correction, or deletion request. Verification typically involves matching information you provide in your request against information we have on file.
5.4 No retaliation
We will not deny goods or services, charge different prices, or provide a different level of service because you exercised your privacy rights.