Privacy

Privacy Policy

Effective Date: May 28, 2026

Plain-English summary

We collect only the information you choose to share with us — primarily through our founder inquiry form, contact form, and any documents you upload. We use that information to evaluate whether there’s a fit between your company and our advisory platform, to communicate with you, and to operate this website. We don’t sell your information. We don’t share your pitch materials with anyone outside Metis MedTech without your permission. You can ask us to delete your information at any time.

1.1 Who we are

Metis MedTech is a DBA of Metis Consulting LLC, an Illinois limited liability company (“Metis MedTech,” “we,” “us,” or “our”). Our principal business address is 130 N. Garland Court, Suite 4802, Chicago, IL 60602. You can reach us at info@metismedtech.com regarding this Privacy Policy or any data-related question.

1.2 Scope

This Privacy Policy describes how we collect, use, and protect information when you visit metismedtech.com (the “Website”) or submit information to us through the Website. It does not apply to third-party websites, services, or platforms that may be linked from the Website.

1.3 Information we collect

Information you provide to us directly:

Information collected automatically:

Information we do NOT seek:

We do not seek and we ask that you do not submit through this Website: (a) information protected under the U.S. Health Insurance Portability and Accountability Act of 1996 (“HIPAA”); (b) protected health information (“PHI”); (c) patient records or any patient-identifiable clinical information; (d) information regarding research subjects that could identify them; or (e) other sensitive personal information about third parties. If you inadvertently submit any such information, please contact us at info@metismedtech.com so that we can delete it.

Non-Personal Information:

Statistics or aggregated information. Statistical or aggregated data does not directly identify a specific person, but we may derive non-personal statistical or aggregated data from personal data. For example, we may aggregate personal data to calculate the percentage of users accessing a specific Website feature.

Technical information. Technical information includes information about your internet connection and usage details about your interactions with the Website, such as clickstream information to, through, and from our Website (including date and time); page response times, download errors, length of your visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), or methods used to browse away from a page.

If we combine or connect non-personal statistical or technical data with personal data so that it directly or indirectly identifies an individual, we treat the combined information as personal information.

1.4 How we use information

We use information you provide and information collected automatically to:

Because Non-Personal Information does not personally identify you, we may use and disclose such information for any purpose. In some instances, we may combine this information with personal information (such as combining your name with your location data), but in such instance, we will treat the combined information as personal information.

To the extent applicable law (such as the EU/UK General Data Protection Regulation) requires us to identify a legal basis for processing personal information, we rely on:

1.6 Sharing of information

We do not sell personal information. We share information only as follows:

1.7 Retention

We retain personal information only for as long as reasonably necessary for the purposes described in this Policy, including for the duration of any ongoing relationship and for a reasonable period thereafter to address inquiries, comply with legal obligations, and protect our interests. Founder inquiry submissions and uploaded materials are generally retained for twenty-four (24) months from the date of your last meaningful contact with us, after which they are deleted or anonymized, unless we are required or permitted by law to retain them longer or you have requested earlier deletion.

1.8 Security

We use commercially reasonable administrative, technical, and physical safeguards to protect personal information. No method of transmission over the internet and no method of electronic storage is completely secure, however, and we cannot guarantee absolute security. In particular, email, texts, and chats sent to or from the Website may not be secure, and you should carefully decide what information you send to us via such communications channels. Any transmission of personal data is at your own risk.

1.9 International users

The Website is operated from the United States. If you access the Website or submit information to us from outside the United States, you understand that your information will be transferred to, stored in, and processed in the United States, where data-protection laws may differ from those in your jurisdiction. We are not actively marketing this Website to individuals located in the European Economic Area, United Kingdom, or Switzerland, and we do not intentionally process information from such individuals beyond what is necessary to respond to inquiries they affirmatively initiate.

1.10 Your rights about your information

This section describes mechanisms you can use to control certain uses and disclosures of your information and rights you may have under state law, depending on where you live.

Advertising, marketing, cookies, and other tracking technologies choices:

Location data choices:

Depending on your state of residency, you may also have certain rights related to your personal data, including:

Important: The exact scope of these rights vary by state. There are also several exceptions where we may not have an obligation to fulfill your request.

To exercise any of these rights, please contact info@metismedtech.com.

Some browsers and browser extensions support the Global Privacy Control (“GPC”) that can send a signal to process your request to opt out from certain types of data processing, including data “sales” as defined under certain laws. When we detect such a signal, we will make reasonable efforts to respect your choices indicated by a GPC setting as required by applicable law.

California residents and EU/UK individuals should also review our GDPR + CCPA policy below. To exercise any right, contact us at info@metismedtech.com.

1.11 Children’s privacy

The Website is intended for business users (medtech founders, operators, investors, and professionals). It is not directed to children under the age of 16, and we do not knowingly collect personal information from children. If you believe a child has provided personal information to us, contact info@metismedtech.com and we will delete it.

1.12 Updates

We may update this Privacy Policy from time to time. The “Effective Date” at the top reflects the most recent update. Material changes will be highlighted on the Website. Continued use of the Website after an update constitutes acceptance of the updated Policy.

1.13 Contact

Questions about this Privacy Policy or our data practices may be sent to:

Metis Consulting LLC d/b/a Metis MedTech
Attn: Privacy
130 N. Garland Court, Suite 4802, Chicago, IL 60602
info@metismedtech.com

Plain-English summary

We use cookies and similar technologies to make the site work, to understand how people use it, and to improve it. You can control cookies through your browser settings or, where required, through a consent banner.

2.1 What cookies are

Cookies are small text files placed on your device when you visit a website. They are widely used to make websites function properly, to enhance performance, and to provide information to site owners. Similar technologies include web beacons, pixels, tags, and local storage.

2.2 Categories of cookies we use

CategoryPurposeExamples
Strictly necessaryRequired for the Website to function (e.g., security, form submission, basic navigation)Session cookies, form-token cookies
Analytics / performanceHelp us understand how visitors use the Website so we can improve itGoogle Analytics 4 cookies
FunctionalRemember choices you make to provide a more personalized experiencePreference cookies

2.3 Managing cookies

Most browsers allow you to refuse or delete cookies. Doing so may affect Website functionality. If a consent banner is presented, you may also make your selections there.

3. Data Usage & Retention Policy

Plain-English summary

Here’s how long we keep the things you send us, and why. Anything you send us for a founder inquiry sticks around for about two years unless we’re actively working with you (or you ask us to delete it sooner).

3.1 Retention principles

Metis MedTech retains personal information and submitted materials only for as long as reasonably necessary to: (a) fulfill the purposes for which the information was collected; (b) comply with applicable legal, tax, or regulatory obligations; (c) resolve disputes; and (d) enforce our rights and agreements.

3.2 Retention periods

CategoryDefault retentionNotes
Founder inquiry form data and uploaded materials24 months from last meaningful contactEarlier on documented request; longer if active engagement is ongoing
General contact form data24 months from submissionEarlier on documented request
Newsletter / mailing list data (when launched)Until unsubscribe + reasonable suppression-list periodWe retain unsubscribe records to honor the request
Website analytics dataPer the retention controls of our analytics provider (currently Google Analytics 4 default settings)Configurable in GA4
Cookie-consent records12 months or as required by applicable lawRefreshed on re-prompt
Records of data-rights requestsMinimum required by law (CCPA: 24 months)Required for audit purposes
Legal-hold or litigation-relevant materialsUntil legal hold releasedOverrides the defaults above

3.3 Disposal

When information is no longer needed, we delete, anonymize, or otherwise dispose of it using commercially reasonable methods appropriate to the sensitivity of the information.

3.4 Backups and archived copies

Information deleted from active systems may remain in routine backup archives for a limited period before being overwritten. We do not actively access or use such archived copies except as needed for backup-restoration or legal-compliance purposes.

3.5 Your right to request deletion

You may request deletion of personal information you have submitted by contacting info@metismedtech.com. We will respond to such requests in accordance with applicable law. See the GDPR + CCPA policy and the Contact & Data Rights policy.

4. GDPR + CCPA Compliance Policy

Plain-English summary

If you’re a California resident or a person in the EU/UK, you have specific data rights. Here’s how to exercise them.

4.1 For California residents (CCPA / CPRA)

This section applies to California residents to the extent the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, “CCPA”), applies to Metis MedTech and our processing of personal information.

Categories of personal information collected (last 12 months):

Category (per CCPA)Collected?Source
Identifiers (name, email, IP address)YesYou; automatic
Commercial information (e.g., company details)YesYou
Internet or other electronic network activityYesAutomatic
Geolocation (general / city-level)Yes (city-level)Automatic
Professional or employment informationYesYou
Inferences (e.g., to assess inquiry fit)LimitedInternal analysis
Sensitive personal informationNo

Sale or sharing of personal information: Metis MedTech does not sell personal information for monetary consideration. Metis MedTech does not “share” personal information for cross-context behavioral advertising as defined under the CCPA.

California residents’ rights:

How to exercise: submit a request to info@metismedtech.com or by mail to the address we provided. We will verify your identity using information you have previously provided and respond within the timeframes required by the CCPA. You may use an authorized agent; we will require written proof of authorization.

4.2 For individuals in the EU, UK, or Switzerland (GDPR)

The Website is not targeted to individuals located in the European Economic Area, the United Kingdom, or Switzerland, and Metis MedTech does not actively market to such individuals. To the extent the EU/UK General Data Protection Regulation applies to our processing of your personal information (for example, because you affirmatively submitted an inquiry from such a jurisdiction):

Controller: Metis Consulting LLC d/b/a Metis MedTech, 130 N. Garland Court, Suite 4802, Chicago, IL 60602, info@metismedtech.com.

Legal bases: as described in the Privacy Policy.

Your rights:

International transfers: information you submit will be transferred to and processed in the United States. We rely on appropriate safeguards (such as Standard Contractual Clauses or other lawful transfer mechanisms) where required by law.

No designated EU/UK representative: Metis MedTech has not appointed a representative under Article 27 of the GDPR or under UK data-protection law, on the basis that processing is occasional, low-risk, and unrelated to the marketing of goods or services to EU/UK individuals.

4.3 Other U.S. state privacy laws

Residents of other U.S. states with comprehensive privacy laws (including, without limitation, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and Delaware) may have similar rights to access, correct, or delete personal information. Please direct any such request to info@metismedtech.com; we will respond consistently with the rights and timeframes provided under applicable law.

5. Contact & Data Rights Request Policy

5.1 General contact

For all inquiries — general questions, founder submissions, privacy and data-rights requests, and accessibility support — please email:

info@metismedtech.com

Mailing address: Metis Consulting LLC d/b/a Metis MedTech, Attn: Legal, 130 N. Garland Court, Suite 4802, Chicago, IL 60602

5.2 How to submit a data-rights request

To submit a request to access, correct, delete, port, restrict, or object to processing of your personal information, please email info@metismedtech.com with the following:

We will acknowledge receipt within ten (10) business days and substantively respond within the timeframes required by applicable law (generally 45 days under the CCPA, with one 45-day extension permitted; one month under the GDPR, with extensions where permitted).

5.3 Verification

To protect your information, we will verify your identity before processing any access, correction, or deletion request. Verification typically involves matching information you provide in your request against information we have on file.

5.4 No retaliation

We will not deny goods or services, charge different prices, or provide a different level of service because you exercised your privacy rights.

← Back to home