Legal

Privacy Policy

Effective: July 5, 2026 Last updated: July 5, 2026 Applies: Globally, to all BroadPeak websites & applicants

BroadPeak Investment Group and its affiliates ("BroadPeak," "BIG," "we," "us," or "our") respect your privacy. This Privacy Policy explains how we collect, use, disclose, transfer, retain, and protect personal information in connection with our websites, communications, recruiting activities, and related services (collectively, the "Services"), and describes the rights and choices available to individuals worldwide.

Global application. BroadPeak receives inquiries and job applications from individuals around the world. We apply the core protections of this Policy globally. Where local law (for example, the EU/UK GDPR, U.S. state privacy laws, or Canadian privacy law) grants you additional rights, those apply to you as described in Section 13. Nothing in this Policy limits any non-waivable right you have under applicable law.

01Scope & Who We Are

This Policy applies to personal information we process through broadpeak.com and related BroadPeak web properties, our email and telephone communications, our recruitment and hiring processes, and our business, investment, and portfolio-support activities. "Personal information" (also "personal data") means information that identifies, relates to, or could reasonably be linked to an identifiable individual.

For personal information collected through the Services, the data controller (or "business") is BroadPeak Investment Group, together with the relevant BroadPeak affiliate or operating entity involved in a given interaction (for example, BroadPeak Mobility, LLC for its vehicle operations, or a BroadPeak portfolio or property entity). Our contact details are in Section 17.

This Policy does not apply to the independent privacy practices of our portfolio companies, franchisees, dealers, or other third parties that operate under their own brands and policies, or to third-party platforms we link to (see Section 15).

02Information We Collect

The categories of personal information we collect depend on how you interact with us:

Information you provide

  • Identity & contact data — name, email address, telephone number, postal or business address, and the organization or title you provide.
  • Application & professional data — resume/CV, cover letters, work history, education, credentials, references, work samples (including the Founding Analyst Case), portfolio, salary or compensation expectations, work-authorization status, and any information you choose to include when you apply for a role or contact us.
  • Correspondence — the content of messages, inquiries, and other communications you send to us, including confidential business or investment inquiries.
  • Voluntary information — any additional details you elect to share, including through third-party application platforms.

Information collected automatically

  • Device & usage data — IP address, approximate location derived from IP, browser and device type, operating system, referring/exit pages, pages viewed, links clicked, and dates/times of access.
  • Cookies & similar technologies — as described in Section 8.

03Where We Obtain Information

We obtain personal information: (a) directly from you; (b) automatically from your device when you use the Services; and (c) from third parties, including recruiting and applicant-tracking platforms (such as ADP Workforce Now), recruiters and staffing agencies, references you designate, professional networking or publicly available sources (such as LinkedIn), our hosting and analytics providers, and — where permitted by law and with any required consent — background-screening providers.

04Sensitive & Special-Category Information

We do not seek sensitive or special-category information (such as racial or ethnic origin, health, religion, or similar categories) except where necessary and permitted by law. Certain information may be collected on a strictly voluntary basis or to meet legal obligations — for example, diversity information provided voluntarily for equal-opportunity monitoring, or work-authorization information required for employment. Where the law requires your explicit consent to process such information, we will obtain it, and you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal. Please do not send us sensitive information unless we specifically request it.

05How We Use Information

We use personal information to:

  • operate, maintain, secure, and improve the Services and our communications;
  • evaluate, process, and respond to job applications, and administer our recruiting and hiring (see Section 7);
  • respond to inquiries, business proposals, and confidential deal or investment communications;
  • communicate with you, including sending administrative or transactional messages;
  • conduct analytics to understand and improve how the Services are used;
  • protect the rights, property, safety, and integrity of BroadPeak, our personnel, our users, and the public, and to detect, prevent, and address fraud, security, or technical issues;
  • comply with legal, regulatory, tax, and contractual obligations, and to establish, exercise, or defend legal claims; and
  • carry out corporate transactions and other legitimate business purposes as described in this Policy.

06Legal Bases for Processing (EEA / UK)

If you are in the European Economic Area, the United Kingdom, or Switzerland, we rely on the following legal bases under the GDPR / UK GDPR:

PurposeLegal basis
Responding to inquiries and taking steps at your requestPerformance of a contract or pre-contract steps, and our legitimate interests
Evaluating and managing job applicationsLegitimate interests (assessing candidates), steps prior to a possible employment relationship, and consent where required (e.g., talent-pool retention)
Operating, securing, and improving the Services and analyticsLegitimate interests in running and protecting our business; consent for non-essential cookies
Compliance, safety, and legal claimsLegal obligation and legitimate interests
Sensitive information, where processedExplicit consent or another applicable Article 9 condition

Where we rely on legitimate interests, we balance those interests against your rights and freedoms; you may object as described in Section 13.

07Job Applicant & Candidate Privacy Notice

This section supplements the rest of the Policy for individuals who apply to, or are considered for, roles with BroadPeak or its affiliates (including through our careers page or a third-party applicant-tracking system).

What we process and why

We process the application and professional data described in Section 2 to assess your suitability for a role, communicate with you, verify information (including work authorization and, where lawful and disclosed, references or background checks), make hiring decisions, and maintain records of our recruiting process for compliance and defense of legal claims.

Automated decision-making

We do not make hiring decisions that produce legal or similarly significant effects based solely on automated processing without human involvement. Meaningful human review is part of our evaluation.

Talent pool

If you are not selected, we may retain your information for a reasonable period to consider you for future opportunities. Where consent is required for this, we will ask for it, and you may ask us to remove your information at any time.

Confidentiality of submissions

Recruiting submissions are handled under this Policy. Except for such personal information, please do not send us confidential or proprietary materials you are not authorized to share; unsolicited business ideas and feedback are treated as described in our Terms of Use.

08Cookies & Similar Technologies

Our websites use a limited set of cookies and similar technologies. Strictly necessary technologies are required for the site to function and to keep it secure. We may also use functional and analytics technologies to remember preferences and understand aggregate usage so we can improve the Services.

You can control cookies through your browser settings — most browsers let you block or delete cookies — and, where required by law, we will seek your consent before setting non-essential cookies. We honor recognized browser-based opt-out signals, including the Global Privacy Control (GPC), as a valid request to opt out of "sale"/"sharing" for the browser or device on which it is enabled, where applicable law requires. Because there is no common industry standard, we do not otherwise respond to "Do Not Track" signals.

09How & With Whom We Share Information

We do not sell your personal information for money, and we do not "share" it for cross-context behavioral advertising as those terms are defined under California law. We disclose personal information only as follows:

  • Service providers / processors — vendors that perform services on our behalf under contract, such as website hosting (Netlify), applicant-tracking and recruiting platforms (ADP Workforce Now), email and communications tools, and analytics providers. They may process personal information only on our instructions and for our purposes.
  • Affiliates & portfolio entities — BroadPeak affiliates and operating entities involved in your interaction (for example, evaluating you for a role at a specific BroadPeak venture), subject to this Policy.
  • Professional advisors — lawyers, auditors, insurers, and consultants, as needed.
  • Corporate transactions — in connection with a financing, merger, acquisition, reorganization, sale of assets, or similar transaction, or diligence for one, information may be disclosed to the relevant parties and advisors.
  • Legal, safety & compliance — where we believe disclosure is necessary to comply with law or legal process, enforce our agreements, protect rights, property, or safety, or respond to lawful requests by public authorities.

10International Data Transfers

BroadPeak is based in the United States, and we and our service providers may process personal information in the United States and other countries whose data-protection laws may differ from those in your jurisdiction. Where we transfer personal information from the EEA, the United Kingdom, or Switzerland to a country not deemed to provide an adequate level of protection, we implement appropriate safeguards — such as the European Commission's Standard Contractual Clauses and the UK International Data Transfer Addendum — together with additional measures as needed. You may contact us to request more information about these safeguards.

11Data Retention

We retain personal information only for as long as necessary to fulfill the purposes described in this Policy, including to provide the Services, evaluate applications, maintain business and recruiting records, comply with our legal and regulatory obligations, resolve disputes, and enforce our agreements. Retention periods vary by context and legal requirement; when information is no longer needed, we delete, anonymize, or securely dispose of it.

12Data Security

We maintain administrative, technical, and organizational measures designed to protect personal information against unauthorized access, loss, misuse, or alteration. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for safeguarding any credentials and for the security of information you transmit to us.

13Your Privacy Rights

Depending on where you live and applicable law, you may have some or all of the rights below. To exercise a right, contact us using Section 17. We will verify your request and respond within the timeframe required by law. We will not discriminate against you for exercising your rights. You may use an authorized agent where the law permits, subject to verification.

EEA, United Kingdom & Switzerland (GDPR / UK GDPR)

You have the right to access; to rectify inaccurate data; to erase ("right to be forgotten"); to restrict or object to processing (including processing based on legitimate interests); to data portability; and to withdraw consent at any time where processing is based on consent. You also have the right to lodge a complaint with your local supervisory authority. Where we act as controller, requests can be directed to us at the contact details below.

California (CCPA / CPRA)

California residents have the right to know/access the categories and specific pieces of personal information we have collected, the sources, the business or commercial purposes, and the categories of recipients; to correct inaccurate personal information; to delete personal information; and to opt out of the "sale" or "sharing" of personal information and to limit use of sensitive personal information. We do not sell or share personal information as defined under California law, and we do not use or disclose sensitive personal information for purposes that require an opt-out. We will not discriminate against you for exercising these rights.

Other U.S. states

Residents of states with comprehensive privacy laws (including Virginia, Colorado, Connecticut, Utah, Texas, and others) may have rights to access, correct, delete, and obtain a portable copy of their personal data, and to opt out of targeted advertising, sale, or certain profiling. We honor these rights as applicable and provide any appeal mechanism required by law.

Canada & other jurisdictions

Individuals in Canada (PIPEDA and applicable provincial laws) and in other jurisdictions may have rights to access and correct their personal information and to withdraw consent, subject to legal and contractual limits. We handle such requests in accordance with applicable law.

14Children's Privacy

The Services are intended for adults and are not directed to children. We do not knowingly collect personal information from children under the age of 16 (or the age defined by your local law). If you believe a child has provided us personal information, please contact us and we will take appropriate steps to delete it.

15Third-Party Links & Services

The Services may link to third-party websites, platforms, and services (for example, our applicant-tracking platform, LinkedIn, or portfolio-company sites). We are not responsible for the privacy practices or content of those third parties. We encourage you to review their privacy policies before providing personal information.

16Changes to This Policy

We may update this Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we do, we will revise the "Last updated" date above and, where required, provide additional notice. Your continued use of the Services after an update indicates your acknowledgment of the revised Policy.

17How to Contact Us

To exercise your rights or ask questions about this Policy or our privacy practices, contact us:

BroadPeak Investment Group — Privacy

BroadPeak Investment Group

Corporate Office · Sandy Springs, GA 30328 · United States
Email: Info@broadpeak.com
Phone: +1 (678) 992-2230

Please include enough detail for us to verify your identity and understand your request. If you are in the EEA or UK and wish to reach an EU/UK representative, contact us at the address above and we will direct your request appropriately.

This Privacy Policy is provided for transparency and does not create contractual obligations beyond those required by applicable law. It should be read together with our Terms of Use.