Privacy policy

1. An overview of data protection: General information 

The following information will provide you with an easy-to-navigate overview of what will happen with your personal data when you visit this website as well as our platform. The term „personal data“ comprises all data that can be used to personally identify you. For detailed information about the subject matter of data protection, please consult our Data Protection Declaration, which we have included beneath this copy.

Data recording on this website 

Who is the responsible party for recording data on this website (i.e. the „controller“)? 

The data on this website is processed by the operator of the website, whose contact information is available under the section „Information Required by Law“. 

How do we record your data? 

We collect your data as a result of your sharing of your data with us. This may, for instance, be information you enter into our contact form as well as by making use of our platform.

Our IT systems automatically record other data when you visit our website. This data comprises primarily technical information (e.g. web browser, operating system, or time the site was accessed). This information is recorded automatically when you access this website. 

Account creation and sign-in

To use our service, you first need to set up a user account for the Uncap-Platform. This requires you to provide your business name and an email address. We point out the current terms of use and data protection and ask for active consent. We also ask you to provide additional information about your company (e.g. company name, industry, registered office – these categories are also summarised below as “company data”). We also collect your first and last name, job title, date of birth, gender, nationality, telephone number, and other information during the application process. During our registration and application process, we collect personal data directly about you, about your answers to questions, about your skills, about the results of tests, and about the references you provide. We process this data to create and manage the Uncap account and to check your suitability. The legal basis for this data processing is Art. 6 (1) (b) GDPR. The data collected when using the application form is stored for the duration of our business relationship and based on legal provisions. If no business relationship is established in the initial application process, this cannot be ruled out for the future. For this reason, we reserve the right to continue to store the aforementioned data. If a business relationship is not established, the application data will be deleted after 24 months, subject to a justified revocation by the applicant.

Application for funding

To apply for Uncap funding, you need to provide us with company data as well as personal data and connect your Accounting System with the Uncap-Platform. We need insight into this information to assess the state of your business and the risks associated with potential funding.

In case we have access to your accounting system, we will pull the data to calculate the KPIs for your dashboard at Uncap as well as to calculate overall revenues and according to repurchasing of shares. The current accounting system is Wave Financial USA Inc. Their privacy policy can be found here:

As part of the application process, we also work together with Zortify to perform some personality tests. Their privacy policy can be found here:

Furthermore, we work with the service provider Typeform to check your named references. You can find their privacy policy here:

We will review your application based on your company data and the aggregated data mentioned above. All data regarding your application is stored with your Uncap account. Only aggregated or anonymized data is processed in the application and review process. The legal basis for this data processing is Art. 6 (1) (b) GDPR.

Using the Uncap-Platform

When you log in to your Uncap account, you can examine your funded budget, financial KPIs, repayment history, and regular reporting. This information and data about your related use of the Uncap-Platform (e.g. timestamps, changes to your account, settings, and status) are stored in connection with your Uncap account. The legal basis for this data processing is Art. 6 (1) (b) GDPR.


In the context of the repayment of your funding, we process your company data and data on the funding and the repayment plan we agreed to as well as information on your account balances to coordinate and control the repayment. The legal basis is Art. 6 (1) (b) GDPR.


We process the information you provide in the support contact form to respond to your support request. In the context of your support request, we also collect your account name and other account-related data. We will process this data and, if necessary, data regarding your funding or other company data stored in your Uncap account to answer your request. The legal basis is Art. 6 (1) (b) GDPR.

Controlling, reporting, and analytics

We also use the information on transactions for internal cost and performance accounting, controlling, and internal reporting, which serves us for corporate management and planning. The legal basis is Art. 6 (1) (b) GDPR. In this context, no personal data is processed.

We also use aggregated information on applications, ongoing and completed fundings, as well as anonymized company data for analysis and marketing purposes, as well as improving our internal processes and the Uncap-Platform in general. The legal basis is Art. 6 (1) (f) GDPR, based on our aforementioned legitimate interests. We will not use or disclose your confidential information, if not otherwise agreed upon (e.g. in case of follow-on funding opportunities from other investors).

What are the purposes we use your data for? 

A portion of the information is generated to guarantee the error-free provision of the website. Other data may be used to analyze your usage patterns and thereby increase the user-friendliness of the website and platform as well as increasing the performance of our overall offering.

What rights do you have as far as your information is concerned? 

You have the right to receive information about the source, recipients, and purposes of your archived personal data at any time without having to pay a fee for such disclosures. You also have the right to demand that your data are rectified or eradicated. Please do not hesitate to contact us at any time under the address disclosed in section „Information Required by Law“ on this website if you have questions about this or any other data protection-related issues. You also have the right to log a complaint with the competent supervising agency. 

Moreover, under certain circumstances, you have the right to demand the restriction and data portability of the processing of your personal data.

Analysis tools and tools provided by third parties 

There is a possibility that your browsing patterns will be statistically analyzed when you visit this website. Such analyses are performed primarily with cookies and with what we refer to as analysis programs. As a rule, the analyses of your browsing patterns are conducted anonymously; i.e. the browsing patterns cannot be traced back to you. 

You have the option to object to such analyses or you can prevent their performance by not using certain tools. For detailed information about the tools and about your options to object, please consult our Data Protection Declaration below.

2. Hosting: External Hosting 

This website is hosted by an external service provider (host). Personal data collected on this website are stored on the servers of the host. These may include but are not limited to, IP addresses, contact requests, metadata and communications, contract information, contact information, names, web page access, and other data generated through a website. 

The host is used to fulfill the contract with our potential and existing customers (Art. 6 (1) (b) GDPR.) and in the interest of secure, fast, and efficient provision of our online services by a professional provider (Art. 6 (1) (f) GDPR). 

Our host will only process your data to the extent necessary to fulfill its performance obligations and to follow our instructions concerning such data. 

Execution of a contract data processing agreement 

To guarantee processing in compliance with data protection regulations, we have concluded an order processing contract with our host.

3. General information and mandatory information Data protection 

The operators of this website and its pages take the protection of your personal data very seriously. Hence, we handle your personal data as confidential information and comply with the statutory data protection regulations and this Data Protection Declaration. 

Whenever you use this website, a variety of personal information will be collected. Personal data comprises data that can be used to personally identify you. This Data Protection Declaration explains which data we collect as well as the purposes we use this data for. It also explains how, and for which purpose the information is collected. 

Please be advised that when using the Uncap-Platform also other controllers might process your personal data. These service providers will make their respective privacy policies accessible for you. We herewith also advise you that the transmission of data via the Internet (i.e. through e-mail communications) may be prone to security gaps. It is not possible to completely protect data against third-party access. 

Information about the responsible party (referred to as the „controller“ in the GDPR) 

The data processing controller on this website is: 

Uncap GmbH Klausingweg 2 80797 München 

Phone: 00498995473815

The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g. names, e-mail addresses, etc.). 

Revocation of your consent to the processing of data 

A wide range of data processing transactions is possible only subject to your express consent. You can also revoke at any time any consent you have already given us. To do so, all you are required to do is sent us an informal notification via e-mail. This shall be without prejudice to the lawfulness of any data collection that occurred before your revocation.

Right to object to the collection of data in special cases; right to object to direct advertising (Art. 21 GDPR) 



Right to log a complaint with the competent supervisory agency 

In the event of violations of the GDPR, data subjects are entitled to log a complaint with a supervisory agency, in particular in the member state where they usually maintain their domicile, place of work, or at the place where the alleged violation occurred. The right to log a complaint is in effect regardless of any other administrative or court proceedings available as legal recourses. 

Right to data portability 

You have the right to demand that we hand over any data we automatically process based on your consent or to fulfill a contract be handed over to you or a third party in a commonly used, machine-readable format. If you should demand the direct transfer of the data to another controller, this will be done only if it is technically feasible. 

SSL and/or TLS encryption 

For security reasons and to protect the transmission of confidential content, such as purchase orders or inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption program. You can recognize an encrypted connection by checking whether the address line of the browser switches from „HTTP://“ to „HTTPS://“ and also by the appearance of the lock icon in the browser line. 

If the SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties. 

Information about, rectification, and eradication of data 

Within the scope of the applicable statutory provisions, you have the right to at any time demand information about your archived personal data, their source, and recipients as well as the purpose of the processing of your data. You may also have a right to have your data rectified or eradicated. If you have 

questions about this subject matter or any other questions about personal data, please do not hesitate to contact us at any time at the address provided in section „Information Required by Law.“ 

Right to demand processing restrictions 

You have the right to demand the imposition of restrictions as far as the processing of your personal data is concerned. To do so, you may contact us at any time at the address provided in section „Information Required by Law.“ The right to demand restriction of processing applies in the following cases: 

If you should dispute the correctness of your data archived by us, we will usually need some time to verify this claim. During the time that this investigation is ongoing, you have the right to demand that we restrict the processing of your personal data.
If the processing of your personal data was/is conducted unlawfully, you have the option to demand the restriction of the processing of your data instead of demanding the eradication of this data.
If we do not need your personal data any longer and you need it to exercise, defend or claim legal entitlements, you have the right to demand the restriction of the processing of your personal data instead of its eradication.

If you have objected according to Art. 21 Sect. 1 GDPR, your rights, and our rights will have to be weighed against each other. As long as it has not been determined whose interests prevail, you have the right to demand a restriction of the processing of your personal data. 

If you have restricted the processing of your personal data, these data – except for their archiving – may be processed only subject to your consent or to claim, exercise, or defend legal entitlements or to
protect the rights of other natural persons or legal entities or for important public interest reasons cited by the European Union or a member state of the EU.

Disclosure of data

In principle, we will only pass on the data we collect if:

  • you have given your explicit consent according to Art. 6(1) (a) GDPR;
  • disclosure is necessary according to Art. 6(1) (f) GDPR to establish, exercise, or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in your data not being disclosed;
  • we are legally obliged to do so under Art. 6(1) (c) GDPR; or
  • this is permitted by law and is required under Art. 6(1) (b) GDPR for the processing of contractual relationships with you or for taking steps at your request before entering into a contract.

Part of the data processing may be carried out by our service providers. In addition to the service providers mentioned in this privacy policy, this may, in particular, include data centers that store our website and databases, IT service providers that maintain our systems or provide CRM functionalities, and consulting firms. If we pass data on to our service providers, they may use the data only for the fulfillment of their tasks. We have carefully selected and commissioned the service providers. They are contractually bound by our instructions, have appropriate technical and organizational measures in place to protect the rights of data subjects, and are carefully monitored by us.

In addition, data may be disclosed in connection with official requests, court orders, and legal proceedings if this is necessary to pursue or enforce rights.

4. Recording of data on this website: Cookies 

In some instances, our website and its pages use so-called cookies. Cookies do not cause any damage to your computer and do not contain viruses. The purpose of cookies is to make our website more user-friendly, effective, and more secure. Cookies are small text files that are placed on your computer and stored by your browser. 

Most of the cookies we use are so-called „session cookies.“ They are automatically deleted after your leave our site. Other cookies will remain archived on your device until you delete them. These cookies enable us to recognize your browser the next time you visit our website. 

You can adjust the settings of your browser to make sure that you are notified every time cookies are placed and to enable you to accept cookies only in specific cases or to exclude the acceptance of cookies for specific situations or in general and to activate the automatic deletion of cookies when you close your browser. If you deactivate cookies, the functions of this website may be limited. 

Cookies that are required for the performance of the electronic communications transaction or to provide certain functions you want to use (e.g. the shopping cart function) are stored based on Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in storing cookies to ensure the technically error-free and optimized provision of the operator’s services. If a corresponding agreement has been requested (e.g. an agreement to the storage of cookies), the processing takes place exclusively based on Art. 6 Sect. 1 lit. a GDPR; the agreement can be revoked at any time. 

If other cookies (e.g. cookies for the analysis of your browsing patterns) should be stored, they are addressed separately in this Data Protection Declaration. 

Server log files 

The provider of this website and its pages automatically collects and stores information in so-called server log files, which your browser communicates to us automatically. The information comprises: 

  1. The type and version of browser used
  2. The used operating system
  3. Referrer URL
  4. The hostname of the accessing computer
  5. The time of the server inquiry
  6. The IP address 

This data is not merged with other data sources. 

This data is recorded based on Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in the technically error-free depiction and the optimization of the operator’s website. To achieve this, server log files must be recorded. 

Contact form 

If you submit inquiries to us via our contact form, the information provided in the contact form as well as any contact information provided therein will be stored by us to handle your inquiry and if we have further questions. We will not share this information without your consent. 

The processing of these data is based on Art. 6 (1) (b) GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 (1) (f) GDPR) or on your agreement (Art. 6 (1) (a) GDPR) if this has been requested. 

The information you have entered into the contact form shall remain with us until you ask us to eradicate the data, revoke your consent to the archiving of data, or if the purpose for which the information is being archived no longer exists (e.g. after we have concluded our response to your inquiry). This shall be without prejudice to any mandatory legal provisions – in particular retention periods. 

Request by e-mail, telephone, or fax 

If you contact us by e-mail, telephone, or fax, your request, including all resulting personal data (name, request) will be stored and processed by us to process your request. We do not pass these data on without your consent. 

The processing of these data is based on Art. 6 Sect. 1 lit. b GDPR, if your request is related to the execution of a contract or if it is necessary to carry out pre-contractual measures. In all other cases, the processing is based on your consent (Article 6 (1) a GDPR) and/or on our legitimate interests (Article 6 (1) (f) GDPR), since we have a legitimate interest in the effective processing of requests addressed to us. 

The data sent by you to us via contact requests remain with us until you request us to delete, revoke your consent to the storage, or the purpose for the data storage lapses (e.g. after completion of your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

Links to other websites and online content

Our website may contain links to websites and online content of other providers not affiliated with us. If you activate these links, we naturally no longer have any influence on which data is collected by the respective providers and which data they record. For more detailed information on data collection and use, please refer to the privacy policies of the respective providers. Since the collection and processing of data by third parties is beyond our control, we cannot assume any responsibility for this.

Our social media profiles

Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, D2 Dublin, Irland),

Twitter (Twitter, Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA),

LinkedIn (LinkedIn Corporation, 2029 Stierlin Ct. Ste. 200 Mountain View, California 94043, USA),

Google/ YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) – privacy policy:

On our website, we link to our company profiles on the respective social networks. Please note, that when you activate a link to a social network, data is transferred to the servers of the respective provider. If you are logged in to the respective social network at that moment with your username and password, the information that you are visiting our website will be transferred to the social network and the respective provider may assign this information to your user account.

Basically, we have no way of influencing the data processing regarding social networks. But we do receive statistics about usage and visits of our company profiles on the social networks (e.g., information about the number of views, interactions such as likes, comments, and retweets, and aggregated demographic and other information or statistics). For this purpose, we submit certain parameters regarding our company and the services and content we offer on our company profile to the social network. This information is used by the providers to create more detailed statistics. In addition, the providers may use data they collect when you visit the social network for their own purposes beyond our control. For more detailed information, please refer to the providers’ privacy notice linked above.

If we receive your personal data via our social media profiles (e.g. via direct messages), you are entitled to the rights set out in this privacy policy (see section 8 “Your rights”). You can send us your inquiries to gain access to stored personal data concerning data processing in the context of our company profiles using contact data specified in section 1. We will then inform you about the data we have collected on our own and the data that was transmitted to us to comply with the rights you have exercised against us.

If you also intend to assert rights against the social network provider, the easiest way to do so is to directly contact the respective provider. The provider knows the details on the technical operation of the platform and the associated data processing as well as the concrete purposes of data processing and can put appropriate measures into practice to comply with your inquiry. The contact details can be found in the privacy notice linked above. We gladly support you in asserting your rights to the extent of our competence.

The legal basis for linking and operating our company social media profiles is Art. 6 (1) (f) GDPR based on our legitimate interest in our corporate communications in the respective social networks.

5. Newsletter data

If you would like to subscribe to the newsletter offered on this website, we will need your Email address as well as information that allows us to verify that you are the owner of the e-mail address provided and consent to the receipt of the newsletter. No further data shall be collected or shall be collected only voluntarily. We shall use such data only for the sending of the requested information and shall not share such data with any third parties.

The processing of the information entered into the newsletter subscription form shall occur exclusively based on your consent (Art. 6 Sect. 1 lit. a GDPR). You may revoke the consent you have given to the archiving of data, the e-mail address, and the use of this information for the sending of the newsletter at any time, for instance by clicking on the „Unsubscribe“ link in the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place to date.

The data deposited with us to subscribe to the newsletter will be stored by us until you unsubscribe from the newsletter or the newsletter service provider and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored for other purposes with us remain unaffected. 

After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider on a blacklist to prevent future mailings. The data from the blacklist is used only for this purpose and not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Sect. 1 lit. f GDPR). The storage in the blacklist is indefinite. You may object to the storage if your interests outweigh our legitimate interests.

6. Plug-ins and Tools

As mentioned above, when processing your data, we cooperate with service providers who have access to your data. Possible recipients of your personal data are: (i) software companies that enable us to provide our services, help us to improve them and/or serve us for marketing purposes (for example, to manage customer contacts or applications); (ii) public bodies and administrations to the extent we are legally obliged to do so; (iii) hosting providers; (iv) service companies, such as tax advisors or lawyers.

Google Fonts

To ensure that fonts used on this website are uniform, this website uses so-called Web Fonts provided by Google. When you access a page on our website, your browser will load the required web fonts into your browser cache to correctly display text and fonts. 

To do this, the browser you use will have to establish a connection with Google’s servers. As a result, Google will learn that your IP address was used to access this website. The use of Google Web Fonts is based on our interest in presenting our online content in a uniform and appealing way. According to Art. 6 Sect. 1 lit. f GDPR, this is a legitimate interest. 

If your browser should not support Web Fonts, a standard font installed on your computer will be used. 

For more information on Google Web Fonts, please follow this link: and consult Google’s Data Privacy Declaration under:

Web analytics by Google Analytics

Our website uses Google Analytics, a so-called web analysis service. Google Analytics uses “cookies”, which are text files saved on your hard drive and which allow us to analyze your utilization of our website. The usage information generated by the cookie (including your truncated IP address) is transmitted to our server and stored there for usage analysis purposes, which in turn enables us to optimize our website for our users. Your IP address is immediately anonymized during that process, i.e. you as a user remain anonymous. The information generated by the cookie about your use of this website is not forwarded to any third parties. A relevant setting in your browser software prevents the use of cookies but may restrict you from using all the functions of our website to their full extent. 

You can optionally refuse the storage and analysis of the data captured during your visit. In this case, a so-called opt-out cookie is stored in your browser, which prevents Google Analytics from collecting session data. Caution: If you delete cookies, you also delete the opt-out cookie and may need to reactivate it separately.  

You may choose not to have a unique cookie identification number assigned to your computer to avoid the aggregation and analysis of data collected on this website. 

The legal basis for processing the personal data of users is Art. 6 (1) (a) GDPR.

Google Tag Manager

The Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store cookies, and does not carry out any independent analyses. It only manages and runs the tools integrated via it. However, the Google Tag Manager does collect your IP address, which may also be transferred to Google’s parent company in the United States.

The Google Tag Manager is used on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and administration of various tools on his website. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TTDSG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF).

Additional Tools we have integrated in our website or app, which we might send personal data to through this integration are the following:

Our app uses Mixpanel to allow us to integrate tracking, which we use to analyze user flows to ultimately improve the experience of our app.

We use services from Zoho for accounting integrations, data analytics and managing customers. Personal data might be sent to Zoho to effectively makes use of those tools.

Intercom allows us to solve any user issue swiftly. We have it hooked up to our app, so we can easily track any issues or bugs that may be reported to us. Personal data like email addresses or phone numbers might be sent to Intercom to effectively makes use of its tools.

We use Typeform to request for references to applications. Typeform therefore receives personal data like email addresses linked to the referees requested.*ftypw5*_gcl_au*MjAwNzg2NTI2Ny4xNzEyMjM5MDM0&tid=75edc0b3-8d83-4ed3-9ebd-fa52675aaee6&

ZignSec is used as an identity verification, PEP and sanctions check tool. By using ZignSec as identity verification, users automatically consent with their data privacy. Personal data might be sent to ZignSec and back to Uncap for this matter.

We use Docusign for completing contracts. This might send personal data like email addresses of signees and contracting details to DocuSign.

We use PandaDoc for completing contracts. This sends email addresses of signees and contracting details to PandaDoc.

We use Mailchimp for storing newsletter contacts and sending newsletters. Through Mailchimp we can check analytics on who opened certain Campaigns and therefore shape our outreach accordingly. Subscribing to our newsletter sends personal data like names and email addresses to Mailchimp.

We use Oneafriqe to collect repayments. We therefore exchange data on collection requests and the necessary personal data like name and phone number to allocate the request.

We use Flutterwave to collect repayments. We therefore exchange data on collection requests and the necessary personal details like name and phone number to allocate the request.

We use Hover to host our website and app URLs.

We use IONOS to host our website data.

Our app infrastructure and all its data bases are hosted on AWS.

We use Adobe to create invoices or account statements and send them to entrepreneurs through the platform. Personal data might for this matter be exchanged with Adobe.

We use Calendly to schedule introduction calls for our sales pipeline. Calendly will request potential client’s email addresses.

Updates to this Privacy Policy

This privacy policy is currently valid. As a result of the further development of our website and platform or due to changed legal or official requirements, it may be necessary to change this privacy policy. The current privacy policy can be found on our website

Sign up to our newsletter to stay posted.

We value your privacy.

© Uncap 2023

We are happy to send you the demo recording!

Please let us know where we can send it to below.