← Back

Privacy Policy

Effective 2026-04-27

This Privacy Policy describes how Overline, LLC (“Overline,” “we,” or “us”) handles information collected through the Overline Dashboard (the “Dashboard”), an authenticated portfolio-intelligence tool we maintain for our limited partners, fund staff, portfolio company executives, and other authorized parties (“you”).

The Dashboard is a private, authenticated tool. It is not a public website, and it is not a product we sell.

Information we collect

  • Account information. The email address you sign in with, your sign-in timestamps, and (for users who sign in with Google) the Google profile fields associated with your account.
  • OAuth tokens. For Overline staff who grant Calendar, Drive, Gmail metadata, or Docs scopes, we store access and refresh tokens issued by Google so we can fetch the data on your behalf. We never request scopes broader than what is necessary to populate the Dashboard.
  • Usage signals. Standard server logs (IP address, user agent, request paths, timestamps) and acknowledgment of these legal terms.
  • Content you provide. Any notes, tags, or overrides you (as a Overline staff user) save through the Dashboard.

Information we do not collect

  • We do not use third-party advertising or marketing trackers.
  • We do not sell, rent, or otherwise transfer your information to advertisers, data brokers, or other third parties for their own purposes.
  • We do not access the bodies of your Gmail messages. The Gmail integration uses the metadata-only scope (subject, sender, date, thread ID).

How we use information

We use the information described above to:

  • Authenticate you and authorize what you see in the Dashboard.
  • Surface portfolio activity (meetings, mentions, news, fund metrics) to authorized users.
  • Operate, secure, debug, and improve the Dashboard.
  • Comply with legal obligations and respond to legitimate requests.

Service providers

We rely on a small number of vetted service providers to host and run the Dashboard. These providers process information solely on our instructions and only as needed to deliver their service. The current list includes (without limitation): Vercel (hosting), Neon / Postgres providers (database), Carta (source-of-record investor and cap-table data), Airtable (portfolio metadata), Google (authentication, Calendar, Drive, Gmail metadata, Docs), and Anthropic (server-side AI summarization).

Data retention

Authentication and OAuth records are retained for as long as your account is active. Usage logs are retained for a reasonable operational period and then rotated. Acknowledgments of these legal terms are retained for the life of your account for audit purposes. You may request deletion of any record we control by contacting us at the address below; we will honor the request unless we are required to retain the record by law or for legitimate business reasons.

Your choices

  • You can revoke the Dashboard’s access to your Google account at any time through your Google Account security settings; this will disconnect Calendar, Drive, Gmail, and Docs syncing for your user.
  • You can request access to, correction of, or deletion of information we hold about you by emailing the address below.

Security

We use commercially reasonable measures to protect the Dashboard, including authenticated access, transport encryption, and access controls on the underlying database. No system is perfectly secure, and we cannot and do not guarantee that the Dashboard will be free from unauthorized access. You are responsible for keeping your sign-in credentials confidential.

Children

The Dashboard is not directed to and is not intended for use by anyone under 18.

Changes

We may update this Privacy Policy from time to time. When we make material changes we will update the effective date above and may re-prompt you to acknowledge the new version on your next visit.

Contact

Questions about this Privacy Policy or data we hold about you can be sent to michael@overline.vc.