1. Who we are
Ventra is a venture operator based in Stockholm, Sweden. We help AI startups with go-to-market, investor relations, and infrastructure on a revenue-share basis.
For the purposes of data protection law, Ventra is the data controller for personal data collected through our website at ventra.me.
Contact: hello@ventra.me
2. What data we collect
Contact form submissions
When you submit our contact form, we collect:
- First name and last name
- Email address
- Company name (optional)
- Startup stage (optional)
- Message (optional)
Lawful basis: Legitimate interest (responding to your enquiry) and, where applicable, your consent.
Analytics data (only with your consent)
If you accept analytics cookies, we collect anonymised usage data such as pages visited, time on site, referral source, device type, and approximate location (country level). We do not collect personally identifiable information through analytics.
Lawful basis: Consent. Analytics data is only collected after you explicitly accept cookies via our consent banner.
Data we do not collect
We do not collect payment information, government IDs, or sensitive personal data through our website. We do not run advertising or remarketing campaigns.
3. Cookies and tracking
We use cookies and similar technologies on our website. Non-essential cookies are only set after you give consent via the cookie banner that appears on your first visit.
| Cookie / Technology | Provider | Purpose | Type | Duration |
|---|---|---|---|---|
_ga |
Google Analytics | Distinguish unique visitors | Analytics (requires consent) | 2 years |
_ga_G-FZZY5ZVNZ2 |
Google Analytics | Maintain session state | Analytics (requires consent) | 2 years |
| Vercel Web Analytics | Vercel | Page view and performance metrics | Analytics (requires consent) | Session |
| Vercel Speed Insights | Vercel | Core Web Vitals measurement | Analytics (requires consent) | Session |
ventra_consent |
Ventra (localStorage) | Remember your cookie preference | Strictly necessary | Persistent |
Managing your preferences
You can change your cookie preferences at any time by clicking Manage Cookies in the footer of any page. This will clear your stored preference and re-show the consent banner.
4. Third-party data processors
We use the following third-party services that may process your data:
| Processor | Purpose | Data processed | Location |
|---|---|---|---|
| Supabase (EU) | Database and backend | Contact form submissions | EU (eu-north-1, Stockholm) |
| Vercel | Website hosting, analytics | IP address, page views, performance data | Global CDN (primary US/EU) |
| Google Analytics | Website analytics | Anonymised usage data (with consent only) | US (under EU-US Data Privacy Framework) |
| Google Fonts | Font delivery | IP address (on font load) | Global |
5. Data transfers outside the EU/EEA
Some of our processors are based in the United States. Where data is transferred outside the EU/EEA, we rely on:
- The EU-US Data Privacy Framework (for Google)
- Standard Contractual Clauses (SCCs) where applicable
- Vercel's Data Processing Agreement
- Supabase's Data Processing Agreement
Our Supabase database is hosted in the EU (Stockholm, eu-north-1), so contact form data remains within the EU.
6. Data retention
- Contact form data: Retained for as long as necessary to respond to your enquiry and maintain the business relationship, or until you request deletion.
- Analytics data: Google Analytics data is automatically deleted after 14 months. Vercel analytics data is retained per Vercel's standard retention period.
- Consent preference: Stored in your browser's localStorage indefinitely, or until you clear browser data or click "Manage Cookies".
7. Your rights
Under the GDPR and applicable data protection laws, you have the right to:
- Access the personal data we hold about you
- Rectify inaccurate personal data
- Erase your personal data ("right to be forgotten")
- Restrict or object to certain processing
- Data portability — receive your data in a structured, machine-readable format
- Withdraw consent at any time (for analytics — use "Manage Cookies" in the footer)
- Lodge a complaint with your national data protection authority
To exercise any of these rights, email us at hello@ventra.me. We will respond within 30 days.
8. Security
We implement appropriate technical and organisational measures to protect your data, including:
- HTTPS encryption on all pages
- HTTP Strict Transport Security (HSTS)
- Content Security Policy (CSP) headers
- Row-Level Security (RLS) on our Supabase database
- Spam protection on form submissions
9. Children
Our website is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has submitted data through our contact form, please email us and we will delete it promptly.
10. Changes to this policy
We may update this privacy policy from time to time. Changes will be posted on this page with an updated "Last updated" date. For material changes, we will display a notice on our website.
Last updated: 6 April 2026