Privacy Policy

Effective Date: February 19, 2026 Last Updated: February 19, 2026 Version: 1.0

TL;DR — Summary

What you need to know

  • We collect only the information you voluntarily provide through our contact and inquiry forms, plus limited technical data collected automatically when you visit our website.
  • We never sell, rent, or trade your personal information to third parties for their own marketing purposes.
  • We use your data solely to respond to your inquiries, provide advisory services, improve our website, and comply with legal obligations.
  • Data subjects in the EU/EEA have full GDPR rights: access, erasure, portability, objection, and more. California residents have equivalent rights under the CCPA.
  • We retain inquiry data for up to 3 years and apply industry-standard security measures including SSL/TLS encryption and strict access controls.
  • For privacy questions, contact us at privacy@aureoncapital.net.

01. Introduction & Data Controller

Aureon Capital LLC ("Aureon Capital," "we," "us," or "our") is committed to protecting your personal information and your right to privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you visit our website at aureoncapital.net (the "Site") or interact with us in connection with our advisory services.

Please read this policy carefully. If you disagree with its terms, please discontinue use of the Site. This policy applies to all information collected through our Site and any related services, sales, marketing, or events.

Data Controller

Aureon Capital LLC

30 N Gould St Ste R

Sheridan, WY 82801

United States of America

Email: info@aureoncapital.net

Privacy inquiries: privacy@aureoncapital.net

For purposes of the General Data Protection Regulation (GDPR) and applicable EU member-state data protection law, Aureon Capital LLC acts as the data controller for personal data collected through this Site. Where we use third-party service providers to process data on our behalf, those providers act as data processors subject to our instructions and applicable data processing agreements.

02. Information We Collect

We collect information in two primary ways: information you provide to us directly, and information collected automatically when you interact with the Site.

Information You Provide Directly

When you complete a contact form, request an advisory session, or otherwise communicate with us, you may provide:

  • Identity data: your full name or business contact name.
  • Contact data: email address, phone number (if voluntarily provided).
  • Professional data: company name, job title, industry sector.
  • Inquiry details: the nature of your advisory need, project scope, or any other information you choose to include in your message.
  • Correspondence: records of emails or other communications you send to us.

We do not request or store sensitive personal data such as government identification numbers, financial account details, health information, or biometric data through this Site.

Information Collected Automatically

When you visit the Site, certain technical information is collected automatically by our servers and third-party analytics tools:

  • Log data: IP address, browser type and version, operating system, referring URLs, pages visited, date and time of visits, time spent on pages, and other diagnostic data.
  • Device data: device type, screen resolution, and language preferences.
  • Usage data: clickstream data, scroll depth, and interaction events (e.g., button clicks, form abandonment).
  • Cookies and similar technologies: session cookies, persistent cookies, and local storage identifiers. See Section 10 and our full Cookie Policy for details.

Automatically collected data is generally aggregated and used in pseudonymous or anonymous form for analytical purposes. It is not ordinarily used to identify individual users unless required by law enforcement or in connection with a security investigation.

03. How We Use Your Information

We use the personal information we collect for the following purposes, relying on appropriate legal bases (described in Section 4):

  • Responding to inquiries: to review and respond to your requests for information, advisory sessions, or proposals submitted through our contact form or via email.
  • Service delivery: to fulfill engagements entered into with clients, including sending engagement-related correspondence and documentation.
  • Relationship management: to maintain accurate records of interactions, follow up on outstanding inquiries, and manage our business relationships.
  • Website improvement: to analyze how visitors use the Site, identify technical issues, optimize content and user experience, and conduct A/B testing.
  • Security and fraud prevention: to monitor and protect against unauthorized access, fraudulent activity, abuse of the Site, and other harmful conduct.
  • Legal compliance: to comply with applicable laws, regulations, legal processes, or enforceable government requests, including tax obligations, anti-money laundering (AML), and know-your-customer (KYC) requirements applicable to our advisory activities.
  • Communications: to send administrative or operational notices related to the Site or our services (e.g., changes to this policy, service interruptions).

We do not engage in automated decision-making or profiling that produces significant legal or similarly significant effects on individuals through this Site.

04. Legal Basis for Processing

For visitors and clients located in the European Economic Area (EEA) and the United Kingdom, we process personal data only where we have a valid legal basis under the GDPR (Article 6). The legal bases we rely on are:

  • Consent (Art. 6(1)(a)): Where you have freely given, specific, informed, and unambiguous consent, such as when you opt into analytics cookies or subscribe to communications. You may withdraw consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
  • Contract performance (Art. 6(1)(b)): Where processing is necessary to perform a contract to which you are a party or to take steps at your request prior to entering into a contract. This applies to processing related to advisory engagements and responding to service inquiries.
  • Legal obligation (Art. 6(1)(c)): Where processing is necessary to comply with a legal obligation to which we are subject, including applicable Wyoming state law, US federal law, tax regulations, and financial reporting obligations.
  • Legitimate interests (Art. 6(1)(f)): Where processing is necessary for the purposes of our legitimate interests or those of a third party, provided such interests are not overridden by your fundamental rights and freedoms. Our legitimate interests include operating and improving the Site, protecting against fraud and security threats, communicating with prospective clients, and maintaining business records.

Where we process special categories of personal data (which we do not anticipate through routine Site use), we would rely on explicit consent or another applicable condition under Article 9 GDPR.

05. Sharing Your Information

We do not sell, rent, lease, or trade your personal information to any third party for their own commercial purposes. We share information only in the following limited circumstances:

Service Providers (Data Processors)

We engage carefully vetted third-party service providers who process personal data on our behalf and subject to our instructions. These include:

  • Web hosting and infrastructure providers: our Site is hosted on secure cloud infrastructure that may process server log data and form submission data.
  • Email and communication tools: providers used to receive and send inquiry responses and service-related communications.
  • Analytics platforms: tools used to collect aggregated, pseudonymized data about Site traffic and user behavior.
  • Document and CRM management: platforms used to store engagement correspondence and client records securely.

All service providers are bound by data processing agreements that restrict their use of your data to the purposes for which it was shared and require them to implement appropriate security measures.

Legal Requirements and Protection of Rights

We may disclose personal data if we believe in good faith that such disclosure is necessary to: (a) comply with applicable law, regulation, legal process, or governmental request; (b) enforce our Terms of Service or other agreements; (c) protect the rights, property, or safety of Aureon Capital, our clients, or the public; or (d) detect, prevent, or address fraud, security, or technical issues.

Business Transfers

In the event of a merger, acquisition, reorganization, dissolution, or sale of all or a portion of our assets, personal data held by us may be transferred as part of that transaction. We will provide notice before any such transfer and before your personal data becomes subject to a different privacy policy.

06. International Data Transfers

Aureon Capital LLC is headquartered in the United States. If you are located outside the United States, including within the European Economic Area (EEA), the United Kingdom, or Switzerland, please be aware that your personal data will be transferred to and processed in the United States, which may not provide the same level of data protection as your home jurisdiction.

Where transfers of personal data from the EEA or UK to the United States or other third countries are required, we rely on appropriate safeguards to ensure your data remains protected at a standard equivalent to that required within the EEA, including:

  • Standard Contractual Clauses (SCCs): We incorporate the European Commission's Standard Contractual Clauses (Module Two: Controller to Processor) into our data processing agreements with relevant service providers, ensuring contractual obligations consistent with GDPR Chapter V requirements.
  • Adequacy decisions: Where the European Commission has issued an adequacy decision for the destination country, we rely on such decision as the basis for transfer.
  • UK International Data Transfer Agreements (IDTAs): For transfers originating from the United Kingdom, we use the UK IDTA or the UK Addendum to the EU SCCs as applicable.

You may request a copy of the specific safeguards applicable to your data by contacting us at privacy@aureoncapital.net.

07. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, to comply with legal obligations, resolve disputes, and enforce our agreements. Our specific retention periods are:

  • Inquiry and contact data: Information submitted through our contact form or received via email is retained for 3 years from the date of last meaningful interaction. Thereafter, records are securely deleted or anonymized unless a client relationship has been established.
  • Client engagement records: Where an advisory engagement has been formalized, we retain related correspondence, contracts, and deliverables for 7 years from the end of the engagement, in accordance with applicable US tax law, financial recordkeeping obligations, and potential statute of limitations for professional liability claims.
  • Website analytics data: Aggregated and pseudonymous analytics data is retained for 26 months (approximately 2 years) in accordance with analytics platform best practices and to support year-over-year trend analysis.
  • Cookie data: Session cookies expire when you close your browser. Persistent cookies are retained for the duration set out in our Cookie Policy, generally not exceeding 13 months.
  • Legal and compliance records: Records maintained to satisfy legal, regulatory, or tax obligations are retained for the period required by the applicable law, which may be up to 7 years or longer in certain jurisdictions.

Upon expiry of applicable retention periods, personal data is securely deleted, destroyed, or anonymized such that it can no longer be associated with an identified or identifiable individual.

08. Your Rights (GDPR & CCPA)

Depending on your location, you may have specific legal rights regarding your personal data. We honor these rights regardless of whether they are technically required under the law of your jurisdiction, subject to applicable exceptions.

Right of Access

Request a copy of the personal data we hold about you and information about how we process it.

Right to Rectification

Request correction of any inaccurate or incomplete personal data we hold about you.

Right to Erasure

Request deletion of your personal data where there is no compelling legal reason for us to continue processing it ("right to be forgotten").

Right to Data Portability

Receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller.

Right to Object

Object to processing of your personal data where we rely on legitimate interests or public interest as the legal basis.

Right to Restrict Processing

Request that we limit the processing of your personal data in certain circumstances, such as while a dispute is being resolved.

Withdraw Consent

Where processing is based on consent, withdraw it at any time without affecting lawfulness of prior processing.

Right to Complain

Lodge a complaint with a supervisory authority, particularly in your EU/EEA member state of habitual residence or place of work.

California Residents (CCPA/CPRA)

California residents have the right to know what personal information we collect and how it is used or shared; the right to delete personal information (subject to certain exceptions); the right to opt out of the sale or sharing of personal information (we do not sell or share personal information for cross-context behavioral advertising); and the right to non-discrimination for exercising any of these rights.

How to Exercise Your Rights

To exercise any of the above rights, submit a written request to privacy@aureoncapital.net. We will respond within 30 days (or within the statutory period required by applicable law). We may need to verify your identity before processing your request. We will not charge a fee for processing your request unless it is clearly unfounded or excessive.

09. Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, accidental loss, destruction, alteration, or disclosure. These measures include:

  • Encryption in transit: All data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security) 1.2 or higher. Our Site is served exclusively over HTTPS.
  • Access controls: Personal data is accessible only to personnel who have a legitimate business need. Access is governed by role-based permissions, and all administrative access requires multi-factor authentication.
  • Data minimization: We collect and retain only the personal data that is strictly necessary for the stated purposes.
  • Vendor security standards: We require all third-party processors to maintain security standards consistent with or exceeding our own and to report any personal data incidents promptly.
  • Regular review: Our security practices are reviewed periodically to address evolving threats and to incorporate improvements.

In the event of a personal data breach that is likely to result in a risk to the rights and freedoms of natural persons, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR Article 33. Where the breach is likely to result in a high risk to individuals, we will also notify affected individuals without undue delay.

While we implement industry-standard security safeguards, no electronic transmission or storage system is 100% secure. If you believe your interaction with us is no longer secure, please contact us immediately at privacy@aureoncapital.net.

10. Cookies

Our Site uses cookies and similar tracking technologies to enhance your browsing experience, analyze traffic, and understand visitor behavior. A cookie is a small text file placed on your device when you visit a website. Some cookies are strictly necessary for the Site to function, while others are optional and require your consent.

We use the following categories of cookies:

  • Essential cookies: Required for basic Site functionality such as navigation and security. These cannot be disabled.
  • Analytics cookies: Used to collect aggregated, pseudonymous data about how visitors use the Site. These are only set with your consent.
  • Preference cookies: Remember your settings and preferences (such as cookie consent choices) to provide a more personalized experience.

You can manage your cookie preferences at any time through the cookie preference center on our Site or by adjusting your browser settings. Note that disabling certain cookies may affect the functionality of the Site.

For detailed information about the specific cookies we use, their duration, and how to control them, please refer to our full Cookie Policy.

11. Children's Privacy

The Site and our advisory services are intended for business professionals and are not directed to individuals under the age of 16 (or the equivalent minimum age in the applicable jurisdiction). We do not knowingly collect personal data from children under 16.

If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us at privacy@aureoncapital.net and we will take steps to delete such information promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our data processing practices, legal requirements, or operational needs. When we make material changes, we will update the "Last Updated" date at the top of this page and, where appropriate, notify you by email or by placing a prominent notice on our Site.

We encourage you to review this policy periodically to stay informed about how we are protecting your information. Your continued use of the Site after the posting of changes constitutes your acknowledgment of the modified policy.

Previous versions of this policy can be requested by contacting us at privacy@aureoncapital.net.

13. Contact & Data Protection Officer

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please do not hesitate to contact us. We aim to respond to all privacy-related inquiries within 30 days.

Privacy & Data Protection Inquiries

Email: privacy@aureoncapital.net

General Contact

Email: info@aureoncapital.net

Postal Address

Aureon Capital LLC

Attn: Privacy Team

30 N Gould St Ste R

Sheridan, WY 82801, USA

If you are located in the European Economic Area and are not satisfied with our response, you have the right to lodge a complaint with your local supervisory authority. A list of EU data protection authorities is available at edpb.europa.eu.