Privacy Policy

BA Capital Fund I LP, a Florida limited partnership doing business as “Badass Capital” (the “Fund,” “we,” “us,” or “our”), respects the privacy of visitors to its website located at badasscapital.ai (the “Website”). This Privacy Policy describes the categories of personal information we collect through the Website, how we use and protect that information, and the rights you have with respect to your personal information.

By accessing or using the Website, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree, please do not access or use the Website.

1. Who We Are

The data controller for personal information processed in connection with the Website is:

2. Scope of This Policy

This Privacy Policy applies only to information collected through the Website. It does not apply to information collected through any offline channel, separate offering or subscription documents (which are governed by their own terms), or third-party websites that may be linked from the Website. The Website is intended solely as an informational resource and does not enable the purchase of any product, the creation of any user account, or the submission of any personal data through forms hosted by us.

3. Information We Collect

3.1 Information Collected Automatically

When you visit the Website, our service providers automatically collect certain technical information from your device and browser, including:

• Internet Protocol (IP) address. Used to route traffic, prevent abuse, and detect security threats.
• Browser type and version, operating system, and device identifiers. Used to render the Website correctly across different devices.
• Referring URL, pages visited, and timestamps. Logged at the server and content-delivery layer for security and operational purposes.
• Approximate geographic location derived from IP address. Used solely to apply appropriate legal and regulatory restrictions on access.

This information is collected through standard web server logs and through our content delivery network and security provider, Cloudflare, Inc. (“Cloudflare”). We do not use the Website to deploy analytics tools, advertising tags, social-media pixels, or behavioral tracking technologies.

3.2 Information You Provide

The Website does not host any forms, account-creation flows, or other interactive submission features. If you choose to contact us via the email address displayed on the Website, the information you transmit to us — including your name, email address, message contents, and any attachments — will be processed through our email provider, Google LLC (“Google Workspace”). Such information will be processed solely for the purposes of responding to your inquiry, maintaining records of our communications, and complying with applicable legal and regulatory recordkeeping obligations. We do not use email correspondence for marketing, profiling, or any unrelated purpose, and we do not share such correspondence with any third party except as expressly permitted under Section 7.

4. Cookies and Similar Technologies

A cookie is a small text file placed on your device when you visit a website. The Website itself does not place any first-party cookies on your device. However, our service providers may place a limited number of cookies that are strictly necessary to deliver the Website to you and protect it from abuse, including:

• Cloudflare bot-management cookies (e.g., __cf_bm). Used to distinguish humans from automated traffic and protect against abusive bots; typically expire within 30 minutes.
• Cloudflare security cookies (e.g., cf_clearance). Used to verify that visitors have completed a security challenge; typically expire within 30 days.

These cookies are classified as “strictly necessary” under applicable law because the Website cannot function securely without them. We do not use cookies for analytics, advertising, profiling, or any other non-essential purpose. Because we do not use non-essential cookies, we do not display a cookie consent banner. If we later introduce non-essential cookies, we will update this Privacy Policy and obtain consent where required by law.

You can configure your browser to block or delete cookies at any time. Blocking strictly necessary cookies may prevent the Website from functioning properly.

5. How We Use Information

We use the limited personal information collected through the Website for the following purposes:

• Operating, maintaining, securing, and improving the Website;
• Preventing, detecting, and responding to fraud, abuse, security threats, and violations of our Terms of Use;
• Responding to your inquiries and communications;
• Complying with applicable laws, regulations, court orders, and lawful requests from governmental authorities; and
• Establishing, exercising, or defending legal claims.

We do not sell personal information. We do not use personal information for automated decision-making that produces legal or similarly significant effects.

6. Legal Bases for Processing (EEA, UK, and Switzerland)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, we rely on the following legal bases under the General Data Protection Regulation (“GDPR”), the UK GDPR, and the Swiss Federal Act on Data Protection (“FADP”):

• Legitimate interests (Art. 6(1)(f) GDPR). To secure the Website, prevent abuse, respond to inquiries, and conduct ordinary business operations. We have assessed that these interests are not overridden by your fundamental rights and freedoms given the limited scope of processing.
• Consent (Art. 6(1)(a) GDPR). Where you initiate contact with us, you consent to our processing of the personal information you transmit for the purpose of responding to you.
• Compliance with legal obligations (Art. 6(1)(c) GDPR). Where we are required to retain or disclose personal information to comply with applicable law.

7. How We Share Information

We do not sell, rent, or trade personal information. We share personal information only as follows:

• Service providers and processors. We engage the following third parties to operate the Website and the Fund’s communications. Each is bound by contractual obligations limiting the use of personal information to the services it provides:
  • Cloudflare, Inc. — content delivery network, security, bot management, and DNS.
  • Google LLC — email hosting (Google Workspace).
• Professional advisors. Including counsel, accountants, auditors, and compliance professionals, where reasonably necessary and subject to professional confidentiality obligations.
• Legal compliance and protection. Where required to comply with applicable law, respond to lawful requests from public authorities, enforce our Terms of Use, or protect our rights, property, or safety, or those of others.
• Business transactions. In connection with any reorganization, dissolution, or similar event affecting the Fund or its General Partner, subject to applicable law.

8. International Data Transfers

We are based in the United States, and our service providers operate globally. Personal information collected through the Website may be transferred to, stored in, and processed in the United States and other countries that may not provide the same level of data protection as your country of residence.

Where we transfer personal information from the EEA, the United Kingdom, or Switzerland to a third country that has not received an adequacy decision, we rely on appropriate safeguards, including the Standard Contractual Clauses approved by the European Commission and equivalent UK and Swiss mechanisms, supplemented by additional measures where required. You may request a copy of the relevant safeguards by contacting us at the address above.

9. Data Retention

We retain personal information only for as long as reasonably necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, regulatory, or reporting requirements. In general:

• Server logs and security records: retained for up to ninety (90) days, except where a longer retention period is required for security investigations or legal compliance.
• Email correspondence: retained for the duration of the relationship and for such additional period as is reasonably necessary to address potential disputes or comply with our regulatory and recordkeeping obligations.

When personal information is no longer required, we will delete, anonymize, or securely destroy it.

10. Your Rights

10.1 EEA, UK, and Swiss Residents

Subject to applicable law, you have the right to:

• Request access to the personal information we hold about you;
• Request correction of inaccurate or incomplete personal information;
• Request erasure of your personal information;
• Request restriction of processing or object to processing;
• Request portability of personal information you have provided to us;
• Withdraw consent at any time, where processing is based on consent (without affecting the lawfulness of processing prior to withdrawal); and
• Lodge a complaint with the data protection authority in the EU member state, the UK, or Switzerland where you reside, work, or where the alleged infringement occurred.

10.2 California Residents

Under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, “CCPA”), California residents have the right to:

• Know the categories and specific pieces of personal information we have collected about them;
• Know the categories of sources, the business or commercial purpose for collecting personal information, and the categories of third parties with whom we share personal information;
• Request deletion of personal information, subject to certain exceptions;
• Request correction of inaccurate personal information;
• Opt out of the sale or sharing of personal information (we do not sell or share personal information as those terms are defined under the CCPA); and
• Be free from discrimination for exercising their privacy rights.

10.3 Other U.S. State Residents

Residents of Colorado, Connecticut, Virginia, Utah, and other U.S. states with comprehensive privacy laws may have similar rights with respect to their personal information. To exercise any of these rights, please contact us using the information provided in Section 14.

10.4 How to Exercise Your Rights

To exercise any of the rights described above, please contact us at mark@badasscapital.ai. We will respond within the timeframe required by applicable law. We may request information necessary to verify your identity before fulfilling your request. You may authorize an agent to make a request on your behalf, in which case we may require proof of authorization.

11. Security

We implement reasonable administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, disclosure, alteration, and destruction. These include the use of HTTPS encryption for all Website traffic, access controls on our service-provider accounts, and contractual confidentiality obligations with our service providers. No method of transmission over the internet or method of electronic storage is, however, fully secure, and we cannot guarantee absolute security.

12. Children’s Privacy

The Website is intended solely for adult professional investors, financial intermediaries, and their advisors. The Website is not directed to, nor do we knowingly collect personal information from, individuals under eighteen (18) years of age. If you believe a minor has provided personal information through the Website, please contact us and we will promptly take steps to delete such information.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, applicable law, or for other operational, legal, or regulatory reasons. The “Effective Date” at the top of this policy indicates when it was last revised. Material changes will be communicated by posting the updated policy on the Website. Your continued use of the Website following any such changes constitutes your acceptance of the revised policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at: