Melatech

Privacy Notice - Investor Data Room

Last updated: June 2026

1. Data controller

Melatech ApS (“Melatech”, “we”, “us”) is the data controller for personal data processed in connection with this investor data room. We are registered in Denmark and headquartered at Trekronergade 126G, 2500 Valby, Denmark.

Our external Data Protection Officer is Unitas Consulting:
Lyshøjen 12, 1. tv. – DK-8520 Lystrup
CVR: 40 97 80 89
gdpr@unitas.consulting

For general privacy-related enquiries, you may also contact us at: support@melatech.io

2. Personal data we collect

When you access this data room, we collect:

  • Account data: email address and login credentials (password stored hashed, never in plaintext).
  • Engagement data: pages viewed, time spent reading each section, scroll depth, and navigation patterns.
  • Download records: which documents you download or export, file size, and whether the file was watermarked.
  • Technical data: IP address, browser user agent, and timestamps.

3. Legal basis for processing

We process your personal data on the basis of legitimate interests (GDPR Article 6(1)(f)): understanding how invited investors engage with confidential materials, protecting against unauthorised disclosure, and managing the fundraise process. This is standard practice for investor data rooms and proportionate given the closed, invite-only nature of the platform.

4. How we use your data

  • Providing and securing access to confidential investor materials.
  • Understanding engagement with the data room (which sections are read, how long investors spend on each page) to inform our fundraise process.
  • Watermarking served documents with your email and a timestamp, so that leaked documents can be traced to their source.
  • Auditing document downloads for confidentiality and compliance purposes.

We do not share your personal data with third parties, use it for marketing, or combine it with data from other sources.

5. Document watermarking

Every PDF served from this data room is watermarked with your email address and the date and time of access. This is a standard confidentiality measure for investor data rooms. The watermark is visible on the document.

6. Cookies and local storage

We use a single session cookie (dr_session) to keep you signed in. This is a strictly necessary cookie required for the data room to function. We do not use marketing cookies, third-party analytics cookies, or tracking pixels. No cookie consent banner is required.

A theme preference is stored in your browser's local storage for display purposes only.

7. Data retention

Engagement and download audit data is retained for the duration of the fundraise process plus 12 months, after which it is deleted. Account credentials are deleted promptly on request or when access is revoked.

8. International transfers

The data room is hosted in the European Union. No personal data is transferred outside the EU/EEA.

9. Your rights

Under GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate personal data.
  • Request deletion of your personal data (right to erasure).
  • Object to or restrict processing.
  • Receive your data in a portable format.
  • Lodge a complaint with the Danish Data Protection Authority (Datatilsynet).

To exercise your rights, contact our DPO at gdpr@unitas.consulting. We will respond within 30 days.

10. Changes to this notice

We may update this privacy notice from time to time. The current version is always available at this URL.