Your data is never used to train models
We do not use your firm's data to train, fine-tune, or improve any model, our own or a third party's. Your information works for you and no one else.
Private equity runs on confidential information. Deal documents, fund data, and portfolio company records are among the most sensitive assets your firm handles. We built Fundrev so that protecting that information is the foundation everything else sits on.
How we protect your firm
We do not use your firm's data to train, fine-tune, or improve any model, our own or a third party's. Your information works for you and no one else.
Each firm's data is held in its own dedicated environment, separated from every other customer. One firm can never see, reach, or affect another firm's information.
All data is encrypted in transit and at rest using modern, industry-standard encryption. Your information is protected as it moves and as it sits.
We follow least-privilege and zero-trust principles. People and systems are granted only the access required to do their job, and that access is reviewed regularly.
Access to Fundrev is protected by multi-factor authentication and integrates with your existing single sign-on, so your firm keeps control of who gets in.
We engage outside security specialists to run penetration tests and vulnerability scans, and we monitor our systems continuously so issues are caught early.
Behind the scenes
Security is a daily discipline, not a one-time certification. Our team works to formal, documented security policies.
Every change to our systems is tracked and controlled through a managed release process. Staff complete security training and background checks, and we maintain monitoring and alerting so that our platform stays both reliable and protected.
Operational logs are used for debugging and reliability, and are handled so that your sensitive data is never exposed in them.

Compliance
Fundrev is independently audited under SOC 2 Type 2 across all five trust criteria: security, availability, processing integrity, confidentiality, and privacy. Our controls are reviewed by a third-party assurance firm, not self-attested, so you can rely on an outside opinion rather than our word alone.
The same discipline applies to privacy law. We apply the EU's GDPR practices to how we collect, process, and store your firm's data, and our data handling is aligned with the privacy principles set out in the CCPA.