Introduction & Scope
This Investor Privacy Policy ("Policy") applies to all investors, prospective investors, and other individuals who interact with Mighty Investment Group and its platforms, services, and communications. This includes users of our website, investment applications, and any other channels through which we conduct business.
Effective Date: April 24, 2026
Last Updated: April 24, 2026
This Policy is governed by the laws of the United States and applicable state securities laws. Mighty Investment Group complies with regulations established by the Securities and Exchange Commission (SEC), Financial Industry Regulatory Authority (FINRA), and other applicable regulatory bodies. For investors outside the United States, applicable international privacy laws and regulations will apply.
This Policy explains how Mighty Investment Group collects, uses, protects, and handles investor information in accordance with applicable federal and state laws, industry regulations, and best practices in data protection and privacy.
Information We Collect
Identity Information
We collect your full name, email address, phone number, physical mailing address, and beneficial ownership information. We also gather details about your investment experience, risk tolerance, investment preferences, and financial goals to better serve your investment needs.
Financial Information
To facilitate investments and maintain accounts, we collect bank account details, asset valuations, income and net worth documentation, your investment history, and tax identification numbers (including SSN/EIN). This information is collected through investment applications, account setup procedures, and periodic account reviews.
Transactional Information
We maintain records of all investment transactions, account statements, communications related to your investments, payment records, and performance reports. This information is essential for account administration, reporting, and regulatory compliance.
Communication & Usage Data
We collect records of email and telephone communications, website analytics and usage patterns, user preferences and settings, device information, IP addresses, and information about cookies and other tracking technologies used on our platforms. This helps us improve user experience and secure our systems.
Compliance Information
We collect Know Your Customer (KYC) and Anti-Money Laundering (AML) documentation, regulatory forms required by law, beneficial ownership disclosures, accreditation verification documentation, and background check consents to ensure regulatory compliance and prevent fraud.
How We Use Your Information
Investment Administration
We use your information to establish and maintain your investment accounts, process investment transactions, deliver account statements and performance reports, and provide customer service support. This includes responding to inquiries, resolving account issues, and facilitating transfers or distributions.
Regulatory & Compliance
We use your information to meet federal and state legal and regulatory requirements, conduct Know Your Customer (KYC) and Anti-Money Laundering (AML) compliance procedures, prepare tax reporting documents, and monitor for fraud and suspicious activity to protect your account and our platform.
Communication & Notifications
We send investment updates, market insights, policy notifications, important account information, regulatory notices, and responses to your inquiries. These communications help you stay informed about your investments and our services while ensuring compliance with regulatory notification requirements.
Service Improvement
We analyze user behavior and preferences to personalize investment recommendations, improve our platforms and services, conduct research and analytics, and enhance the overall investor experience. This analysis helps us identify trends and optimize our offerings.
Data Security
Encryption & Technical Controls
We employ SSL/TLS encryption for all data transmitted over our platforms and encrypt sensitive data at rest. We require strong password protection, implement multi-factor authentication for account access, and maintain secure infrastructure to prevent unauthorized access to your information.
Access Controls & Personnel
Access to personal information is restricted to employees and contractors on a need-to-know basis. All personnel are required to sign confidentiality agreements, undergo background checks, and receive ongoing security training to ensure they understand their obligations to protect investor data.
Incident Response & Monitoring
We continuously monitor our systems for unauthorized access and security threats. We maintain incident response procedures to quickly address any potential breaches. In the event of a confirmed breach affecting your information, we will notify you in accordance with applicable state and federal notification laws.
Third-Party Security
We require all service providers to maintain comparable security standards, conduct periodic security assessments of our vendors, and include breach notification requirements in our contracts. We regularly evaluate and audit third-party security controls to ensure adequate protection of your information.
Data Retention
Retention Periods by Category
We retain investor account information for the duration of our relationship plus any additional period required by law. Transaction records and account statements are maintained for a minimum of 7 years to comply with SEC and FINRA regulations. Know Your Customer (KYC) and Anti-Money Laundering (AML) documentation is retained for at least 5 years after account closure or the final transaction, in accordance with federal law.
Legal Holds & Exceptions
Information may be retained longer than standard retention periods when required by law, when subject to litigation holds, during regulatory investigations, or for dispute resolution purposes. We maintain a legal hold process to ensure information relevant to pending or reasonably anticipated legal matters is preserved.
Deletion & Destruction
Once the retention period expires, we securely delete or destroy personal information following industry-standard procedures. Secure deletion ensures information cannot be recovered, and physical documents are destroyed through certified document destruction services. We maintain records of data destruction for audit purposes.
Archive & Backup
Information maintained in archives is subject to the same retention and security standards as active data. We maintain secure backups for disaster recovery purposes and retain backup information consistent with our standard retention periods. Backup data is encrypted and stored in secure, geographically distributed locations.
Your Rights & Choices
Access Requests
You have the right to request access to the personal information we hold about you. To submit an access request, contact our Privacy Officer using the information provided below. We will verify your identity and provide you with a copy of your information within 30-45 days of your verified request.
Correction & Amendment
If you believe any information we maintain about you is inaccurate or incomplete, you have the right to request a correction. Please contact us with details of the inaccuracy and supporting documentation. We will review your request and update our records if the information is confirmed to be inaccurate.
Deletion Requests
You may request deletion of your personal information, subject to legal and regulatory requirements. Information required for regulatory compliance, tax reporting, or to complete ongoing transactions will be retained despite deletion requests. We will inform you of any restrictions on deletion when you submit your request.
Opt-Out Options
You may opt out of receiving marketing communications by following the unsubscribe instructions in our emails or by contacting our Privacy Officer. You may also manage your preferences regarding analytics, non-essential cookies, and other data uses through your account settings or by submitting a written request to our Privacy Officer.
Contact & Updates
Privacy Officer Contact
For privacy inquiries, concerns, or to exercise your rights under this Policy, contact our Privacy Officer:
Email: privacy@mightyinvestmentgroup.com
Mailing Address: Mighty Investment Group Privacy Officer, [Address], [City], [State] [ZIP]
We will respond to all privacy inquiries within 10 business days of receipt.
Policy Updates
We may update this Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. Updates will be communicated via email notification, prominent notice on our website, or through other reasonable means. Continued use of our services following notification of changes constitutes acceptance of the updated Policy. The effective date of the updated Policy will be clearly indicated.
Complaints & Escalation
If you believe we have violated your privacy rights or this Policy, you may file a complaint with our Privacy Officer. We will investigate your complaint and respond within 30 days. If you are not satisfied with our response, you may also file a complaint with your state attorney general or other relevant regulatory authority.
Investor Relations Contact
For privacy-related questions specific to your investor account or relationship with Mighty Investment Group, you may also contact our Investor Relations team at investors@mightyinvestmentgroup.com or call [phone number]. Your inquiry will be directed to the appropriate department or escalated to our Privacy Officer if necessary.
Last Updated: April 2026 | Next Review: 2027