Last updated: April 29, 2026
We collect only what we need to make thru. work well for you. We don't sell your data. We don't share it with advertisers. Your cap table and investor records are yours — we use them only to power the features you asked for. That's the spirit of everything below.
When you sign up or join our waitlist, we ask for your name and email. That's it. When you use the Platform, you may upload cap table files containing investor information — we use those records solely to provide the enrichment and insights you're asking for.
We also collect basic usage information (like which features you use) to help us improve the product over time. This is aggregated and never tied to individual behavior in a way that could concern you.
We use your information to run the Platform — processing your uploads, surfacing insights about your investor network, sending you emails you've asked for (like waitlist confirmations or investor updates), and keeping your account secure. That's it. We never use your data for advertising or to build profiles outside of what the Platform shows you.
The cap table you upload is sensitive — we know that. We take it seriously. Your investor records are stored securely, processed only on your behalf, and never shared with or sold to third parties. When enrichment queries are made to surface additional information about investors, we do so using publicly available data sources and handle those queries with care.
You're responsible for ensuring you have the appropriate rights to upload and process the personal information of individuals in your cap table — but if you're a founder using your own cap table data, you're almost certainly fine.
We use industry-standard security practices to protect your data — encrypted connections, access controls, and secure cloud infrastructure. Authentication is handled with care so we never store raw passwords. We regularly review our practices to make sure your data stays protected.
Like most modern software, thru. is built on a stack of trusted infrastructure providers — for hosting, authentication, email, and data storage. We work only with reputable services and share the minimum amount of information needed for them to do their job. None of these providers have access to your full data, and none of them are permitted to use it for their own purposes.
We use cookies that are necessary to keep you logged in and the Platform running. We also use a small number of analytics tools to understand how visitors find and use our site so we can improve it: Vercel Analytics (privacy-friendly page-view metrics), the LinkedIn Insight Tag (lets us measure the effectiveness of LinkedIn campaigns and shows aggregated audience information), and Google Tag Manager with Google Analytics (lets us understand site usage and measure marketing performance). Advertising cookies are set to denied by default and only load if you grant consent. These tools may share visit data with their respective providers, each governed by their own privacy policy. If you'd rather not be tracked, most browsers let you block third-party cookies, you can opt out of LinkedIn ad targeting in your LinkedIn settings, and you can opt out of Google Analytics using the Google Analytics Opt-out Browser Add-on.
We keep your data for as long as your account is active. If you ever want to delete your account and all associated data, just email us and we'll take care of it within 30 days — no questions asked.
You have the right to access, correct, or delete any personal data we hold about you. If you're in the EU or California, additional rights may apply under GDPR or CCPA. Regardless of where you are, we'll always do our best to honour reasonable requests. Just reach out.
If we make meaningful changes to how we handle your data, we'll let you know before they take effect. We won't quietly update things that matter.
Privacy questions, data requests, or just want to know more? We're happy to talk. Email us at joey@comethru.co and a real person will respond.