← Back to STG-3

Privacy Policy

Last updated: 14 July 2026

1. Who we are

This Privacy Policy explains how STG-3 (operating the member platform at portal.stg-3.com, "STG-3," "we," "us") collects, uses, and protects personal data of members and prospective members of the STG-3 executive community for RWA tokenization and stablecoins.

Data controller: Ziv Keinan Ltd., registered at Haarba St. For any privacy question or request, contact ziv@zivkeinan.com.

2. What we collect

We collect the following categories of personal data:

  • Account and profile data: full name, email address, job title, firm/company, company category, country/region, LinkedIn URL, Telegram handle, profile photo, biography, focus areas, and the "currently offering," "currently need help with," and "seeking connections" fields you choose to fill in.
  • Membership data: application details submitted during onboarding (seniority, mandate, why you want to join), approval status, membership tier, badges assigned to your profile, and join date.
  • Usage data: sign-in timestamps, pages visited within the member platform, and interactions with the directory (e.g. intro requests you send or receive).
  • Communications with Thumper (our AI concierge): the content of conversations you have with Thumper, including any facts Thumper's memory system saves about you or your firm from those conversations (e.g. a fundraise, a job change, what you're looking for).
  • Authentication data: if you sign in with Google or LinkedIn, we receive your name and email from that provider. If you use a magic-link email sign-in, we generate a short-lived login token tied to your email.
  • Communications data: emails we send you (welcome emails, weekly digests, intro-request notifications) and whether you open or click them.

3. How we use your data

  • To operate the member directory and let other approved members find and connect with you.
  • To power Thumper's matching, advisory, and Q&A features, including surfacing relevant members, news, and connections to you and to others.
  • To send you transactional and community emails: sign-in links, approval notifications, weekly digest emails (people worth meeting, pending intro requests, community news), and updates about jobs or events.
  • To facilitate warm introductions between members that you or another member request.
  • To maintain records of prospective and current members in our CRM for community management and, where applicable, sponsorship or partnership relationship management.
  • To improve the platform and understand how it's used.
  • To comply with legal obligations and enforce our Terms of Use.

4. Legal basis for processing

Where GDPR or UK GDPR applies (most of our membership is based in the EU/UK), we process your data on the following bases: performance of a contract (providing the membership service you signed up for), legitimate interests (curating a high-quality professional community, matching members, and sending relevant community updates), and consent (where you explicitly opt in, e.g. to marketing communications or choosing to make certain profile fields visible to other members). You can withdraw consent at any time.

5. Who we share data with

We use the following processors to operate the platform. Each only receives the data it needs to perform its function:

  • Upstash (Redis and Vector database) — stores member profiles, session data, intro requests, digest history, and Thumper's knowledge base and memory.
  • Anthropic (Claude API) — processes the content of your conversations with Thumper to generate responses. Anthropic does not use this data to train its models under our commercial terms.
  • Resend — delivers transactional and digest emails on our behalf.
  • HubSpot — our CRM, used to track members and prospective members and manage relationships (including sponsor/partner relationships).
  • Auth0 — handles Google and LinkedIn social sign-in.
  • Vercel — hosts the platform's application code and infrastructure.

We do not sell your personal data. We share it with other members only in the ways the platform's features describe (e.g. your profile is visible in the directory to signed-in members; your email is never shown to other members — introductions are always brokered).

6. International transfers

Some of our processors (including Anthropic and Vercel) are based in or process data in the United States. Where we transfer personal data outside the UK/EEA, we rely on appropriate safeguards such as Standard Contractual Clauses, or the processor's own certified compliance mechanisms.

7. Data retention

We retain your profile data for as long as you remain a member, and for a reasonable period after (up to 24 months) in case you rejoin or for legitimate record-keeping. Chat history with Thumper is retained to preserve your conversation history and community memory. You can request deletion at any time — see Section 9.

8. Cookies and similar technologies

We use a single essential session cookie to keep you signed in. We do not currently use third-party advertising or analytics cookies. Email opens and link clicks in our digest emails are tracked via standard email-analytics techniques (a tracking pixel and click-through links) so we can measure whether the digest is useful — this data is not shared outside STG-3.

9. Your rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data (you can also edit most of this yourself in My Profile).
  • Request deletion of your data ("right to be forgotten").
  • Object to or restrict certain processing.
  • Receive a portable copy of your data.
  • Withdraw consent at any time where processing is based on consent.
  • Lodge a complaint with your local data protection authority.

To exercise any of these rights, email ziv@zivkeinan.com.

10. Children's privacy

STG-3 is a professional community for senior executives and is not directed at, or intended for use by, anyone under 18.

11. Security

We use industry-standard measures to protect your data, including encrypted connections (HTTPS) for all platform traffic, access-controlled admin functions, and session-based authentication. No system is perfectly secure, and we encourage you to use a unique password with your email or social login provider.

12. Changes to this policy

We may update this policy as the platform evolves. Material changes will be communicated to members by email or an in-platform notice. The "last updated" date at the top of this page always reflects the current version.

13. Contact

Questions about this policy or your data: ziv@zivkeinan.com.