Privacy Policy Effective Date: March 14, 2026

ENTREPID® is operated by VIA Consulting Group and is committed to protecting your privacy and the privacy of the communities we serve.

1. Overview

This Privacy Policy describes how we collect, use, store, disclose, and protect personal information in connection with your use of the ENTREPID® platform located at www.goentrepid.com and any affiliated services (collectively, the “Platform”).

This Privacy Policy applies to all users of the Platform, including individual members, organizational administrators, community partners, and visitors. By accessing or using the Platform, you agree to the collection and use of information in accordance with this Policy. If you do not agree, please do not use the Platform or provide us with your personal information.

All approved ecosystem partners operate under strict contractual data governance obligations consistent with this Privacy Policy.

ENTREPID® is based in the United States. Any personal information collected through the Platform is transferred to and maintained in the United States and is subject to U.S. law as described in this Privacy Policy.

2. Information We Collect

2.1 Information You Provide Directly

When you register for an account, participate in a community program, or interact with the Platform, we may collect:

• Account information: name, email address, phone number, mailing address, date of birth
• Professional and demographic information relevant to program eligibility or community participation
• User-generated content: posts, comments, submissions, and feedback you provide through the Platform
• Payment information: processed exclusively by authorized third-party payment processors; ENTREPID® does not store full payment card details
• Communications: emails, support requests, and correspondence sent to ENTREPID®

2.2 Information Collected Automatically

When you visit or use the Platform, we automatically collect certain technical information, including:

• IP address and approximate geographic location
• Browser type, operating system, and device identifiers
• Pages visited, time spent on the Platform, and navigation patterns
• Referring website or source that directed you to the Platform
• Log files, session data, and usage analytics

2.3 Cookies and Tracking Technologies

We use cookies, pixels, and similar tracking technologies to personalize your experience, maintain session state, analyze usage trends, and improve the Platform. You may configure your browser to decline cookies; however, doing so may limit your access to certain Platform features. We do not use tracking technologies for cross-site behavioral advertising without your explicit consent.

2.4 Community-Level Data

ENTREPID® collects and aggregates data at the community and program level to support analytics, reporting, and outcome measurement. In accordance with our data sovereignty principles, aggregated community data is governed by the applicable community data agreement and is not used for purposes beyond those agreed upon with the authorized community representative.

3. How We Use Your Information

We use the information we collect to:

• Create and manage your account and authenticate your identity
• Deliver the services, programs, and features you request through the Platform
• Match you with community opportunities, organizations, and resources relevant to your interests
• Send transactional communications, including account confirmations, security alerts, and service updates
• Send program alerts and opportunity notifications based on your preferences (you may opt out at any time)
• Analyze usage patterns to improve Platform performance, features, and community outcomes
• Comply with legal obligations, respond to regulatory inquiries, and enforce our Terms of Use
• Support federal program reporting and outcome measurement requirements where applicable
• Protect the security and integrity of the Platform, including fraud detection and incident response

4. Legal Basis for Processing (Where Applicable)

Where required by applicable law (including GDPR for users in the European Economic Area), we process your personal information on the following legal bases:

5. Data Sharing and Disclosure

5.1 Approved Ecosystem Platform Partners

Data shared within the ENTREPID® Platform is shared exclusively with approved vendor platforms that operate as integral components of the ENTREPID® ecosystem. There are no outside vendors that receive your data. Every platform partner — including infrastructure providers such as Microsoft Azure, payment processing platforms, analytics tools, and support systems — has been reviewed, approved, and operates under strict contractual data governance obligations. These approved ecosystem partners are prohibited from using your data for any purpose beyond their designated function within the ENTREPID® Platform. Your data does not leave the ENTREPID® ecosystem.

5.2 Community Partners

Where sharing is necessary to deliver the services you have requested, relevant profile information may be shared with community partners, nonprofit organizations, or service providers operating within your designated community ecosystem on the ENTREPID® Platform. All such partners operate within the ENTREPID® approved ecosystem framework and are subject to the same data governance standards. You will be informed of such sharing at the point of enrollment.

5.3 Legal and Regulatory Disclosure

We may disclose your information without prior notice when required or permitted by law, including:

• In response to valid legal process (subpoenas, court orders, or government requests)
• To protect the rights, safety, or property of ENTREPID®, our users, or the public
• In connection with an investigation of fraud, security breaches, or violations of our Terms of Use
• In connection with a corporate transaction such as a merger, acquisition, or sale of assets

5.4 Federal Program Reporting

ENTREPID® operates under federal Authorization to Operate (ATO) and may be required to produce program-level data reports for federal agency partners. Such reporting is governed by applicable data use agreements and is limited to the minimum necessary information required to fulfill reporting obligations. Individual identifying information is anonymized or aggregated wherever possible.

5.5 No Sale of Personal Information and No Outside Vendor Access

Data sharing is strictly limited to approved ecosystem platform partners operating within defined, governed boundaries. This commitment is foundational to our community ownership model and data sovereignty principles.

6. Data Security

ENTREPID® implements enterprise-grade security measures consistent with its Zero Trust architecture certification and Federal ATO, including:

• End-to-end encryption for data in transit and at rest
• Role-based access control (RBAC) with least-privilege principles
• Multi-factor authentication and session management
• Continuous monitoring, intrusion detection, and incident response protocols
• Periodic third-party security assessments and penetration testing

While we implement robust security measures, no system can guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials and for immediately notifying us of any suspected unauthorized access.

7. Children’s Privacy

ENTREPID® does not knowingly collect or solicit personal information from children under the age of 13. If we learn that we have inadvertently collected personal information from a child under 13 without verifiable parental consent, we will promptly delete that information. If you believe we may have collected information from a child under 13, please contact us immediately at contact@goentrepid.com.

Users between ages 13 and 17 may access limited Platform features only with documented parental or legal guardian consent, as described in our Terms of Use.

8. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Criteria for determining retention periods include:

• The duration of your active account and participation in community programs
• Legal, regulatory, and contractual obligations, including federal program requirements
• Legitimate business purposes such as fraud prevention and platform security

Upon account deletion, we will delete or anonymize your personal information within 90 days, except where retention is required by law or necessary for the resolution of disputes.

9. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights with respect to your personal information:

To exercise any of these rights, please contact us at contact@goentrepid.com. We will respond to verified requests within 30 days (or as required by applicable law). We may require identity verification before processing your request.

10. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), including the right to know, delete, and opt out of the sale or sharing of your personal information. ENTREPID® does not sell or share personal information for cross-context behavioral advertising. To submit a CCPA/CPRA request, contact us at contact@goentrepid.com or via the Platform’s contact form.

11. International Users

The Platform is operated from the United States. If you are accessing the Platform from outside the United States, you acknowledge that your information may be transferred to, stored in, and processed in the United States, where data protection laws may differ from those in your home country. By using the Platform, you consent to such transfer and processing.

12. Third-Party Links

The Platform may contain links to third-party websites or services. This Privacy Policy applies only to the ENTREPID® Platform. We are not responsible for the privacy practices of third-party sites and encourage you to review the applicable privacy policies before providing information to any third party.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or Platform features. We will notify you of material changes by updating the effective date at the top of this Policy and, where appropriate, by sending an in-platform notification or email. Your continued use of the Platform following the posting of changes constitutes your acceptance of the updated Policy.

14. Contact Us

If you have questions, concerns, or requests related to this Privacy Policy or the handling of your personal information, please contact us at:

ENTREPID® | VIA Consulting Group
Email: contact@goentrepid.com
Support: support@goentrepid.zendesk.com
Website: www.goentrepid.com

This Privacy Policy was last revised and is effective as of March 14, 2026.