Inclusive CapitalInclusive Capital Hub
Sign inGet started
Product
AI Data RoomsAuto-structured & readiness-scoredDeal MatchingExplainable, mandate-basedFinancial ModelingBuild a model without a CFOImpact ReportingTrack & report outcomesVerification & NDAsThree-state deal accessSecurity overviewEnterprise-grade by design
Solutions
For EnterprisesList, build a data room, raiseFor InvestorsAn AI-matched, verified pipelineFor AdvisorsManage your whole bookAgencies & ChambersBulk-ingest your portfolio
Impact Lab
AI Investment LensOur IFC/WBG-aligned EM AI frameworkImpact PartnershipsCo-create blended-finance vehiclesCo-InvestmentInvest alongside aligned capitalDonate for ImpactFund readiness & catalytic capitalTraining & Capacity BuildingWorkshops, playbooks & programs
Company
AboutOur mission & founding teamSecurityHow we protect your dataCareersBuild the missing middle with usContactTalk to our team
Sign inGet started
Security & trust

Security isn't a feature. It's the foundation.

Inclusive Capital handles some of the most sensitive information in a deal — financials, NDAs, and identities. We designed the platform to protect it at every layer, and to align with industry best practices from day one.

How we protect your data

Controls built into the platform

Not bolted on afterwards — access, encryption and auditability are part of the data model itself.

Encryption in transit & at rest

Traffic is served over TLS 1.2+, and data is encrypted at rest by our managed database and storage layer.

Row-level access control

PostgreSQL row-level security enforces who can see each deal and document — by role and by relationship — at the database itself.

NDA-gated data rooms

Documents unlock only after an NDA is executed. Deal access moves through three states: anonymous → mutual interest → NDA executed.

Verification & identity

Enterprises and investors are verified before they transact, so every party on the other side of a deal is who they claim to be.

Immutable audit trail

Sensitive actions are written to an append-only audit record, so there's a tamper-evident history of who did what, and when.

Least-privilege infrastructure

Separate application and owner database roles, isolated secrets, and least-privilege access keep blast radius small by design.

Our practices

Earning trust, continuously

Security is a process, not a checkbox. Here's how we keep raising the bar — and where we're honest about what's still ahead.

  • Secure-by-default architecture, reviewed at every layer
  • Automated dependency & vulnerability scanning in CI
  • Independent penetration testing (on our roadmap)
  • Designed to align with SOC 2 & GDPR principles

Questions about security or compliance?

We're happy to walk your team through our architecture, data handling, and roadmap.

Talk to usGet started