Must-have checklist when investing in personal data-fueled businesses

In a world awash with data, investing in personal data-fueled businesses is exponentially growing. Digital Health, Fintech, Insurtech companies that are providing behaviour-based services and solutions are just a few that are trending among them. Prior to investing, however, investors need to know that these enterprises are worth the risk. In the context of personal data-fueled businesses, this means ensuring that their portfolio companies will not hit the wall due to poor data management and misuse of the data. 

Beyond the market-product fit. Details that matter.

Investors focus their attention on verifying the product-market fit and rightly so. Equally they look at the power of innovation, team execution capacity and specific technology components, such as AI to unlock the data capacity. However, (excluding those specialized in PrivacyTech, for example), verifying the scalability in managing data and privacy rightly is rarely on the top of investors’ minds.

Still, a company’s ability to properly manage its data can tell you a lot about its future. And while you are not expected to become the new privacy experts in town, evaluating certain data management criteria should help you ensure that these companies are managing the personal data they collect rightly, compliantly to relevant privacy regulations.

Asking the right questions to get the right answers:

You are only 3 Questions away to de-risk when investing in personal data-fueled businesses.


#1 Does the company embed a privacy-first approach in the company mind-set and product design? 

Reflecting the situation: the GDPR, CCPA and numerous changes that are being made into existing data protection regulations are a sign that most companies still are behind when it comes to embedding privacy into their digital applications.

Alongside the rising concerns around companies’ misuse of the data, the current shift in users’ tolerance with regard to the disrespect for their privacy needs to be addressed. In a “user-first” world, lacking trust results in poor business offerings, limited access and less data sharing.

No valuable data for a data-fueled business means no return in investment for an investor.

#2 Does the company master its personal data lifecycle: from collection, structure, storage, sharing and deletion?

Mastering the personal data lifecycle is what allows companies to have a proper oversight of what is happening within their organization in terms of data. For a data-driven enterprise, this is today an absolute necessity; first in regard to compliance, but also for everything else:

  • Does the organization precisely understand what EXACT VALUE the collected data already brings to the organization so that they can build an efficient data monetization strategy?
  • Does their system have interoperability capabilities to allow easy integration and manage diverse data-sets? Can it SCALE over time?
  • Do they properly address all the current regulatory requirements? Are they ready to ADAPT to forthcoming changes?

Before investing, be sure to ask your prospective companies these few questions to ensure that they master how the personal data they collect is managed throughout their organization.

Usually, it is a good indicator that they are ready to scale overtime and thrive in the “Techs”-era.

#3 Does their technology allow for privacy-preserving globalization?

Today, legal interoperability is nothing less but a necessity to scale up any data-driven business.

Yet with the multiplication of privacy laws and related obligations as regards to data residency, growth in user base and new partnerships that imply for the data to be transferred somewhere new are only a few among the multiple scenarios that make it particularly difficult for a data privacy unconscious business to adapt afterwards.

A privacy-preserving globalization approach will help ensure that business growth opportunities won’t turn into an issue, but a success.

Why is privacy important ?

Nowadays, privacy is not about compliance only. Privacy is about data ethics, business values, and how much trust you can put into a company that collects and processes personal data.

Investment is(n’t) blind.

Like in love, a long-lasting relationship does not rely on first-sight, but trust. As you probably wouldn’t marry someone that you don’t trust, we bet you wouldn’t want to invest in a business you have doubts about.

In the same logic, when investing in a data-fueled business, better ask yourself before moving further: Would you be the one to trust this business with your family personal data?

We hope the checklist above will help you make the right choices for profitable investments.

Opt-in with Pryv

  • Is any of your portfolio companies struggling to meet new data protection requirements or embed privacy into their digital solutions?
  • Do you want to ensure that the companies you perform due-diligence on will not fail on managing their data rightly? Can their business scale over time and geographies?
  • Do you consider investing in a technology which does scale across industries and regulations?

Pryv is a Swiss-based company, which developed and commercialized a personal data management solution. is specifically designed to ensure that personal data-fueled businesses can meet privacy and data protection regulatory requirements at a global scale. Since 2015, we help companies achieve GDPR and global data compliance, so that they can turn their compliance investments into a competitive advantage. Privacy-first.

Stephanie & Evelina


Image Credentials: christine-roy-ir5MHI6rPg0-unsplash