Magma
Privacy

Privacy Policy

Last updated June 5, 2026

This Privacy Policy explains how Magma (in formation), referred to here as Magma or we, collects, uses, and shares information when you visit magmahq.ai or use the listing form on it. It applies to this website only. Any later engagement to evaluate, prepare, or transact data assets is governed by its own separate written agreement.

Information we collect

Information you provide. When you use the listing form, we collect what you choose to provide: your name, email address, role, the company or estate you mention (optional), the asset types you select, and the free-text description you write.

Information collected automatically. When you visit, our hosting and form providers record standard technical data in their logs, such as IP address, browser and device type, pages requested, and timestamps. We use this to operate and secure the site.

Categories under California law. The categories of personal information we may collect are identifiers (such as name and email), professional or employment-related information (such as your role and organization), internet or network activity (such as log data), and any other information you choose to include in your message. We do not intentionally collect sensitive personal information through the site.

How and why we use information

  • To review whether Magma can help with the assets you describe.
  • To respond to you and discuss a potential listing and next steps.
  • To operate, maintain, secure, and improve the site.
  • To keep ordinary business records and to comply with legal obligations and enforce our terms.

Where the GDPR applies, we rely on these legal bases: your consent, our legitimate interest in responding to your inquiry and operating the site, and compliance with legal obligations. We do not use your information for advertising, and we do not sell it.

Cookies and tracking technologies

We do not use advertising cookies, and we do not use third-party analytics or cross-site tracking on the site. Our hosting and form providers may use strictly necessary cookies or similar technologies to operate and secure their services. Because we do not track you across sites and do not sell or share personal information, there is nothing to opt out of, and we treat browser signals such as Global Privacy Control consistently with that. We will update this section if we add analytics in the future.

How we share information

We do not sell your personal information, and we do not share it for cross-context behavioral advertising, as those terms are used under California law. We disclose information only as follows:

  • Service providers. We use a form-processing provider (Formspree) to receive submissions and a hosting provider (Vercel) to serve the site. They process information on our behalf, under their own terms, and only as needed to provide their services.
  • Legal and safety. We may disclose information if required by law, regulation, legal process, or a governmental request, or where we believe disclosure is necessary to protect our rights, your safety, or the safety of others, or to enforce our terms.
  • Business transfers. If Magma is involved in a financing, merger, acquisition, reorganization, or sale of assets, information may be transferred as part of that transaction, subject to this policy or a successor policy with comparable protections. We may also share high-level information with actual or prospective investors or acquirers.

Data retention

We keep submissions only as long as needed to evaluate the opportunity, to maintain our ordinary business records, and to meet legal requirements. We delete or de-identify information when it is no longer needed, and we honor deletion requests where we are not otherwise required to retain the information.

Data security

We take reasonable administrative and technical measures to protect the information we hold. No website, transmission, or storage method is completely secure, however, and we cannot guarantee absolute security.

International users

We are based in the United States, and information you submit is processed in the United States, where data protection laws may differ from those where you live. Where required for transfers of personal data from the European Economic Area, the United Kingdom, or Switzerland, we rely on appropriate safeguards such as the Standard Contractual Clauses.

Your privacy rights

Depending on where you live, you may have some or all of these rights: to know what we collect and how we use it, to access a copy, to correct inaccurate information, to delete it, to data portability, and, where applicable, to opt out of the sale or sharing of personal information and to limit the use of sensitive information. We do not sell or share personal information or use sensitive information for secondary purposes, so those last rights have nothing to act on, but you may still contact us.

Residents of California, Texas, and other states with privacy laws, and individuals in the European Economic Area, the United Kingdom, and similar jurisdictions, may exercise these rights. Individuals under the GDPR also have the right to object to or restrict certain processing, to withdraw consent, and to lodge a complaint with their supervisory authority.

To exercise any right, email ramtin@rice.edu. We will verify your request as the law requires, respond within the time the law allows, and will not discriminate against you for exercising your rights. You may use an authorized agent where the law permits.

Sensitive and regulated data

Please do not submit raw sensitive or regulated data through this site. The listing form is for high-level, non-sensitive descriptions only, not for raw personal, patient, customer, payment, or credential data. Any handling of actual data, including any regulated data, takes place only later under a separate written agreement and an appropriate, reviewed process. Depending on the data, that process may include a business associate agreement for data protected under HIPAA, a HIPAA-grade de-identification step before any data is shared with a buyer, and a review of the original privacy policies and any applicable court or fiduciary process. Some data may not be eligible for transfer or sale.

Children’s privacy

The site is for business use and is not directed to children. We do not knowingly collect personal information from anyone under 16, or from anyone under 13 as defined by the Children’s Online Privacy Protection Act. If you believe a child has provided us information, contact us and we will delete it.

Third-party links

The site may link to third-party sites or services that we do not control. This policy does not apply to them, and we are not responsible for their privacy practices. Please review their own policies.

Changes to this policy

We may update this policy from time to time, and we review it at least every 12 months. The date at the top reflects the latest version, and we will note material changes here. Your continued use of the site after an update means you accept the revised policy.

Contact

Magma (in formation), 6100 Main St., MS-1531, Houston, TX 77005. Email: ramtin@rice.edu.