So strange. What are the data retention requirements for situations such as this?

The whole thing just feels so off. Some big moves but very little details from Carta.

Commitments just sound like empty promises now, especially when they're presented on Medium. Did any customers receive assurance or details of what went down?

Some financial institutions are basically required to retain everything for years, Carta may or may not be outside some of those stricter requirements.

Given their customers are startups, but more specifically founders themselves, and they handle cap tables, I’m sure they’re getting plenty of direct questions from legal departments with the interest of C suites everywhere. Assurances might well be coming in to form of legal agreements and external audits, and possibly SEC investigations and discovery for lawsuits.

No, there is no acknowledgement that anything undue ever happened. Only that business in this department hasn't been financially successful and that customers could have concerns.

Nothing about those concerns actually being valid. This is vague misdirection at best.

It’s in the previous post: https://henrysward.medium.com/how-we-handle-captable-informa...

> On Friday we had an internal policy violation that affected three companies. I’ve been in touch with the founders and I’m appalled we made that mistake and it should never have happened. It is unacceptable and we’ve dealt with the violation on Saturday morning and are continuing the investigation to make sure it never happens again.

Stop doing the possibly illegal thing, and hope that nobody takes it further I guess.