Intro

Fininly is committed to respecting your privacy and protecting your personal data.

This Product Privacy Notice (“Privacy Notice”) describes how we handle and protect your personal data in connection with your use of the Fininly services, and the rights available to you about the use of this information.

Fininly may process your personal data in our capacity as data controller, meaning where Fininly controls the purposes and mean of your data handling.

When we refer to “Fininly”, “we”, “us” or “our”, we mean Fininly Apps and/or the other Fininly entities. 

Please read this Privacy Notice carefully and if you do not want your personal data processed in accordance with this Privacy Notice, do not use or interact with any Fininly services.

This Privacy Notice does not apply when Fininly collect, use and overall process your personal data on behalf of our Customers (as defined in our SaaS Agreement) when they use Fininly products and services. For example, you may have the option to use additional features or tools within Fininly services. In those cases, Fininly will process this information to provide you with the service our Customers have requested and in accordance with the related in-time privacy notice we will provide when using these services. If you have questions related to how a Fininly customer utilises your personal data, please contact them directly. 

Personal data we collect

In this Privacy Notice, “personal data” means information that identifies users of Fininly services. We collect the following personal data from you as further described below: 

Information shared voluntarily by you 

Contact information, such as email address, full name, user IDs, passwords, or any response provided through any Fininly survey received. 

Information we collect automatically from you

Analytic and usage information. When you interact with any of our services, we automatically assign you and each of your accounts a unique ID and use it to understand the features you use; the links you click on, your service configurations, diagnostic files, interactions with third-party integrations on the services and other usage information and metrics. 

Device information, including your computer and other devices used to interact with Fininly services, device attributes and identifies, IP address, URLs of referring/exit pages, collected through cookies, web beacons and similar technologies. For more information on how we specifically use cookies and how to turn them off from collecting your information, please see Fininly’s privacy policy. 

Use of your personal data and legal basis for processing personal data

We collect and process your personal data for a variety of purposes: 

• To provide Fininly services to you;
• For billing and account management;
• To improve your user experience, also through tailored recommendations or surveys/questionnaires completed with your support;
• To track and analyse your behaviour engagement and other statistical information to improve our services;
• To train our algorithms and models using machine learning, only if you have expressly decided to so (or the Customer that has control over your account has consented on your behalf);
• To customise the service for you, by combining or comparing the information of a single user with information about the behaviour of other users and predict their needs;
• To provide us with customer insights;
• To drive engagement with the Fininly services;
• To provide support to you, whether in a proactive or reactive way;
• To promote additional services to our customers, where permitted by law;
• To comply with our legal obligations and respond to enforcement requests;
• To detect and prevent any security incidents, malicious or fraudulent activity. 

Fininly will normally collect personal data from you only to perform a contract with you, or where the processing is in our legitimate business interests, or with your consent to do so, or to comply with a legal obligation. 

If you have questions about or need further information regarding our legal basis used to collect and use your personal data, please contact us using the “Contact” section below. 

How we share your personal data

We do not sell or share your personal data to third parties for their marketing purposes. However, we share your personal data with other parties that may assist us in providing our services, as described below:

Service Providers 

We may provide your personal data to companies that provide services to help us with our business activities. These companies are authorized to use your personal data only as necessary to provide these services to us, in compliance with this Privacy Notice and appropriate data processing terms signed with them. 

Fininly Subsidiaries 

We may share your personal data within the Fininly group of companies to provide services to you.

Legal Authorities 

We may disclose your personal data to a third party if we reasonably believe that disclosure is compelled by applicable law, legal process, or a government request, or to protect the security or integrity of our services, or to protect ourselves or our customers. Unless we are prohibited by law, we will notify you of any disclosure requirement. 

Business transaction cases

In case Fininly is involved in a merge with, or is acquired (entirely or partially), by another company, or go through similar commercial operations, your personal data might be disclosed, under conditions of confidentiality, to our advisers and any prospective purchaser’s advisers. In this case we will inform you, via email and/or a prominent notice on our website, of any change in ownership and use of your personal data. 

Others

We may also disclose your personal data to any other third party with your prior consent (e.g. when you connect Fininly services with third-party integrations), or, after having de-identified or aggregated your personal data in a way that they cannot be used to identify you anymore, with other third parties. 

We maintain processes designed to ensure that any processing of personal data by third parties is consistent with this Privacy Notice and protects the confidentiality, availability, and integrity of your personal data.

International data transfers (only applicable to the European Economic Union, Switzerland, and the UK)

Our personal data may be transferred to, and processed in, countries other than the country in which was initially collected, where Fininly, our partners or third-party service providers operate. Some of these countries might have different and less protective rules than those of your country. As a result, we take measures to ensure that your personal data is safe and protected in compliance with the applicable data protection laws. 

Fininly's commitment to the EU-US Data Privacy Framework is described in more details below: 

Fininly complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Fininly has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Fininly has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit this page.

Fininly is responsible for the processing of personal data it receives under EU-US DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF , and subsequently transfers to a third party acting as an agent on its behalf.

With respect to personal data received or transferred pursuant to the EU-U.S. DPF and the Swiss-U.S. DPF, Fininly is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Fininly may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Fininly commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU and UK and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF {and the Swiss-U.S. DPF should first contact Fininly at: See section Contact below. 

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Fininly commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA)} and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF. 

An individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanisms, please read Annex I for additional information.

Data security and retention

We have implemented generally accepted standards of technical and operational security to protect personal data from loss, misuse, alteration, or destruction. Only authorized personnel of Fininly and of our third-party service providers are provided access to personal data, and these employees and third-party service providers are required to treat this information as confidential. 

The personal data collected by the us will not be kept for longer than is necessary to fulfil the purposes mentioned above. When we have no ongoing legitimate business reason nor legal obligation to process your personal data, we will delete, anonymise, or securely store it and isolate it from any further processing until deletion is possible.

Your rights

Fininly has implemented measures that are designed to ensure that our processing of your personal data complies with this Privacy Notice and applicable law.

If you are located in the European Economic Union, Switzerland, the UK, or (to a certain extent) California, you have the right to request access to your personal data, to request that your personal data be rectified or deleted, and to request that processing of your personal data be restricted. You also have to right to data portability. If you are a located outside the European Economic Union, Switzerland, the UK or California, similar rights might apply. You can enact any right you have by contacting: privacy@fininly.com.

Regardless your location, you have the right to opt-out of any marketing communications we send you at any time, by clicking the “unsubscribe” link at the bottom of any email, or, if this option is not available, by sending an email to us with the subject “unsubscribe”. 

To help protect your privacy and security, we might take reasonable steps to verify your identity before granting you access to your personal data. We will make reasonable attempts to promptly investigate, comply with, or otherwise respond to your requests as may be required by applicable law. 

Depending upon the circumstances and the request, we may not be permitted to provide access to personal data or otherwise fully comply with your request; for example, where producing your information may reveal the identity of someone else. 

We might refuse your requests where, in Fininly’s discretion, they may be unfounded, excessive, or otherwise unacceptable under applicable law. In addition, you have the right to lodge a complaint with your local supervisory authority.

Additional information for California residents

In addition to the rights and information provided above, California residents have the ability to request information about the categories of personal data that Fininly collect about you, including how we collect it, from which the sources we collect it, the business purposes pursued with your personal data and the way we share it with third parties. Please read the sections above to obtain further details on how we manage your personal data. 

Financial incentives: Fininly may offer a benefit or offering in exchange of your personal data, for example when you participate in one of our surveys. Participation in surveys is governed by the legal conditions for the survey, which will describe any the nature of each financial incentives associated with that survey and how to participate. You may withdraw from any financial incentive at any time by emailing us at: privacy@fininly.com. 

If you have any other questions, please contact us at: privacy@fininly.com. 

Fininly will not discriminate against you for exercising any of these requests, which is in line with your rights under California law. 

If you have any questions about this Privacy Notice or if you would like to communicate with our EU Data Protection Manager or the Data Privacy Team, please contact us at: privacy@fininly.com, or by writing to the following address: 

Attn: Privacy Department 

Fininly B.V.

Rokin 95

1012 KM Amsterdam

The Netherlands

Changes: Fininly reserves the right to modify this Privacy Notice from time to time. We will post any changes to our Privacy Notice on this page with an “Effective date” at the top. Please check this page regularly to stay up-to-date with the most recent changes.