DATA PROTECTION NOTICE
Last Updated: October 2022
1. Overview
This document outlines the data protection standards applied by Fin Zen AI (“we,” “us,” or “our”) in connection with our services and solutions (the “Solutions”) and our platform (the “Platform”). Safeguarding your privacy and ensuring the security of your information are essential components of how we deliver our Solutions and operate the Platform.
Our Platform and Solutions may contain links to external sites or third-party tools. We are not responsible for the privacy practices of those external providers, and we advise you to carefully review their respective privacy policies before interacting with them.
Any information collected through our Solutions is treated as confidential. We employ extensive technical, organisational, and security measures to protect Personal Data (defined below) against unauthorised access, accidental loss, destruction, misuse, or disclosure.
When using our Platform, you may be asked to provide personal information such as your name, email address, phone number, date of birth, or identification details. This information may be used to confirm your identity, manage your account, provide support, and meet contractual or legal requirements. We may also send essential notifications and, with your consent, share updates about our Solutions via SMS, email, or other methods. You may adjust your notification preferences or opt out at any time.
2. Platform; Visitors and Users
2.1 Overview
This section clarifies how data is collected from different groups: Platform visitors (“Visitors”), active users (“Users”), and business partners (“Partners”). Personal Data may include IP addresses, names, contact details, and information relating to your interactions with us, in accordance with applicable data-protection legislation.
2.2 Data Collection and Use
By accessing the Platform, you consent to the collection and processing of your Personal Data. If you disagree with these terms, you should discontinue use of the Platform. Information may be collected through page activity, cookie technology, IP tracking, and form submissions.
2.3 Purpose of Processing Personal Data
We process Personal Data to enhance, analyse, and customise our Solutions and Platform. This may include improving accuracy, providing Solution-related communication, fulfilling contractual obligations, delivering support, and collaborating with Partners. Legal authorisation or user consent is required for specific types of processing.
The table below outlines the purposes and lawful bases for processing Personal Data:
| Account registration and setup | Your consent; Performance of the Solutions or contractual requirements |
| Providing and operating the Solutions | Performance of the Solutions or contractual requirements |
| Service updates and important notifications | Performance of the Solutions or contractual requirements |
| Responding to requests and delivering support | Legitimate interests or performance of the Solutions |
| Personalised solutions, advertising, and marketing | Legitimate interests or your consent |
| Improving and developing new Solutions | Consent and legitimate interests |
| Sending promotional and marketing materials | Your consent |
| Measuring marketing campaign performance | Legitimate interests or consent |
| Carrying out various support-related operations | Legitimate interests or performance of the Solutions |
| Analytics, including statistical evaluation | Legitimate interests |
| Protecting interests, rights, and assets | Legitimate interests or legal requirements |
2.4. Sharing of Personal Data
We may share information with service providers, Partners, and contractors. For Visitors and Users located in the European Data Region, all processing activities comply with the GDPR and other applicable Data Protection Laws and regulatory standards.
3. Partners
3.1. Overview
To deliver our Solutions and collaborate effectively with Partners, we collect and process specific categories of information. Partners remain responsible for their own data, and we may access it through secure, authorised methods.
3.2. Processing of Personal Data
We rely on Partner consent or legitimate interests when processing Personal Data. Aggregated Data sets may be generated to improve performance, conduct analysis, and enhance the overall quality of our Solutions.
3.3. Controller/Processor
Our role varies depending on the type of data processed:
- Visitor/User Data: Controller
- Partner Data: Processor
- All data is securely stored following strict security standards. We implement physical, technical, and organisational safeguards to ensure data protection.
3.4. External Data Processing
If the Solutions require the processing of Personal Data on an external platform:
- We act as a Processor
- We follow the explicit instructions of the external party
- We enforce robust security measures
- We report any suspected data breaches
- We do not subcontract processing without proper authorisation
- We do not process data outside the European Economic Area without permission
- For electronic marketing communications, consent and opt-out options are always provided
4. Security
We employ administrative, organisational, and technical safeguards to protect Personal Data from unauthorised access, disclosure, alteration, misuse, loss, or damage. When sharing data with external parties, we require them to maintain equivalent levels of protection, with contractual obligations ensuring secure processing aligned with this Notice.
If you believe that your interaction with us has been compromised, Visitors, Users, or Partners should notify us immediately. Although we take extensive measures to secure your data, no system can guarantee total immunity from cyberattacks. Users acknowledge the inherent risks associated with data transmission and storage.
5. Cookies
Please refer to our Cookie Policy for comprehensive details about the types of cookies and tracking technologies used on the Platform, why we use them, and how you can manage your preferences.
6. Links to External Sites
While navigating the Platform, Users may encounter links to external websites that are beyond our control. We are not responsible for the content or privacy practices of these websites. Users are encouraged to review the privacy policies of external websites before providing any Personal Data.
7. Data Retention and Removal
Personal Data will not be stored longer than necessary. Visitors or Users with active accounts are responsible for managing and removing their information when appropriate. Once an account or partnership is terminated, all associated Personal Data collected through the Platform and/or Solutions will be deleted in accordance with applicable laws and internal policies.
Withdrawal of consent for Personal Data processing may limit your ability to access some or all services, and no claims or objections may be raised in relation to such limitations.
8. Your Rights
Users have the following rights regarding their Personal Data:
8.1. Right of Access
- Confirm whether Personal Data is being processed
- Access Personal Data and associated information
- Information on processing purposes, categories, data recipients, retention periods, rights, and the existence of profiling
8.2. Right to Rectification
- Correct inaccurate Personal Data
- Complete incomplete Personal Data
8.3. Right to Erasure
- Request deletion of Personal Data under certain circumstances
8.4. Right to Restrict Processing
- Obtain restrictions on processing when specific grounds apply
8.5. Right to Data Portability
- Receive Personal Data in a structured, machine-readable format
- Transmit Personal Data to another controller
8.6. Right to Object
- Object to processing based on legitimate interests or direct marketing
- Processing will stop unless compelling legal grounds exist
8.7. Right to Withdraw Consent
- Withdraw consent for Personal Data processing at any time
9. Advertising and Marketing Materials
Consent is required to use Personal Data and contact details for delivering promotional and advertising materials. You may withdraw consent at any time by sending written notice to the email address provided.
10. Acceptance of This Notice
By using the Platform and/or Solutions, Visitors, Users, and Partners acknowledge that they have read and accepted this Data Protection Notice. If you disagree with any part of it, you should refrain from using the Platform. We reserve the right to modify this Notice, and Users are encouraged to review updates regularly. Continued use after modifications implies acceptance.
11. Legal Requirement to Disclose Personal Data
Personal Data may be disclosed without prior permission when necessary to identify, contact, or take action against individuals suspected of violating rights or property. Disclosure also occurs when legally mandated.
12. Data Protection Officer
For inquiries regarding privacy and data protection, you may contact our designated “Data Protection Officer” at