FingoBot logo

Privacy Policy

Last updated: 11 June 2025

1. Introduction

FingoBot ("we", "us", or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the FingoBot platform ("Service").

2. Information We Collect

  • Account Information — name, organization name, email address, and hashed password.
  • Payment Information — handled by Stripe. We do not store full credit-card numbers.
  • Usage Data — chat transcripts, message counts, IP address, browser type, and device info.
  • Cookies & Analytics — we use cookies and privacy-focused analytics to understand product usage.

3. How We Use Data

  • Provide, maintain, and improve the Service.
  • Process payments and manage subscriptions.
  • Train and fine-tune AI models only on data you explicitly provide as training data.
  • Respond to support requests and send important account notices.
  • Detect, prevent, and address technical issues and abuse patterns.

4. Legal Bases for Processing (GDPR)

If you are located in the EEA or UK, our legal bases are contractual necessity (to provide the Service), legitimate interest (for security and analytics), and consent (for optional cookies and marketing).

5. Sharing & Disclosure

We never sell your personal data. We share information only with:

  • Service providers— cloud hosting (Vercel), database (Supabase), and payments (Stripe).
  • Analytics vendors— privacy-centric tools (e.g., Plausible, PostHog) to evaluate product metrics.
  • Law enforcement— if required by law or to defend legal rights.

6. Data Retention

We retain account and conversation data for as long as your organization maintains an active subscription, or as needed to comply with legal obligations. Upon deletion requests, data is permanently removed within 30 days, except backups kept for a further 30 days.

7. Security

We employ TLS encryption, HTTPS everywhere, database row-level security, and least-privilege API keys. No method of transmission over the internet is 100 % secure, but we strive to use industry- standard protections.

8. Children's Privacy

The Service is not directed to individuals under 13. We do not knowingly collect personal information from children.

9. Your Rights

Depending on your location, you have rights to access, correct, delete, or export your data, and to object to or restrict certain processing. You may exercise these rights by contacting us.

10. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be announced via email or an in-app banner. Continued use of the Service after changes indicates acceptance.