Privacy Policy

Last updated: 21 October 2025

 

1) Who we are (Data Controller)

FinStudio (the website at fin.studio and related software/services) is provided by FinSystems Ltd (“we”, “us”, “our”).


Registered office: Kemp House, 160 City Road, London, United Kingdom.


Privacy contact: privacy@fin.studio

Legal: legal@fin.studio 

General: info@fin.technology, +44 203 239 7726.


We comply with UK GDPR and the Data Protection Act 2018.

 

2) Scope of this Policy

This Policy explains how we collect, use, share, and protect personal data when you visit our site, create an account, use FinStudio applications, contact support, or interact with us. It complements our Cookie Policy and Terms of Service.

 

3) What data we collect

Account & profile: name, email, password (hashed), company, role, country, preferred language.
Billing & tax: billing address, VAT/tax identifiers, plan purchased, invoices/receipts (card data is handled by payment processors).
Security & logs: IP address, device/OS, timestamps, authentication and license events, fraud/abuse indicators.
Product telemetry (configurable): app version, performance metrics, crash reports, feature usage events.
Website data: cookie consent state, analytics events, referral/UTM info, pages viewed, session identifiers.
Support content: messages, attachments, diagnostic logs that you choose to share.
Marketing preferences: newsletter opt-ins/opt-outs, campaign interactions.

 

4) How we collect data (sources)

Directly from you (forms, checkout, support), automatically via cookies/SDKs when you use our site/apps, and from service providers (payments, analytics, error tracking). We do not buy third-party marketing lists.

 

5) Why we use your data (purposes) & lawful bases

Provide and secure the Services (contract).
Billing, invoicing, tax compliance (legal obligation).
Troubleshooting, quality, and product improvement (legitimate interests).
Abuse/fraud prevention and security (legitimate interests; legal obligation where applicable).
Marketing and product updates (consent where required; otherwise legitimate interests with opt-out).
Compliance requests and legal claims (legal obligation/legitimate interests).

 

6) Cookies and similar technologies

We use cookies and local storage to operate the site (essential), remember preferences, and—if you consent—run analytics/attribution. Details are in our Cookie Policy. You can change preferences at any time via the “Cookie Preferences” link.

 

7) Analytics and product telemetry

With your consent (website) and/or our legitimate interests (product safety and quality), we collect aggregated usage and performance metrics. Telemetry is configured to avoid collecting unnecessary personal data and may be disabled or minimized in app settings where feasible.

 

8) Payments and billing data

Payments are processed by vetted payment processors. We receive limited information (status, last 4 digits, expiry month/year, country, amount, and fraud signals). We store invoices and billing details for tax and accounting.

 

9) Marketing communications & preferences

If you opt in (or where lawful under soft-opt-in rules), we may send product news or offers. You can unsubscribe anytime via the email footer or by contacting privacy@fin.studio. We do not sell personal data.

 

10) Children’s privacy

FinStudio is not directed to children under 18. We do not knowingly collect data from children.

 

11) Sharing your data (processors & third parties)

We share personal data with service providers that help us deliver the Services (hosting, CDN, email, analytics, payments, error tracking, customer support). Each acts under contract and may only process data per our instructions.
We may also share data with professional advisers (legal/accounting), or when required by law, to protect rights, safety, or investigate abuse. We do not permit providers to use your data for their own marketing.

 

12) International data transfers

Where data is transferred outside the UK (or EEA, where relevant), we use appropriate safeguards such as the UK International Data Transfer Addendum and/or Standard Contractual Clauses, plus additional measures where necessary.

 

13) Data retention

We keep personal data only as long as needed for the purposes above:

  • Billing/tax records: up to 7 years.

  • Support tickets & diagnostics: up to 24 months unless required longer.

  • Telemetry/analytics: typically 12–24 months (aggregated/anonymous data may be kept longer).

  • Account data: for the life of the account and a short period after closure for compliance, fraud prevention, and backups.

 

14) Your rights under UK GDPR

You may have the right to access, rectify, erase (in certain cases), restrict processing, object to processing, and data portability. Where processing relies on consent, you can withdraw it at any time without affecting prior lawful processing.

 

15) How to exercise your rights

Contact privacy@fin.studio with your request. We may need to verify your identity. We aim to respond within one month (extendable where permitted for complex requests).

 

16) Sub-processors list (where to find updates)

We maintain a current list of sub-processors (provider, service, region) on a dedicated page and provide notice for material changes. Objections can be sent to privacy@fin.studio.

 

17) Security measures

We use reasonable technical and organizational measures: encryption in transit, segregated infrastructure, access controls (least privilege, MFA), audit logging, vulnerability management, secure development practices, and periodic third-party testing. No system is perfectly secure; please secure your own devices and credentials.

 

18) Automated decision-making & profiling

We do not engage in solely automated decisions that produce legal or similarly significant effects. We may use limited profiling (e.g., fraud detection, account risk scoring, or in-product recommendations) to protect users and improve the Service.

 

19) Do Not Track and consent management

Your cookie settings determine analytics/marketing cookies. We respect browser “Do Not Track” where technically feasible and consistent with applicable law, but cookie-based consent remains the primary control.

 

20) Third-party links & services

Our site/apps may link to third-party websites or integrate third-party services. Their privacy practices are their own; please review their policies.

 

21) Changes to this Policy

We may update this Policy from time to time. Material changes will be posted on this page with a new “Last updated” date. If changes meaningfully affect your rights, we will provide additional notice where required.

 

22) Contact details

FinSystems Ltd
Kemp House, 160 City Road, London, United Kingdom


privacy@fin.studio

legal@fin.studio

info@fin.technology

+44 203 239 7726

 

23) Complaints (UK)

You can lodge a complaint with the UK Information Commissioner’s Office (ICO). We would appreciate the chance to address your concerns first via privacy@fin.studio.

Cookies Notice

We use cookies to improve your experience, personalize content, and analyze our traffic. By clicking "Accept All Cookies," you agree to the storing of cookies on your device. You can manage your cookie preferences at any time by visiting our Cookie Settings.