Privacy Policy

FinRiskAI LTD (“FinRiskAI,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal data.

This Privacy Policy explains how we collect, use, disclose, store, and otherwise process personal data when you:

• visit our website;
• create or use a FinRiskAI account;
• use our web application and related services;
• access portfolio analysis, risk scoring, alerts, budgets, debt or cashflow views, AI-powered insights, or other product features;
• start a free trial or subscribe to a paid plan;
• contact support, request a demo, join a waitlist, or otherwise communicate with us;
• receive service-related messages or marketing communications from us.

This Privacy Policy applies to our website, web application, and related services unless a separate privacy notice states otherwise.

FinRiskAI LTD is the controller of your personal data for the purposes described in this Privacy Policy.

We may collect the following categories of personal data:

a. Identity and contact data

Such as your name, email address, phone number, country, and other contact details you provide to us.

b. Account data

Such as login credentials, account settings, user preferences, account status, subscription status, and records relating to your use of your FinRiskAI account.

c. Financial and portfolio input data

Such as holdings, allocations, watchlists, manually entered financial information, budget data, cashflow information, debt information, risk preferences, investment-related inputs, and other financial data you choose to provide through the service.

d. Product output and insight data

Such as risk scores, alerts, AI-generated explanations, dashboard outputs, portfolio analytics, recommendations of general actions, and history of product-generated insights.

e. Payment and billing data

Such as plan type, billing cycle, subscription status, payment status, invoice-related information, and limited transaction metadata provided by payment processors. We do not store full payment card details unless expressly stated otherwise by our payment provider arrangement.

f. Usage and technical data

Such as IP address, browser type, device information, operating system, pages viewed, referring pages, clickstream data, session activity, timestamps, crash data, logs, and similar technical usage information.

g. Communications and support data

Such as messages you send to us, support requests, survey responses, product feedback, and records of our communications with you.

h. Marketing and preference data

Such as newsletter preferences, consent choices, campaign interaction data, and records of whether you opened, clicked, or interacted with our communications, where permitted by law.

i. Uploaded content

Such as documents, screenshots, images, photos, or files that you choose to upload to the service or provide to us in support interactions.

j. Location data

Such as approximate location inferred from IP address or more precise location data where collected with your permission or where enabled by your device or browser settings.

We collect personal data in the following ways:

a. Directly from you

When you create an account, fill out forms, request a demo, subscribe to a plan, upload content, contact support, or otherwise provide information to us.

b. Automatically

When you browse our website, use our application, enable notifications, interact with emails, or otherwise use our services.

c. From service providers and partners

Such as payment processors, analytics vendors, authentication providers, cloud hosting providers, customer support tools, communications vendors, and similar operational service providers.

d. From third-party data sources

Where relevant to our services, we may receive data from market data providers, publicly available sources, fraud prevention providers, or other third parties you direct us to connect with.

e. From cookies and similar technologies

We and our partners may use cookies, pixels, SDKs, local storage, and similar technologies as described in our Cookie Policy.

We process personal data only where we have a valid legal basis under applicable data protection law.

a. To provide and operate the service

We use personal data to create and manage accounts, authenticate users, provide dashboards, calculate risk scores, display portfolio analytics, provide alerts, deliver AI-generated insights, and operate the core functionality of the service.

Legal basis: performance of a contract; legitimate interests in operating and improving our services.

b. To process subscriptions and billing

We use personal data to administer trials, process subscription payments, issue invoices, manage renewals and cancellations, and maintain payment-related records.

Legal basis: performance of a contract; compliance with legal obligations.

c. To send service communications

We use personal data to send account, billing, security, transactional, support, and other service-related messages, including important notifications about account activity or product functionality.

Legal basis: performance of a contract; legitimate interests in providing and securing the service.

d. To provide notifications and alerts

Where supported by your device or browser settings, we may send push notifications, emails, or similar alerts related to account activity, risk alerts, product updates, or other relevant service events.

Legal basis: performance of a contract; legitimate interests; consent where required by law.

e. To improve our services

We use personal data to understand product usage, troubleshoot issues, improve user experience, develop features, measure engagement, and evaluate product performance.

Legal basis: legitimate interests; consent where required for non-essential analytics technologies.

f. To personalize product experience

We may use account data, preferences, financial input data, and usage data to tailor dashboards, analytics, and service experiences to your use of FinRiskAI.

Legal basis: performance of a contract; legitimate interests.

g. To provide marketing communications

We may use personal data to send newsletters, updates, product announcements, promotional offers, and related communications.

Legal basis: consent where required; otherwise legitimate interests, where permitted by law.

h. To protect our business and users

We use personal data to maintain security, prevent fraud, detect abuse, enforce our terms, investigate incidents, and protect the rights, property, and safety of FinRiskAI, our users, and others.

Legal basis: legitimate interests; compliance with legal obligations.

i. To comply with legal and regulatory requirements

We may process personal data to comply with applicable laws, court orders, law enforcement requests, tax and accounting requirements, and other legal obligations.

Legal basis: compliance with legal obligations.

FinRiskAI uses personal data and related inputs, including financial and portfolio information, service usage data, and other relevant inputs, to generate analytics, risk scores, alerts, portfolio insights, and AI-generated explanations.

These features are intended to help users understand financial risk and related patterns in their data in a more accessible way. Unless explicitly stated otherwise, these outputs are provided for informational and educational purposes and are not intended to constitute personalized legal, tax, investment, or financial advice.

Where applicable, such processing may involve profiling or automated analysis of user-provided and system-generated data. We will provide additional information where required by law about:

• the logic involved;
• the significance and expected consequences of the processing; and
• any rights available to you in relation to such processing.

If a particular feature involves solely automated decision-making that produces legal or similarly significant effects under applicable law, we will provide any additional disclosures and safeguards required by that law.

We may send you marketing communications about our services, features, offers, educational content, and updates where we are permitted to do so.

You can opt out of marketing emails at any time by:

• clicking the unsubscribe link in the email; or
• contacting us at support@finriskai.com.

Opting out of marketing communications does not affect service-related messages, such as account, billing, security, support, or transactional notices.

We use cookies and similar technologies to:

• operate and secure our website and services;
• remember preferences;
• understand usage and performance;
• analyze traffic and user behavior;
• support advertising, remarketing, and campaign measurement where permitted.

For more detailed information, including categories of cookies, the purposes they serve, and how to control them, please see our Cookie Policy.

Where required by law, we will ask for your consent before placing non-essential cookies or similar technologies on your device.

We may share personal data with the following categories of recipients where necessary for the purposes described in this Privacy Policy:

a. Service providers

Including providers of hosting, infrastructure, authentication, security, analytics, communications, customer support, payment processing, product monitoring, storage, and similar operational services.

b. Professional advisers

Including lawyers, auditors, accountants, insurers, and similar professional advisers where necessary.

c. Business partners and integration partners

Where you choose to use a connected or integrated feature, or where necessary to provide requested functionality.

d. Corporate transaction counterparties

If we are involved in a merger, acquisition, restructuring, financing, sale of assets, or similar transaction, personal data may be disclosed as part of that process subject to appropriate protections.

e. Authorities and other third parties

Where required by law, regulation, legal process, court order, or where necessary to protect rights, safety, security, or property.

f. Affiliates

We may share personal data within our corporate group where necessary for internal administrative, security, support, or operational purposes.

We do not sell your personal data in exchange for money.

Your personal data may be processed in countries other than the country in which you are located.

Where personal data is transferred outside the European Economic Area, the United Kingdom, or another jurisdiction with applicable transfer restrictions, we will implement appropriate safeguards as required by law. These may include:

• adequacy decisions;
• Standard Contractual Clauses;
• the UK International Data Transfer Agreement or Addendum; or
• other lawful transfer mechanisms.

You may request more information about the safeguards we use for international transfers by contacting us.

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy, including to provide services, comply with legal obligations, resolve disputes, enforce agreements, and protect our rights.

In general:

• Account data is retained while your account is active and for a reasonable period after closure, unless longer retention is required by law or justified for security, dispute, or compliance purposes.
• Billing and tax records are retained for the period required by applicable accounting, tax, and legal requirements.
• Marketing suppression records may be retained as necessary to honor opt-out requests.
• Uploaded content is retained for as long as needed for the purpose for which it was provided, unless you delete it earlier or we are required to keep it longer by law.

Where we no longer need personal data, we will delete, anonymize, or securely archive it in accordance with applicable law.

We use appropriate technical and organizational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

Such measures may include encryption, access controls, logging, monitoring, secure development practices, vendor due diligence, and other reasonable safeguards appropriate to the nature of the data and the risks involved.

However, no system can be guaranteed to be completely secure, and we cannot guarantee absolute security.

Depending on where you are located, you may have the following rights in relation to your personal data:

• the right to access your personal data;
• the right to correct inaccurate or incomplete personal data;
• the right to request deletion of your personal data;
• the right to restrict certain processing;
• the right to object to certain processing;
• the right to withdraw consent where processing is based on consent;
• the right to data portability;
• the right to complain to a supervisory authority or regulator.

Where applicable, you may also have rights relating to profiling or automated decision-making.

You may exercise your rights by contacting us at support@finriskai.com. We may need to verify your identity before responding to your request.

You will not usually have to pay a fee to exercise your rights, although we may charge a reasonable fee or decline a request where permitted by applicable law, for example if a request is manifestly unfounded or excessive.

We will respond within the timeframe required by applicable law.

Where available, you may also review, update, or delete certain personal data directly through your account settings.

Please note that deleting or changing certain data may affect the functionality of the service.

Our services are not directed to individuals under the age of 18, and we do not knowingly collect personal data from individuals under 18.

If you believe that a child under 18 has provided us with personal data, please contact us so that we can investigate and take appropriate action.

Our website or services may contain links to third-party websites, content, tools, or services. We are not responsible for the privacy practices of those third parties.

We encourage you to review the privacy notices of any third-party services you choose to use.

We may update this Privacy Policy from time to time to reflect changes in our services, technology, legal requirements, or business practices.

When we make material changes, we will update the “Last updated” date and take any additional steps required by law, such as providing notice through the website, application, or email where appropriate.

If you have any questions about this Privacy Policy or our privacy practices, or if you want to exercise your rights, please contact us at:

If you are located in the EEA, UK, or another jurisdiction that gives you the right to lodge a complaint with a supervisory authority, you may also contact your local data protection authority.