← Back to home

Privacy Policy

Last updated: May 2026

1. Overview

Fin4Kast ("we", "us", "our") respects your privacy. This policy explains how we collect, use, and protect your personal data when you use our Service.

2. Data We Collect

2.1 Account Information

  • Name, email address, organization name
  • Billing information (processed by Stripe – we do not store full credit card details)
  • Role within your Organization (Admin, Member, Viewer)

2.2 Financial Data You Input

  • Project SQM plans
  • Customer invoices and payment expectations
  • Supplier payments, staff costs, CapEx items
  • Notes and comments

2.3 Usage Data

  • Log data (IP address, browser type, pages visited)
  • Feature usage (to improve the Service)
  • Crash reports and performance metrics

3. How We Use Your Data

  • To provide forecasting, reporting, and payment priority features
  • To manage subscriptions and billing
  • To send service updates, security notices, and trial reminders
  • To improve our algorithms and user interface
  • To comply with legal obligations

4. Data Sharing

We do not sell your data.

We may share data with:

  • Stripe – for subscription payments (PCI-compliant)
  • Supabase – our database host (data stored encrypted)
  • Legal authorities – if required by law
  • Professional advisors – accountants, lawyers under confidentiality

5. Data Retention

  • Account data: retained while your Organization is active.
  • After cancellation: data becomes read-only for 30 days, then permanently deleted within 90 days.
  • Anonymized aggregated data may be retained indefinitely for analytics.

6. Your Rights (GDPR & similar laws)

Depending on your jurisdiction, you may have the right to:

  • Access the data we hold about you
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Withdraw consent for marketing emails

To exercise these rights, email privacy@fin4kast.com.

7. Security

  • Data encrypted at rest and in transit (TLS 1.3)
  • Regular security audits and backups
  • Role-based access control (RLS) enforced at database level
  • No employees can view your financial data without explicit consent and logging

8. Cookies & Tracking

We use essential cookies for authentication and session management. No third-party advertising cookies. You can disable cookies in your browser, but the Service may not function properly.

9. Children's Privacy

Fin4Kast is not intended for users under 16. We do not knowingly collect data from children.

10. International Data Transfers

We use servers in [e.g., EU / US / Singapore depending on Supabase region]. By using Fin4Kast, you consent to data processing in those locations.

11. Changes to This Policy

We will notify you of material changes via email or dashboard notice at least 14 days in advance.