Privacy Policy

FineIT Private Limited ("FineIT", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our financial engineering platforms, including Estimator 9, ContractHive, and Estimator 17 (collectively, the "Services").

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Services.

Personal Information

We collect information that you provide directly to us, including:

• Name, email address, phone number, and job title
• Company name and business information
• Login credentials and account information
• Payment and billing information
• Communications with our support team

Usage Information

We automatically collect certain information when you use our Services:

• Log data (IP address, browser type, operating system)
• Device information and unique identifiers
• Usage patterns and feature interactions
• Performance metrics and error reports

Financial Data

When you use our platforms for IFRS compliance, risk modeling, or valuation:

• Financial data uploaded for ECL calculations, lease accounting, or actuarial modeling
• Model parameters, assumptions, and configurations
• Generated reports and audit trails
• This data remains your property and is processed solely for service delivery

We use the information we collect to:

• Provide, maintain, and improve our Services
• Process transactions and send related information
• Respond to your comments, questions, and customer service requests
• Send technical notices, updates, security alerts, and support messages
• Monitor and analyze trends, usage, and activities
• Detect, prevent, and address technical issues and fraudulent activity
• Comply with legal obligations and regulatory requirements
• Perform IFRS 9, IFRS 16, IFRS 17, and Basel calculations as requested

We implement appropriate technical and organizational measures to protect your information:

• Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Role-based access with multi-factor authentication
• Audit Trails: Comprehensive logging of all data access and modifications
• Infrastructure: Enterprise-grade cloud infrastructure with redundancy
• Monitoring: 24/7 security monitoring and incident response
• Compliance: Regular security audits and penetration testing

We do not sell your personal information. We may share your information only in the following circumstances:

• Service Providers: Third-party vendors who perform services on our behalf (cloud hosting, payment processing)
• Business Partners: With your consent, for joint implementations (e.g., AARO integrations)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets

All third parties are contractually bound to maintain confidentiality and security.

Depending on your location, you may have the following rights:

• Access: Request copies of your personal information
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your personal information
• Portability: Receive your data in a structured, machine-readable format
• Objection: Object to processing of your personal information
• Restriction: Request restriction of processing

To exercise these rights, contact us at privacy@fineit.io

6. Data Retention

We retain your information for as long as necessary to:

• Provide our Services and fulfill contractual obligations
• Comply with legal, regulatory, and audit requirements (typically 7 years for financial records)
• Resolve disputes and enforce our agreements

Upon request, we will delete or anonymize your data unless retention is required by law.

7. International Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including:

• Standard contractual clauses approved by regulatory authorities
• Data processing agreements with third parties
• Compliance with applicable data protection laws (GDPR, PDPA, etc.)

8. Updates to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Services after such changes constitutes acceptance of the updated policy.