Privacy Policy

FINANCIALREPORTS PTE. LTD. ("we," "us," or "our") takes the protection of your personal data very seriously. This Privacy Policy explains what personal data we collect, how we use and protect it, and what rights you have in relation to your data. We handle your personal data confidentially and in accordance with statutory data protection regulations, including the EU General Data Protection Regulation (GDPR), the UK General Data Protection Regulation (UK GDPR), and Singapore's Personal Data Protection Act (PDPA).

This policy applies to all personal data processed by us through your use of our website, API, and related services (collectively, the "Service"). "Personal data" means any information that can be used to identify you personally, such as your name, email address, or IP address.

Our application, servers, and databases are hosted with Microsoft Azure in their Frankfurt, Germany (`eu-central-1`) data centers. This ensures that primary user data is stored within the European Union. However, to provide a global, resilient, and feature-rich service, we utilize specialized third-party service providers, some of whom are located outside of the European Economic Area (EEA) and Singapore.

When we transfer your data internationally to countries without an adequacy decision, we ensure it is protected by implementing legally-approved safeguards. These include relying on the EU-U.S. Data Privacy Framework for certified entities and executing the European Commission's Standard Contractual Clauses (SCCs) with our partners to ensure your data receives a level of protection equivalent to that provided within the EU and Singapore.

We do not sell your personal data. We share it only with trusted third-party service providers (sub-processors) who help us operate and improve our Service. We have Data Processing Agreements (DPAs) in place with all providers. Our main providers include:

• Microsoft Azure: Cloud hosting for our primary servers and databases. (Location: Germany)
• Amazon Web Services (AWS): Cloud services for file storage (S3) and API management (API Gateway), configured in the Frankfurt (`eu-central-1`) region. (Location: Germany)
• Cloudflare: Content delivery network (CDN), web security, and cookie consent management. (Location: USA)
• Datadog: Application performance monitoring and security analysis. (Location: USA)
• Google (Analytics & reCAPTCHA): Website traffic analysis and protection against automated abuse. (Location: USA)
• Mixpanel: Product analytics to understand user interaction with our platform. (Location: USA)
• HubSpot: Customer relationship management (CRM) and customer support platform. (Location: USA)

We use cookies and similar technologies to operate and analyze our Service. We categorize these technologies as follows: Strictly Necessary, Functional, and Analytics.

Apart from Strictly Necessary cookies, which are essential for the Service to function, no other cookies are placed on your device without your explicit, prior consent. You can manage your preferences and withdraw your consent at any time through our cookie consent banner.

You have various rights regarding your personal data. Depending on your location and the applicable law, these may include:

• Right to Access: The right to obtain a copy of your personal data.
• Right to Rectification/Correction: The right to have inaccurate personal data corrected.
• Right to Erasure ('Right to be Forgotten'): The right to have your data deleted under certain conditions.
• Right to Restrict Processing: The right to limit the processing of your data.
• Right to Data Portability: The right to receive your data in a structured, machine-readable format.
• Right to Object: The right to object to processing based on legitimate interests.
• Right to Withdraw Consent: The right to withdraw your consent at any time, where consent is the legal basis for processing.
• Right to Lodge a Complaint: The right to lodge a complaint with your local data protection authority.

To exercise these rights, please submit your request to our dedicated privacy email: [email protected]. Alternatively, if you are in the EU or UK, you can exercise your rights via our representative, Prighter, as detailed in Section 2.

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected. We have established the following retention periods:

• Account and Transactional Data: Retained for the duration of your active account and for a subsequent period of up to 7 years as required for legal, tax, and audit purposes.
• User Analytics & Platform Usage Data: Anonymized or deleted within 24 months of your account being terminated.
• Customer Support Inquiries: Retained for up to 3 years after the issue is resolved to ensure quality of service and track recurring issues.

After these periods, your data will be securely deleted or fully anonymized.

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal data from anyone under 18. If we become aware that we have collected personal data from a child without parental consent, we will take steps to remove that information from our servers.

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by sending an email to your registered email address and by posting a prominent notice within our web application at least 30 days before the change becomes effective. We encourage you to review this Privacy Policy periodically.