Privacy Policy

Introduction

fintechlead Ltd ("we", "us", or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal information when you use our website and services.

We are the data controller for the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws. Our registered office is located at Dame Street 143, Galway, H24 3755, Ireland.

Data We Collect

The data we collect includes both information you provide directly to us and information we collect automatically when you use our services. We may collect the following types of personal information:

• Contact Information: Name, email address, phone number, postal address, and company details
• Account Information: Username, password, and account preferences
• Transaction Data: Payment information, billing details, and transaction history
• Technical Information: IP address, browser type, device information, and usage data
• Communication Data: Records of correspondence and customer support interactions
• Marketing Data: Your preferences for receiving marketing communications

Data collection occurs when you register for our services, make inquiries, use our website, or interact with our customer support team.

How We Use Your Information

We use your personal data for various purposes based on legitimate business interests, contractual necessity, or your consent. How we use your information includes:

• Providing and maintaining our fintech services
• Processing payments and managing your account
• Communicating with you about our services
• Providing customer support and technical assistance
• Complying with legal and regulatory requirements
• Preventing fraud and ensuring security
• Improving our services and developing new features
• Sending marketing communications (with your consent)

The legal basis for processing your data includes contract performance, legitimate interests, legal compliance, and consent where applicable.

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your data in the following circumstances:

• Service Providers: Trusted third-party vendors who assist in providing our services
• Payment Processors: Financial institutions and payment service providers
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In the event of a merger, acquisition, or sale of assets
• Consent: When you have given explicit consent for specific sharing

All third parties are required to maintain appropriate security measures and use your data only for specified purposes.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected or as required by law. Our data retention periods are:

• Account Data: For the duration of your account plus 7 years for financial records
• Transaction Records: 7 years from the date of transaction for compliance purposes
• Marketing Data: Until you withdraw consent or 3 years of inactivity
• Website Analytics: 26 months from collection date
• Support Communications: 3 years from the last interaction

After the retention period expires, we securely delete or anonymise your personal data in accordance with our data destruction policies.

Your Rights

Under GDPR and other applicable data protection laws, you have several rights regarding your personal data:

• Right of Access: Request a copy of your personal data we hold
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for specific processing activities

To exercise any of these rights, please contact us using the details provided below. We will respond to your request within one month.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

• Encryption of data in transit and at rest
• Regular security assessments and penetration testing
• Access controls and authentication systems
• Employee training on data protection
• Incident response and breach notification procedures

We maintain PCI DSS Level 1 certification and ISO 27001 compliance to ensure the highest standards of data security.

International Data Transfers

Your personal data may be processed in countries outside the European Economic Area (EEA) where our service providers are located. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

• European Commission adequacy decisions
• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules
• Certification schemes and codes of conduct

We ensure that all international transfers comply with applicable data protection laws and provide an adequate level of protection.

Cookies and Tracking

Our website uses cookies and similar tracking technologies to enhance your browsing experience and analyse website usage. For detailed information about our use of cookies, please refer to our Cookie Policy.

You can manage your cookie preferences through your browser settings or our cookie consent banner when you first visit our website.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. When we make significant changes, we will:

• Post the updated policy on our website
• Update the "last updated" date
• Notify you by email if the changes are material
• Obtain your consent where required by law

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please use the following contact information:

You also have the right to lodge a complaint with the Irish Data Protection Commission or your local supervisory authority if you believe we have not handled your personal data in accordance with applicable laws.