Privacy Policy
Last updated: April 2026
1. What Data We Collect
We collect:
- Your name and email address
- Financial data you voluntarily provide
We use only strictly necessary session cookies.
2. Legal Basis
We process data based on:
- Contract performance (Art. 6(1)(b) GDPR)
- Legitimate interest (improving the service)
3. How We Use Your Data
Your data is used solely for:
- Financial analysis and report generation
- Improving our algorithms (in anonymized form)
We do not sell or share data for marketing purposes.
4. Security
We use:
- AES-256 encryption at rest
- TLS 1.2+ in transit
- Strict access controls
5. Retention & Deletion
Data is stored while your account is active. Upon account deletion:
- Data is permanently deleted within 30 days
- Backups are purged on the same schedule
6. Third Parties
We use Google Gemini API for AI analysis. Your data:
- Is not used to train AI models
- Is not stored beyond the processing window
7. Your Rights (GDPR)
You have the right to:
- Access your data
- Correct inaccurate data
- Delete your data (“right to be forgotten”)
- Data portability
- Object to processing
To exercise your rights: support@firmyx.com