Finxa OS
Get Started
Privacy & Security

Privacy.
Policy.

Comprehensive privacy policy outlining how we collect, use, and protect your data with enterprise-grade security measures.

Last Updated
September 18, 2025
Comprehensive Privacy Framework

Privacy Framework

Enterprise-grade privacy protection with comprehensive data governance and security measures.

1. Information We Collect

We collect information you provide directly to us, such as when you create an account, use our services, or contact us for support. This comprehensive data collection ensures we can provide you with the best possible service experience.

Personal Information

  • Account information (name, email address, phone number, business title)
  • Business information (company name, industry, size, address, tax ID)
  • Payment information (processed securely through PCI-compliant providers)
  • Profile information and preferences

Usage & Technical Data

  • Usage data, analytics, and performance metrics
  • Device information and browser data
  • IP addresses and location data
  • Communications with our support team

2. How We Use Your Information

We use the information we collect to provide, maintain, and improve our services, ensuring you receive the best possible experience while maintaining the highest standards of data protection.

Service Provision

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Send technical notices, updates, and support messages
  • Respond to your comments, questions, and customer service requests

Analytics & Security

  • Monitor and analyze trends, usage, and activities
  • Detect, investigate, and prevent fraudulent transactions
  • Personalize your experience and provide relevant content
  • Comply with legal obligations and enforce our terms

3. Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except in the following carefully controlled circumstances:

Service Providers

  • With service providers who help us operate our business under strict data processing agreements
  • Payment processors and financial institutions (PCI DSS compliant)
  • Cloud infrastructure providers with enterprise-grade security

Legal & Business

  • To comply with legal obligations or protect our rights
  • In connection with a business transfer or acquisition
  • With your explicit consent for specific purposes

4. Enterprise Data Security

We implement comprehensive technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction, meeting the highest industry standards.

Technical Safeguards

  • End-to-end encryption of data in transit and at rest (AES-256)
  • Regular security audits and penetration testing by certified professionals
  • Multi-factor authentication and advanced access controls
  • Real-time monitoring and threat detection systems

Organizational Measures

  • Comprehensive employee training on data protection practices
  • Compliance with industry-standard security practices and GDPR standards
  • Regular security awareness training and certification programs
  • Incident response procedures and breach notification protocols

5. Data Retention & Lifecycle Management

We retain your personal information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. Our data lifecycle management ensures secure deletion when data is no longer needed.

Account Data

Retained for the duration of your account plus 7 years for legal compliance

Transaction Data

Retained for 7 years for tax and audit purposes, then securely deleted

Marketing Data

Retained until you opt out, then deleted within 30 days

6. Your Privacy Rights

Depending on your location, you may have comprehensive rights regarding your personal information. We are committed to honoring these rights and providing you with full control over your data.

Data Control Rights

  • Right to access your personal information (data portability)
  • Right to correction of inaccurate or incomplete information
  • Right to deletion of your personal information ("right to be forgotten")
  • Right to data portability in machine-readable format

Processing Control Rights

  • Right to restriction of processing under certain circumstances
  • Right to object to processing for marketing purposes
  • Right to withdraw consent at any time
  • Right to lodge complaints with supervisory authorities

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities and enhance your experience. You have full control over these technologies through your browser settings and our privacy controls.

Essential Cookies

Required for basic functionality, security, and authentication

Analytics Cookies

Help us understand how you use our services to improve performance

Marketing Cookies

Used to deliver relevant content and measure campaign effectiveness

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with applicable data protection laws, including GDPR, CCPA, and other regional regulations.

Transfer Safeguards

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions by relevant data protection authorities
  • Binding Corporate Rules for multinational operations

9. Children's Privacy Protection

Our services are not intended for children under 13 years of age (or 16 in the EU). We do not knowingly collect personal information from children under these age limits. If we become aware that we have collected such information, we will take immediate steps to delete it promptly and notify the appropriate authorities.

Protection Measures

  • Age verification during account creation
  • Parental consent requirements for users under 18
  • Immediate deletion procedures for unauthorized child data

10. Policy Updates and Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes through multiple channels to ensure you are fully informed.

Notification Methods

  • Email notification to your registered address
  • In-app notifications and banners
  • Updated policy posted on our website

Your Options

  • Review changes and continue using our services
  • Contact us with questions about changes
  • Terminate your account if you disagree with changes

11. Contact Our Privacy Team

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your privacy rights, please contact our dedicated privacy team. We are committed to responding to your inquiries promptly and thoroughly.

Privacy Team Contact

privacy@finxaos.com
+973 36416556

Data Protection Officer

Finxa W.L.L
Building 598, Road 46, Block 645
Bahrain