PRIVACY POLICY

Effective Date: August 19, 2025
Last Updated: August 19, 2025

‍1. About This Policy

‍This Privacy Policy explains how Finata Oy ("we," "us," or "our") collects, uses, processes, and protects your personal data when you use our AI Financial Controller & Financial Data Automation services (the "Service").We are committed to protecting your privacy and ensuring transparency about how we handle your personal information in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

‍2. Who We Are

Data Controller: Finata Oy
Business Address: Kaivokatu 10 A 705, 00100 Helsinki, Finland
Contact Email: hello@control.dev
‍
Services: AI Financial Controller & Financial Data Automation for businesses

‍3. What Personal Data We Collect
‍
‍We collect and process the following categories of personal data:
‍Contact Information: Email addresses provided through our website contact forms
‍Communication Data: Information contained in communications you send to us
‍Usage Data: Information about how you interact with our Service (when logged in)
We do not use cookies or other tracking technologies on our website.

‍4. How We Collect Your Personal Data

‍We collect your personal data in the following ways:
‍Website Forms: When you voluntarily submit your email address through contact forms on our website
‍Direct Communication: When you contact us via email or other communication channels
‍Service Usage: When you use our Service as a registered user

‍5. Why We Process Your Personal Data

‍We process your personal data for the following purposes:
‍Legal Basis: Legitimate Interest
Marketing Communications: To send you information about our services, updates, and relevant business content
‍Business Development: To understand market needs and improve our services
‍Legal Basis: Contract Performance
Service Delivery: To provide our AI Financial Controller & Financial Data Automation services
‍Customer Support: To respond to your inquiries and provide technical support
‍Account Management: To manage your account and access to our Service'
‍Legal Basis: Legal Obligation
Compliance: To comply with applicable legal and regulatory requirements
‍
‍6. How We Share Your Personal Data
‍
‍We may share your personal data with the following categories of third parties:

‍Technology Service Providers: We use standard office tools and AI services to operate our business and deliver our Service
‍Cloud Infrastructure: Your data is processed and stored using Google Cloud Platform (GCP) services
‍AI Service Providers: When you use AI features in our Service, your data may be processed by third-party AI providers outside the EU/EEA (see Section 8 for more details)
‍
We do not sell, rent, or otherwise commercialize your personal data to third parties.

‍7. Where Your Data Is Processed
‍Your personal data is primarily processed and stored within the European Union using Google Cloud Platform infrastructure. We operate services in the EU and USA.

‍8. AI Features and International Data Transfers

Important Notice About AI Features:AI features in our Service are disabled by default

‍If you choose to enable AI features, your data may be transferred to third-party AI service providers located outside the European Union and European Economic Area. Before enabling AI features, you will receive explicit warnings and must provide informed consent. You can disable AI features at any time to stop such data transfers. When AI features are enabled, appropriate safeguards are implemented in accordance with GDPR requirements.

‍9. How Long We Keep Your Data

‍We retain your personal data for the following periods:

‍Contact Information: Until you request deletion or unsubscribe from communications
‍Service Data: For the duration of our business relationship and as required for legal compliance
‍Communications: Typically for 3 years unless longer retention is required for legal or business purposes

‍10. Your Rights Under GDPR

‍As a data subject, you have the following rights:
‍Right of Access: Request information about the personal data we hold about you
‍Right to Rectification: Request correction of inaccurate personal data
‍Right to Erasure: Request deletion of your personal data in certain circumstances
‍Right to Restrict Processing: Request limitation of processing in certain circumstances
‍Right to Data Portability: Request transfer of your data in a structured, machine-readable format
‍Right to Object: Object to processing based on legitimate interest or for direct marketing
‍Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, please contact us at hello@control.dev.

‍11. Data Security

‍We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.
This includes:
Secure data storage using industry-standard cloud infrastructure
Access controls and authentication measures
Regular security assessments and updates
Staff training on data protection requirements

‍12. Marketing Communications

‍If you have provided your email address, we may send you marketing communications about our services. You can:
Unsubscribe at any time using the link in our emails
Contact us at hello@control.dev to opt out
Update your communication preferences

‍13. Changes to This Privacy Policy

‍We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws.

We will notify you of any material changes by:
Posting the updated policy on our website
Sending you an email notification (where we have your email address)
Including the effective date of changes at the top of this policy

‍14. Contact Us

‍If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your personal data, please contact us:

‍Email: hello@control.dev
Address: Finata Oy, Kaivokatu 10 A 705, 00100 Helsinki, Finland

‍15. Supervisory Authority

‍If you believe we have not handled your personal data in accordance with applicable data protection laws, you have the right to lodge a complaint with your local data protection supervisory authority.

For Finland, this is:
‍Office of the Data Protection Ombudsman
Website: tietosuoja.fi