Data Protection Policy

Last Updated: 13/01/2024 (Version 1.0.2)

At Fini Technologies, Inc. (“us”, “we”, or “our”), a Delaware corporation (hereinafter referred to as “Service”), we are committed to protecting the privacy of personal information and complying with data protection laws

Our Data Protection Policy governs your use of our products and APIs, and explains how we collect, safeguard and disclose information that results from your use of our Service. We use your data to provide and improve Service. By using Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Policy, the terms used in this Policy have the same meanings as in our Terms and Conditions.

Our Terms and Conditions (“Terms”) govern all use of our Service and together with the Policy constitutes your agreement with us (“agreement”).

1
Scope
"Data Privacy Scope" encompasses both personal and non-personal data. "Personal Data" is defined as any information relating to an identified or identifiable individual. This includes, but is not limited to, information that can be directly or indirectly linked to a person, such as telephone numbers, credit card details, identification numbers, account information, vehicle registration plates, physical appearance, customer identifiers, or addresses. "Non-Personal Data" refers to data that does not identify an individual and cannot be used to determine an individual's identity. This policy governs the processing of both personal and non-personal data collected by Fini, whether obtained directly or indirectly from the customers and users of Fini's services.
2
Principles for Processing Personal Data

At Fini, we incorporate the following principles of data protection in the way we collect and store personal and non-personal data. We ensure that the data we collect is:

1. processed lawfully, fairly, and in a transparent manner
2. collected for specific, explicit, legitimate and limited purposes
3. adequate, relevant, and limited to what is necessary
4. accurate and, where necessary, kept up to date
5. kept in an identifiable form for no longer than is necessary
6. processed in a manner that ensures appropriate security

3
Security of Data
We use appropriate technical and organizational measures to protect the  data that we collectand process. The measures we use are detailed in the Information security policy and are generally designed to provide a level of security appropriate to the risk of personal and non-personal data that we process.
4
Data subject rights
To adequately protect the personal data collected and processed by Fini, you must understand the rights that data subjects are entitled to.

Listed below are the data subject rights that we adhere to:

1) Right to be informed The right to know how personal data is used in clear and transparent language.
2) Right of access The right to know and have access to the personal data held about an individual.
3) Right to data portability The right to receive and transfer data in a common and machine-readable electronic format.
4) Right to be forgotten The right to have personal data erased.
5) Right to rectification The right to have data corrected where it is inaccurate or incomplete.
6)Right to object The right to complain and to object to processing.
7) Right to restriction of processing The right to limit the extent of the processing of personal data according to an individual’s wishes.
8) Rights related to automated decision-making and profiling The right not to be subject to decisions without human involvement.
9) Right to non discrimination The right to not be discriminated against for an individual exercising his/her rights
5
Staff Training
Fini ensures that its employees receive and attend the required data protection training, including thecontent and handling of this Policy, if they have constant or frequent access to personal data, areinvolved in the collection of data, or in the development of tools used to process personal data. Therequirements of Data Protection and Data Compliance must be observed. All Fini staff are required to acknowledge on an annual basis that they have attended the Data-Protection training and understand the Data Protection Policy.
6
Non-Compliance
Customers and individuals interacting with the Fini depend on us to protect the personal data they share with us. To uphold their trust in us, it is important to have appropriate penalties for any violations of our Data Protection Policy. Fini management will determine how serious an employee’s offense is and decide the appropriate penalty. Penalties may include a warning (oral/written) or suspension or termination for more serious offenses.
7
Security of Data
The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
8
Your Data Protection Rights Under General Data Protection Regulation (GDPR)
If you are a resident of the European Union (EU) and European Economic Area (EEA), you have certain data protection rights, covered by GDPR. – See more at https://eur-lex.europa.eu/eli/reg/2016/679/oj  

We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. 

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please email us at [email protected].  

In certain circumstances, you have the following data protection rights: 
a) the right to access, update or to delete the information we have on you; 
b) the right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete; 
c) the right to object. You have the right to object to our processing of your Personal Data; 
d) the right of restriction. You have the right to request that we restrict the processing of your personal information; 
e) the right to data portability. You have the right to be provided with a copy of your Personal Data in a structured, machine-readable and commonly used format; 
f) the right to withdraw consent. You also have the right to withdraw your consent at any time where we rely on your consent to process your personal information; 

Please note that we may ask you to verify your identity before responding to such requests. Please note, we may not able to provide Service without some necessary data. 

You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).
9
Your Data Protection Rights Under California Privacy Protection Act (CalOPPA)
CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States (and conceivable the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. – See more at: https://consumercal.org/about-cfc/cfc-education-foundation/california-online-privacy-protection-act-caloppa-3/ 

According to CalOPPA we agree to the following:

a) users can visit our site anonymously; 
b) our Privacy Policy link includes the word “Privacy”, and can easily be found on the page specified above on the home page of our website; 
c) users will be notified of any privacy policy changes on our Privacy Policy Page; 
d) users are able to change their personal information by emailing us at [email protected].

Our Policy on “Do Not Track” Signals: We honor Do Not Track signals and do not track, plant cookies, or use advertising when a Do Not Track browser mechanism is in place. Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.  You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.
10
Your Data Protection Rights under the California Consumer Privacy Act (CCPA)
If you are a California resident, you are entitled to learn what data we collect about you, ask to delete your data and not to sell (share) it. To exercise your data protection rights, you can make certain requests and ask us:

(a) What personal information we have about you.
If you make this request, we will return to you:
i) The categories of personal information we have collected about you. 
ii) The categories of sources from which we collect your personal information. 
iii) The business or commercial purpose for collecting or selling your personal information. 
iv) The categories of third parties with whom we share personal information. 
v) The specific pieces of personal information we have collected about you. 
vi) A list of categories of personal information that we have sold, along with the category of any other company we sold it to. If we have not sold your personal information, we will inform you of that fact. 
vii) A list of categories of personal information that we have disclosed for a business purpose, along with the category of any other company we shared it with.

Please note, you are entitled to ask us to provide you with this information up to two times in a rolling twelve-month period. When you make this request, the information provided may be limited to the personal information we collected about you in the previous 12 months.

(b) To delete your personal information.
If you make this request, we will delete the personal information we hold about you as of the date of your request from our records and direct any service providers to do the same. In some cases, deletion may be accomplished through de-identification of the information. If you choose to delete your personal information, you may not be able to use certain functions that require your personal information to operate. 

(c) To stop selling your personal information.
We don't sell or rent your personal information to any third parties for any purpose. You are the only owner of your Personal Data and can request disclosure or deletion at any time. Please note, if you ask us to delete or stop selling your data, it may impact your experience with us, and you may not be able to participate in certain programs or membership services which require the usage of your personal information to function. But in no circumstances, we will discriminate against you for exercising your rights. To exercise your California data protection rights described above, please send your request(s) by one of the following means: By email: [email protected] 

Your data protection rights, described above, are covered by the CCPA, short for the California Consumer Privacy Act. To find out more, visit the official California Legislative Information website. The CCPA took effect on 01/01/2020. 
11
Questions
If you have any questions regarding this policy, please reach out to [email protected]
12
Changes to This Data Protection Policy
We may update our Data Protection Policy from time to time. We will notify you of any changes by posting the new Data Protection Policy on this page. We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update “effective date” at the top of this  Policy. You are advised to review this Data Protection Policy periodically for any changes. Changes to this Policy are effective when they are posted on this page.
13
Contact Us
If you have any questions about this Policy, please contact us: By email: [email protected].