Privacy Policy

Learn how FinnaCloud collects, uses, and protects your personal data in accordance with UK and EU data protection laws.

Introduction

This Privacy Policy describes how TheFinnaCompany Ltd (trading as "FinnaCloud") processes personal data in connection with our websites, products, and services. It is designed to comply with the UK GDPR, the Data Protection Act 2018, and, where applicable, the EU GDPR.

  • Controller: TheFinnaCompany Ltd, 13 Freeland Park, Wareham Road, Poole, Dorset, BH16 6FA, United Kingdom.
  • Contact: [email protected] • +44 (0) 20 3951 2677
  • Supervisory Authority (UK): Information Commissioner's Office (ICO) – ico.org.uk

Personal Data We Process

Personal Information

  • Identification and contact details (e.g., name, email, phone)
  • Account and billing information (e.g., company, invoices, payment metadata)
  • Support communications and ticketing data
  • Marketing preferences and consent records

Technical Information

  • IP address, user‑agent, device attributes, and approximate location
  • Authentication events and access logs
  • Telemetry and usage analytics (aggregated where possible)
  • Service performance metrics and error logs

Purposes and Lawful Bases

We process personal data for the purposes and lawful bases below (UK GDPR Art. 6):

  • Service delivery (contract) – create/manage accounts, provide support, operate services.
  • Billing & compliance (legal obligation/contract) – invoicing, tax, fraud prevention, record‑keeping.
  • Security & abuse prevention (legitimate interests/legal obligation) – access logs, incident response, threat detection.
  • Product improvement (legitimate interests/consent where required) – analytics and telemetry.
  • Marketing communications (consent/legitimate interests) – only with appropriate opt‑in and easy opt‑out.

Data Sources

We collect data directly from you, through your use of our services, and from third‑party providers such as payment processors, analytics vendors, and fraud prevention services.

Sharing and International Transfers

We share data with vetted processors (sub‑processors) to help deliver our services. International transfers outside the UK/EU are protected by appropriate safeguards, such as the UK International Data Transfer Addendum (IDTA) and/or EU Standard Contractual Clauses (SCCs), plus supplementary measures where needed.

  • Examples: cloud hosting, email delivery, support and ticketing, payment processing.
  • We maintain a list of core sub‑processors on request; contractual DPAs are in place.

Retention

We retain personal data only as long as necessary for the purposes set out above, including to comply with legal, accounting, or reporting requirements. Typical retention periods: account records (up to 7 years for tax/legal), support tickets (up to 3 years), security logs (90–365 days). We anonymize or delete data when no longer required.

Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

Security Measures Include:

  • Encryption of data in transit and at rest
  • Regular security assessments
  • Access controls and authentication
  • Physical security measures
  • Employee training on data protection

Your Rights (UK/EU)

Subject to conditions under UK/EU law, you may have the right to:

  • Access your personal data (Art. 15)
  • Rectify inaccurate data (Art. 16)
  • Erase data where applicable (Art. 17)
  • Restrict processing (Art. 18)
  • Data portability (Art. 20)
  • Object to processing, including direct marketing (Art. 21)
  • Withdraw consent at any time, where processing is based on consent
  • Lodge a complaint with the ICO or your local EU authority

To exercise any rights, contact us at [email protected]. We may need to verify your identity and will respond within one month where applicable.

Cookies and Similar Technologies

We use cookies and similar technologies for essential functionality, analytics, and, where permitted, personalization. Where required, we obtain consent via our cookie banner. You can manage preferences via your browser or our cookie settings.

Contact & Data Protection

  • Email: [email protected]
  • Phone: +44 (0) 20 3951 2677
  • Address: TheFinnaCompany Ltd, 13 Freeland Park, Wareham Road, Poole, Dorset, BH16 6FA, United Kingdom
  • Supervisory Authority (UK): ICO – ico.org.uk

We may update this policy from time to time to reflect changes in law or our practices. Material changes will be communicated appropriately.

Effective: 5 November 2025
Last Reviewed: 5 November 2025
Last Updated: 5 November 2025

FinnaCloud
TheFinnaCompany Ltd is registered in England and Wales.
Company Number:13957249
GB VAT Number:438175773
TR VAT Number:8430853047
Report Abuse
FinnaCloud is a brand of TheFinnaCompany Ltd. © 2022-2025 TheFinnaCompany Ltd
Regulatory Compliance

Our Socials

All content on this website is protected under the FinnaCloud Proprietary Software License Agreement. You are authorized to access and view the content provided. For full details, please see the License Agreement.