1. Introduction

FinCollabs ("Company," "we," "us," or "our") operates an online marketplace platform at https://fincollabs.com that connects Clients with verified financial professionals.

This Privacy Policy applies to all information collected through our Platform (website and any related services, mobile applications, or tools) and any other forms, events, or channels where you interact with us.

We comply with applicable data protection laws, including the General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA) and the United Kingdom, the California Consumer Privacy Act (CCPA) for California residents, and other applicable privacy laws worldwide.

2. Information We Collect

2.1 Information You Provide Directly

• Account information: Full name, email address, password (hashed), profile photo
• Profile details: Professional bio, credentials, certifications, licenses, specialties, years of experience, hourly rates
• Payment information: Processed and stored securely by Stripe. We do not store full card numbers. We receive billing address and last 4 digits only.
• Communications: Messages exchanged with other users, Q&A posts, blog articles, reviews, and support inquiries
• Identity verification: Government-issued ID or professional license documents submitted for verification (Professionals only)
• Marketing preferences: Email subscription preferences and newsletter sign-up information

2.2 Information Collected Automatically

• Log data: IP address, browser type and version, operating system, referring URLs, pages visited, time and date of visits
• Device information: Device type, unique device identifiers, mobile network information
• Usage data: Features used, search queries, booking history, click patterns, session duration
• Cookies and tracking: See our Cookie Policy for details

2.3 Information from Third Parties

• Authentication providers: If you sign in via Google or LinkedIn, we receive your name, email, and profile picture from those services
• Payment processors: Stripe provides transaction status and payment method details
• Verification services: Professional credential verification from regulatory databases

3. How We Use Your Information

We use your information for the following purposes:

3.1 Providing the Platform

• Creating and managing your account
• Facilitating bookings and consultations between Clients and Professionals
• Processing payments and managing transactions
• Enabling messaging and communications on the Platform
• Verifying professional credentials
• Displaying reviews and ratings

3.2 Improving Our Services

• Analyzing usage patterns to improve Platform features
• Conducting research and analytics
• Personalizing your experience and search results
• Detecting and preventing fraud and abuse

3.3 Communications

• Sending transactional emails (booking confirmations, receipts, reminders)
• Sending service announcements and updates
• Sending marketing communications (with your consent where required)
• Responding to your inquiries and support requests

3.4 Legal Compliance

• Complying with applicable laws, regulations, and legal processes
• Enforcing our Terms of Service
• Maintaining financial records as required by law
• Responding to lawful requests from law enforcement or regulatory authorities

4. Legal Basis for Processing (GDPR)

For users in the EEA or UK, we process your personal data on the following legal bases:

5. Information Sharing & Disclosure

We do not sell your personal information. We may share your information with:

5.1 With Other Users

• Your public profile information (name, photo, bio, credentials, reviews) is visible to all users
• When you book a consultation, your name and contact details are shared with the booked Professional
• Reviews you write are publicly attributed to your display name

5.2 With Service Providers

We share data with trusted third-party vendors who help us operate the Platform:

• Stripe — payment processing
• Clerk — authentication and user identity management
• SendGrid — transactional and marketing email delivery
• Cloudinary — image and media storage
• Vercel — cloud hosting and infrastructure
• MongoDB Atlas — database hosting

All service providers are bound by data processing agreements and are prohibited from using your data for any purpose other than providing services to FinCollabs.

5.3 For Legal Reasons

We may disclose your information if required to do so by law, or if we believe in good faith that disclosure is necessary to: comply with a legal obligation; protect the rights, property, or safety of FinCollabs, our users, or the public; or detect, prevent, or address fraud or security issues.

5.4 Business Transfers

If FinCollabs is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your personal information becomes subject to a different privacy policy.

6. Cookies & Tracking Technologies

We use cookies and similar tracking technologies to operate the Platform, remember your preferences, and understand how you use our services.

For detailed information about the cookies we use, your choices, and how to manage them, please read our Cookie Policy.

7. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Industry-standard encryption (TLS/SSL) for data in transit
• Encryption of sensitive data at rest
• Strict access controls and authentication requirements for employees
• Regular security assessments and monitoring
• PCI DSS-compliant payment processing via Stripe
• Secure password hashing

However, no method of data transmission or storage is 100% secure. We cannot guarantee absolute security of your information. If you suspect a security breach affecting your account, please contact us immediately at security@fincollabs.com.

In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and, where required, the relevant supervisory authority, within 72 hours of becoming aware of the breach.

8. Data Retention

We retain your personal information for as long as necessary to provide the services and fulfil the purposes outlined in this policy:

• Account data: Retained for the duration of your account plus 2 years after deletion
• Transaction & financial records: Retained for 7 years as required by applicable financial regulations
• Communications (messages): Retained for 3 years from the date of the conversation
• Content (reviews, Q&A, articles): May be retained in anonymized form after account deletion to maintain Platform integrity
• Marketing data: Retained until you withdraw consent or request deletion
• Log data: Retained for up to 12 months for security and fraud prevention

When data is no longer needed, we securely delete or anonymize it. You may request deletion of your account and personal data at any time (see Your Rights below).

9. Your Rights & Choices

Regardless of your location, you have the following rights:

• Access: Request a copy of the personal information we hold about you
• Correction: Update or correct inaccurate information in your account settings or by contacting us
• Deletion: Request deletion of your personal data (subject to legal retention obligations)
• Opt-out of marketing: Unsubscribe from marketing emails at any time via the unsubscribe link or your account settings
• Data portability: Request your data in a machine-readable format
• Withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting prior processing

To exercise any of these rights, contact us at privacy@fincollabs.com. We will respond within 30 days (or sooner as required by applicable law).

10. GDPR Rights (EU/UK Users)

If you are located in the European Economic Area (EEA) or the United Kingdom, you have additional rights under the GDPR / UK GDPR:

• Right to access — Obtain confirmation of whether we process your data and receive a copy
• Right to rectification — Correct inaccurate or incomplete data
• Right to erasure ("right to be forgotten") — Request deletion in certain circumstances
• Right to restrict processing — Request that we limit how we use your data in certain situations
• Right to data portability — Receive your data in a structured, machine-readable format
• Right to object — Object to processing based on legitimate interests or for direct marketing
• Rights related to automated decision-making — Not be subject to solely automated decisions with significant effects

Data Controller: FinCollabs is the data controller for personal data processed through the Platform.

Data Protection Officer (DPO): dpo@fincollabs.com

Supervisory Authority: You have the right to lodge a complaint with your local data protection supervisory authority. For EU residents, a list of supervisory authorities is available at edpb.europa.eu.

11. CCPA Rights (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) provide you with the following rights:

• Right to know — Know what personal information we collect, use, disclose, and sell
• Right to delete — Request deletion of personal information we have collected
• Right to correct — Request correction of inaccurate personal information
• Right to opt out — Opt out of the sale or sharing of personal information
• Right to limit use of sensitive personal information
• Right to non-discrimination — Not be discriminated against for exercising your CCPA rights

To submit a verifiable California privacy request, contact us at privacy@fincollabs.com. We will verify your identity before processing requests.

12. International Data Transfers

FinCollabs operates globally. Your personal information may be transferred to and processed in countries other than your own, including the United States, where our servers and service providers are located.

If you are in the EEA or UK, these transfers may be to countries not recognized as providing an adequate level of data protection. In such cases, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions by the European Commission
• Binding Corporate Rules or other legally approved transfer mechanisms

You may request information about the safeguards we use for international transfers by contacting us at privacy@fincollabs.com.

13. Children's Privacy

The Platform is not directed to individuals under the age of 18. We do not knowingly collect, use, or disclose personal information from children under 18 years of age.

If we become aware that we have inadvertently collected personal information from a child under 18, we will promptly delete it. If you believe we have collected such information, please contact us at privacy@fincollabs.com.

14. Third-Party Links & Services

The Platform may contain links to third-party websites, plugins, or services. Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices.

We encourage you to review the privacy policies of any third-party sites you visit.

15. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this page
• Send an email notification to registered users
• Display a prominent notice on the Platform

We encourage you to review this policy periodically. Your continued use of the Platform after changes become effective constitutes your acceptance of the revised Privacy Policy.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal data, please contact us:

See also: Terms of Service · Cookie Policy · Contact Us