Privacy Policy

This policy covers personal data processed through the Datafin website, account flows, in-app forms, support channels and subscription operations. By using the platform, you acknowledge this data processing notice.

Datafin acts as the data controller for personal data within this scope. For privacy requests, security concerns and rights-related applications, please use the contact channels available on /communication.

Account data: full name, email, username, verification records and session metadata. Technical data: IP, device/browser details, request timing, error logs and security/rate-limit telemetry.

Usage data: visited pages, locale preferences, query counts, interaction events and support messages. Raw card details are not stored by Datafin and are processed by the payment provider.

Data is processed to create and manage accounts, authenticate users, run subscriptions, detect abuse/fraud, improve product quality, fulfill legal obligations and respond to support requests.

Processing is based on contractual necessity, legitimate interests, consent where required, and legal compliance obligations. You can withdraw consent for optional processing activities.

Paid subscriptions are handled through third-party checkout infrastructure. Sensitive card details (such as card number and CVV) are not processed or retained on Datafin application servers.

Datafin may store limited order/subscription metadata such as plan type, billing cycle, invoice status and renewal/cancellation events for accounting, dispute handling and service continuity.

Datafin may use necessary, analytics and marketing cookies together with similar tracking technologies. Detailed category definitions and controls are available on /legal/cookies.

You can update preferences via the cookie banner and manage browser-level settings to delete/block cookies. Disabling necessary cookies can impact core account and security functionality.

We do not sell personal data. Data is shared only as needed with infrastructure, authentication, email, payment, analytics and security vendors required to operate the service.

Vendor contracts include privacy and security obligations. Where required by law, we may disclose limited data to competent public authorities in line with applicable legal processes.

Some technology providers may host infrastructure in multiple jurisdictions. As a result, data may be transferred internationally or accessed from outside your country.

Transfers are protected through contractual safeguards, technical controls, access restrictions and data minimization practices where applicable.

Data is retained according to processing purpose, contractual requirements, security needs, statutory retention obligations and dispute resolution timelines.

After retention periods expire, data is deleted, anonymized or access-restricted. Certain records may be preserved longer where legally required for fraud prevention, accounting or legal defense.

Datafin applies technical and organizational safeguards including access control, transport security, logging, abuse monitoring, rate limiting, patch management and backup controls.

No system can guarantee absolute security. In case of a suspected incident, containment, investigation, remediation and required notifications are performed within legal and operational limits.

Subject to applicable law, you may have rights to access, rectify, erase, restrict processing, object, port data and withdraw consent. Identity verification may be required before fulfilling requests.

You can submit privacy requests through /communication. Depending on the request, we may ask for additional details and respond within legally required timelines.

Our services are not designed for children. We do not knowingly collect personal data from users below the minimum legal age applicable in their jurisdiction.

If such processing is identified, we will take reasonable steps to delete the relevant data and may restrict or close the associated account where appropriate.

This policy may be updated due to regulatory changes, security requirements or product changes. The latest version is always published on this page with a revised update date.

For material updates, we may provide notice via in-product messaging, account notices or email where appropriate.