Legal Last updated April 16, 2026

Privacy Notice

How FA Finance collects, uses, shares and protects personal data, and the rights you have under the GDPR.

This notice explains how FA Finance ("we", "us") collects and processes personal data when you visit https://fafinance.net, evaluate the product, or use the FA Finance platform. It is written to meet the requirements of the EU General Data Protection Regulation (GDPR) and the Danish Data Protection Act (databeskyttelsesloven).

1. Data controller

The data controller for this website and the FA Finance platform is FA Finance. For privacy questions or to exercise any of the rights listed below, contact privacy@fafinance.net.

2. What data we collect

a) Data you give us directly

  • Account data: name, work email, company name, role, and authentication credentials (password hash, or identifiers from SSO providers).
  • Billing data: company billing address, VAT / CVR number, and invoices. Card details are handled by our payment processor and never stored on our servers.
  • Content you submit: documents, invoices, messages, and configuration you upload or connect to the platform so our agents can work on them.
  • Support data: emails, chat messages and any attachments you send to us.

b) Data collected automatically

  • Usage data: pages viewed, features used, approximate location (derived from IP), browser and device type.
  • Log data: IP address, timestamps, error traces, and security-relevant events (e.g. failed logins).
  • Cookies and similar technologies: strictly necessary cookies for authentication and security. We do not run third-party advertising trackers. Any analytics is first-party and aggregated.

c) Data from integrations

When you connect a system such as Microsoft Dynamics 365 Business Central, Uniconta, e-conomic or Dinero, we process the data you authorise that integration to share with us — typically invoices, ledger entries, contacts, bank transactions and related metadata. We only access data you explicitly connect, and only to the extent needed to operate the agents you have activated.

3. Why we process your data (legal bases)

PurposeLegal basis (GDPR Art. 6)
Providing and operating the service you or your employer signed up forContract (Art. 6(1)(b))
Billing, accounting and tax complianceLegal obligation (Art. 6(1)(c))
Securing the service, preventing fraud and abuseLegitimate interests (Art. 6(1)(f))
Improving the product, analytics on aggregated usageLegitimate interests (Art. 6(1)(f))
Marketing emails to existing customers about similar servicesLegitimate interests (Art. 6(1)(f)), with opt-out
Marketing emails to new prospects, non-essential cookiesConsent (Art. 6(1)(a))

4. AI / agent processing

Our agents use large language models and related AI systems to process the documents and data you connect. We do not use your business data to train third-party foundation models, and our AI provider contracts prohibit such training on customer data. Agent actions are logged and auditable.

5. Who we share data with

We share personal data only with subprocessors that are necessary to run the service, and only under written data processing agreements that meet GDPR Article 28. Typical categories:

  • Cloud infrastructure and databases — hosting and storing application data (primarily in the EU).
  • Authentication providers — verifying user identity.
  • AI / model providers — executing agent reasoning on the content you submit.
  • Payment and invoicing providers — processing payments and issuing invoices.
  • Email, support and analytics tools — operating customer communications.

A current list of subprocessors is available on request from privacy@fafinance.net.

6. International transfers

We aim to keep personal data within the EU/EEA. Where a subprocessor is located outside the EU/EEA (for example, a US-based AI provider), we rely on the European Commission's Standard Contractual Clauses and, where applicable, the EU-US Data Privacy Framework, together with supplementary safeguards such as encryption in transit and at rest.

7. How long we keep data

  • Account data: for as long as the account is active, plus up to 90 days after closure.
  • Content and integration data: as configured by your organisation; deleted on termination unless retention is required by law.
  • Invoices and accounting records: 5 years, as required by the Danish Bookkeeping Act (bogføringsloven).
  • Security logs: up to 12 months.
  • Support conversations: up to 24 months after the last message.

8. Your rights

Under the GDPR, you can:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion ("right to be forgotten") where applicable.
  • Request restriction of processing.
  • Object to processing based on legitimate interests or for direct marketing.
  • Request data portability in a common, machine-readable format.
  • Withdraw consent at any time, without affecting the lawfulness of processing before the withdrawal.

To exercise any of these rights, email privacy@fafinance.net. We respond within 30 days.

9. Complaints

You have the right to lodge a complaint with a supervisory authority. In Denmark this is the Danish Data Protection Agency (Datatilsynet), datatilsynet.dk. Residents of other EU/EEA countries can contact their local authority.

10. Changes to this notice

We may update this notice from time to time. Material changes will be announced in the product and, where appropriate, by email. The "Last updated" date at the top of this page always reflects the current version.