Fundstack takes the security of your data and our infrastructure very seriously. We are committed to providing an environment that is safe, secure, and available to all of our customers all the time.
This notice (the “Privacy Notice”) provides information about how Fundstack (“Fundstack”, “we”, “us”, “our”) gathers and uses personal information.
We are F Stack Ltd (company number 10719702), registered at 144a Clerkenwell Road, London EC1R 5DF.
“Client” means a customer of Fundstack.
“Client Data” means any data entered into the Service by Clients, were automatic or manual. This includes Person Data.
“Personal Data” means any information relating to an identified or identifiable natural person.
“Public Area” means the area of the website that can be accessed without needing to log in.
"Restricted Area” means the area of the Fundstack application that can be accessed only by Users, and where access requires logging in. This includes mobile and web applications.
“Site” means our site hosted at https://www.fundstack.com and all related web sites.
“Policy” means this document detailing how gather information through the Site and Service, how that data is used, to whom we may disclose that data, and the steps we take to protect it.
“User” means an employee or representative of a Client, who primarily uses the restricted areas of the Site for the purpose of accessing the Service.
“Visitor” means an individual who uses the public area, but has no access to the restricted areas of the Site or Service.
We collect different types of information from or through the Service.
The legal bases for Fundstack’s processing of personal data are that the processing is necessary for providing the Service in accordance with Fundstack’s Service Agreement with it’s clients and that the processing is carried out in Fundstack’s legitimate interests.
We collect several types of information:
When you use the Service, you may provide, and we may collect Personal Data.
Examples of Personal Data include name, email address, and geographic area.
You may provide us with Personal Data in various ways on the Service. For example, when you register for an Account, use the Service, submit Client Data, or send us customer service or sales requests.
A Client may store or upload into the Service Client Data. Fundstack has no direct relationship with the individuals whose Personal Data it collects and stores as part of Client Data.
Each Client is responsible for providing notice to its customers and third persons concerning the purpose for which Client collects their Personal Data and how this Personal Data is processed in or through the Service as part of Client Data.
When a User uses the Service, or a Visitor or User access the Fundstack website, we may automatically record certain information from the User’s or Visitor’s device by using various types of technology, including cookies. This may include information about the device and web browser used to access the Service, the IP address and the dates and times of the visit or use of the Service.
If we combine or associate information from Integrated Services with Personal Data that we collect through the Service, we will treat the combined information as Personal Data in accordance with this Policy.
We use the information that we collect in a variety of ways in providing the Service and operating our business, including the following:
We use the information – other than Client Data - to operate, maintain, enhance and provide all features of the Service, to provide the services and information that you request, to respond to comments and questions and to provide support to users of the Service.
We process Client Data solely in accordance with the directions provided by the applicable Client or User.
We use information we collect on the Service to understand and analyse the usage trends and preferences of our Visitors and Users. This helps us improve the Service and to develop new products, features and services. Should this analysis require Fundstack to process Client Data, then the data will only be used in anonymized or aggregated form.
We may use a Visitor’s or User’s email address to contact that Visitor or User (i) for administrative purposes such as customer service, responding to sales enquiries and billing or (ii) with updates on products and services offered by us. You can opt-out of receiving any promotional communications at any time.
We use automatically collected information through cookies to: (i) personalize our Service; (ii) monitor and analyse the effectiveness of Service; and (iv) monitor aggregate site usage metrics such as total number of visitors and time on pages.
Cookies are small files saved to the user's computers hard drive that track, save and store information about the user's interactions and usage of the website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors or use the cookie control system if available upon their first visit. Blocking cookies will not effect the users ability to visit this Public Areas of the Site but are necessary to use the Restricted Area of the Site.
Google may use the information collected through Google Analytics to evaluate Users' and Visitors’ activity on our Site. For more information, see Google Analytics Privacy and Data Sharing.
We use GoSquared to measure and evaluate usage of the Restricted Area of the Site. This analytics data is held against User identities to allow us to facilitate support requests. If you would like us to stop collecting such information contact us at email@example.com.
We work with multiple third party service providers who provide application hosting, databases, data processing and other services for us.
These third parties may have access to, or process Personal Data or Client Data as part of providing those services for us. We limit the information provided to these third parties to that which is reasonably necessary for them to perform their functions, and our contracts with them require them to maintain the confidentiality of such information.
These Third parties include, but are not limited to, Google Cloud Platform and IBM Compose.
If you wish to access or amend any other Personal Data we hold about you, or to request that we delete or transfer any information about you that we have obtained from an Integrated Service, you may contact us as set forth in the “How to Contact Us” section. At your request, we will have any reference to you deleted or blocked in our database.
You can update or delete your Account information and preferences at instantly and at any time by accessing your Account Settings page on the Service or by emailing firstname.lastname@example.org. Please note some information may by retain for a period of time in backups or analytics, or for the satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
You may decline to share certain Personal Data with us, in which case we may not be able to provide to you some of the features and functionality of the Service.
At any time, you may object to the processing of your Personal Data, on legitimate grounds, except if otherwise permitted by applicable law.
If you believe your right to privacy granted by applicable data protection laws has been infringed upon, please contact Fundstack’s Data Protection Officer at email@example.com. You also have a right to lodge a complaint with data protection authorities.
Fundstack has no direct relationship with the Client’s customers.
Any individual seeking to access, amend, delete or withdraw consent for the use of their Personal Data should directly contact the Client using the Service.
If the Client requests Fundstack to remove the data, we will respond to its request within thirty (30) days.
You may opt out of the collection of analytics information about your visit to the Site by Google Analytics by using the Google Analytics Opt-out feature.
ou have the right to ask us not to not send you marketing messages by post or e-mail or any combination of these at any time. This can be done by clicking the appropriate “Unsubscribe” link in any email you receive.
Users are able to view and modify settings relating to transactional communications that they receive from the Service by accessing the “Notifications” tab on the Service.
If you opt-out of receiving transactional or commercial email from us you may continue to receive administrative messages from us regarding the Service.
The Service contains features or links to web sites and services provided by third parties. Any information you provide on third-party web sites or services is provided directly to the operators of such services and is subject to those operators’ policies, even if accessed through the Service. We are not responsible for the content or privacy and security practices and policies of third-party sites or services to which links or access are provided through the Service.
We do not share any Personal Data with third-parties for the purposes of their direct marketing.
Our Service is not available to children under the age of 18. If you know of a person under the age of 18 using our product please contact firstname.lastname@example.org.
We use general accepted industry standards to protect the information submitted to us.
We use both technical and physical safeguards to protect Personal Data against accidental or unlawful destruction or loss, unauthorized disclosure or access and any other unlawful form of processing of the Personal Data in our possession. These safeguards include, firewalls, password protection and other access and authentication controls. SSL technology is used to encrypt data during transmission on the public internet.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data (as detailed above), we cannot guarantee the security of your data transmitted to our website or Service; any transmission is at your own risk.
If we learn of a security systems breach, we will inform you and the authorities of the occurrence of the breach in accordance with applicable law. If you lean of any security breach of the Service or Website please contact us immediately by emailing email@example.com.
We will only retain the Personal Data collected from a User for as long as it is necessary to fulfil the purposes for which we have initially collected it, unless otherwise required by law. We will retain and use information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements as follows. When determining the relevant retention periods, we will take into account factors including:
After information posted on the Service is removed, caching and archiving services may have saved that information, and other users or third parties may have copied or stored the information available on the Service.
We may transfer, process and store Personal Data we collect through the Services in centralized databases and with service providers located in the U.S and EU. These territories may not have the same data protection framework as the country from which you may be using the Services.
The Service is hosted in the United Kingdom and Belgium and we work with Third-party providers in the U.S.
Transfers to our third party service providers are to enable them to use and store your personal information on our behalf. We will, however, put in place appropriate security procedures in order to protect your personal information.
Fundstack does not own or control the use of any of the Client Data stored or processed by a Client through the Service.
Only the Client is entitled to access, retrieve and use any such Client Data. For the most part Fundstack is unaware of what actual Client Data is being stored on the Service.
Fundstack does not directly access Client Data except as authorized by the Client (for example as part of support requests), or as necessary to provide Services to the Client and to carry out critical security or maintenance work.
Fundstack should be considered as a processor on behalf of its Clients as to any Client Data containing Personal Data that is subject to the requirements of the European Union’s General Data Protection Regulation (“GDPR”).
The Client is the data controller under the GDPR for any Client Data containing Personal Data. This means that such party controls the manner and purpose such Personal Data is collected and used for.
You can contact us with any questions or comments about your Personal Data, this Policy or any other privacy related enquiries by emailing firstname.lastname@example.org.
Last update: May 24, 2018