financeMOT

    PRIVACY POLICY

    Last Updated: 28 March 2026

    1. Overview

    This Privacy Policy explains how Circular Vector Ltd ("we", "us", "our") collects, uses, and protects your personal data when you use FinanceMOT (the "Service").

    FinanceMOT is a business-focused financial analysis platform designed for companies and professionals.

    If you have any questions, contact us at: contact@financemot.com


    2. Data Roles & Scope

    2.1 Personal Data: While financial data typically relates to businesses, it may in some cases (e.g., Sole Traders or identifiable Directors) constitute personal data. We treat all such data with GDPR-level security.

    2.2 Data Controller and Processor Roles

    • For account creation, billing, support, and service analytics, we act as a data controller.
    • For financial records you upload (e.g. Trial Balances, P&L, Balance Sheets), we act as a data processor on your behalf, except where we independently analyse or derive insights, in which case we may act as a data controller. For analytics improvement, we may act as an independent Controller of anonymized data.
    • You are responsible for ensuring you have a lawful basis to upload and use any data within the Service.

    3. Data We Collect

    We may collect the following categories of data:

    3.1 Account Data

    • Name (if provided)
    • Email address
    • Authentication data (including Google login or Supabase authentication)

    3.2 Financial Data

    • Financial data you input or upload (e.g. revenue, expenses, balance sheets, trial balances)

    3.3 Usage Data

    • IP address
    • Device and browser information
    • Interaction data (pages visited, features used)

    3.4 Payment Data

    • Payment information is processed by Stripe.
    • We do not store full card details.

    3.5 Communications

    • Information you provide when contacting support or interacting with us

    4. How We Use Your Data

    We use your data to:

    • Provide and operate the Service
    • Generate financial analysis, KPIs, and AI-driven insights
    • Manage subscriptions and process payments
    • Send transactional communications (e.g. account notifications, billing updates)
    • Provide customer support
    • Monitor, secure, and improve the Service
    • Develop anonymised and aggregated datasets for product improvement and benchmarking

    5. Legal Basis for Processing

    Where applicable under UK/EU GDPR, we rely on:

    • Contract – to provide the Service to you
    • Legitimate interests – to improve, secure, and operate the Service (we have assessed that these do not override your rights)
    • Legal obligations – including tax and regulatory requirements

    6. Sub-Processors & Third-Party Services

    We use third-party providers to operate the Service, including:

    • Supabase – database, authentication, and hosting
    • Stripe – payment processing
    • Google – authentication and analytics
    • Email delivery providers (e.g. Resend)
    • AI providers (e.g. OpenAI, Anthropic, Google)

    These providers process data on our behalf under contractual obligations, including data processing agreements where required.

    We may update our sub-processors from time to time. A current list is available upon request.


    7. AI Processing

    We use third-party AI providers to generate insights and analytics.

    We use enterprise-grade API services which are contractually restricted from using your submitted data for model training, where applicable.

    AI-generated outputs may involve processing of your uploaded financial data.


    8. International Data Transfers

    Your data may be processed outside the United Kingdom and European Economic Area, including in the United States.

    Where this occurs, we rely on appropriate safeguards, including:

    • The UK-US Data Privacy Framework (where applicable)
    • The UK International Data Transfer Addendum to Standard Contractual Clauses

    9. Data Retention

    We retain data as follows:

    • Account data – for the duration of your account
    • Financial data – typically deleted within 30 days of account deletion
    • Billing data – retained for up to 6 years to comply with UK legal obligations

    10. Data Security

    We implement appropriate technical and organisational measures to protect personal data, including encryption in transit and at rest where appropriate, access controls, and periodic security reviews.

    However, no system is completely secure and we cannot guarantee absolute security.


    11. Your Rights

    Under applicable data protection laws, you may have the right to:

    • Access your personal data
    • Correct inaccurate data
    • Request deletion of your data
    • Object to or restrict processing
    • Request data portability

    To exercise your rights, contact: contact@financemot.com

    You also have the right to lodge a complaint with the Information Commissioner's Office.


    12. Cookies

    We use cookies and similar technologies to operate the Service and analyse usage.

    Non-essential cookies (such as analytics) are used only with your consent where required by law.

    You can manage cookie preferences via your browser or our cookie banner.


    13. Data Responsibility

    You are responsible for ensuring that you have the legal right to upload any data to the Service.


    14. Service Limitations

    We do not guarantee that the Service will be error-free, secure, or continuously available.

    You are responsible for maintaining your own backups of any data submitted to the Service.


    15. Changes to This Policy

    We may update this Privacy Policy from time to time.

    Where changes are material, we will notify you via email or through the Service.

    Continued use of the Service after changes take effect constitutes acceptance of the updated policy.


    16. Contact

    Circular Vector Ltd
    Unit C Piccadilly Business Centre
    Aldow Enterprise Park
    Manchester M12 6AE
    United Kingdom

    Email: contact@financemot.com