PRIVACY POLICY
Last Updated: 28 March 2026
1. Overview
This Privacy Policy explains how Circular Vector Ltd ("we", "us", "our") collects, uses, and protects your personal data when you use FinanceMOT (the "Service").
FinanceMOT is a business-focused financial analysis platform designed for companies and professionals.
If you have any questions, contact us at: contact@financemot.com
2. Data Roles & Scope
2.1 Personal Data: While financial data typically relates to businesses, it may in some cases (e.g., Sole Traders or identifiable Directors) constitute personal data. We treat all such data with GDPR-level security.
2.2 Data Controller and Processor Roles
- For account creation, billing, support, and service analytics, we act as a data controller.
- For financial records you upload (e.g. Trial Balances, P&L, Balance Sheets), we act as a data processor on your behalf, except where we independently analyse or derive insights, in which case we may act as a data controller. For analytics improvement, we may act as an independent Controller of anonymized data.
- You are responsible for ensuring you have a lawful basis to upload and use any data within the Service.
3. Data We Collect
We may collect the following categories of data:
3.1 Account Data
- Name (if provided)
- Email address
- Authentication data (including Google login or Supabase authentication)
3.2 Financial Data
- Financial data you input or upload (e.g. revenue, expenses, balance sheets, trial balances)
3.3 Usage Data
- IP address
- Device and browser information
- Interaction data (pages visited, features used)
3.4 Payment Data
- Payment information is processed by Stripe.
- We do not store full card details.
3.5 Communications
- Information you provide when contacting support or interacting with us
4. How We Use Your Data
We use your data to:
- Provide and operate the Service
- Generate financial analysis, KPIs, and AI-driven insights
- Manage subscriptions and process payments
- Send transactional communications (e.g. account notifications, billing updates)
- Provide customer support
- Monitor, secure, and improve the Service
- Develop anonymised and aggregated datasets for product improvement and benchmarking
5. Legal Basis for Processing
Where applicable under UK/EU GDPR, we rely on:
- Contract – to provide the Service to you
- Legitimate interests – to improve, secure, and operate the Service (we have assessed that these do not override your rights)
- Legal obligations – including tax and regulatory requirements
6. Sub-Processors & Third-Party Services
We use third-party providers to operate the Service, including:
- Supabase – database, authentication, and hosting
- Stripe – payment processing
- Google – authentication and analytics
- Email delivery providers (e.g. Resend)
- AI providers (e.g. OpenAI, Anthropic, Google)
These providers process data on our behalf under contractual obligations, including data processing agreements where required.
We may update our sub-processors from time to time. A current list is available upon request.
7. AI Processing
We use third-party AI providers to generate insights and analytics.
We use enterprise-grade API services which are contractually restricted from using your submitted data for model training, where applicable.
AI-generated outputs may involve processing of your uploaded financial data.
8. International Data Transfers
Your data may be processed outside the United Kingdom and European Economic Area, including in the United States.
Where this occurs, we rely on appropriate safeguards, including:
- The UK-US Data Privacy Framework (where applicable)
- The UK International Data Transfer Addendum to Standard Contractual Clauses
9. Data Retention
We retain data as follows:
- Account data – for the duration of your account
- Financial data – typically deleted within 30 days of account deletion
- Billing data – retained for up to 6 years to comply with UK legal obligations
10. Data Security
We implement appropriate technical and organisational measures to protect personal data, including encryption in transit and at rest where appropriate, access controls, and periodic security reviews.
However, no system is completely secure and we cannot guarantee absolute security.
11. Your Rights
Under applicable data protection laws, you may have the right to:
- Access your personal data
- Correct inaccurate data
- Request deletion of your data
- Object to or restrict processing
- Request data portability
To exercise your rights, contact: contact@financemot.com
You also have the right to lodge a complaint with the Information Commissioner's Office.
12. Cookies
We use cookies and similar technologies to operate the Service and analyse usage.
Non-essential cookies (such as analytics) are used only with your consent where required by law.
You can manage cookie preferences via your browser or our cookie banner.
13. Data Responsibility
You are responsible for ensuring that you have the legal right to upload any data to the Service.
14. Service Limitations
We do not guarantee that the Service will be error-free, secure, or continuously available.
You are responsible for maintaining your own backups of any data submitted to the Service.
15. Changes to This Policy
We may update this Privacy Policy from time to time.
Where changes are material, we will notify you via email or through the Service.
Continued use of the Service after changes take effect constitutes acceptance of the updated policy.
16. Contact
Circular Vector Ltd
Unit C Piccadilly Business Centre
Aldow Enterprise Park
Manchester M12 6AE
United Kingdom
Email: contact@financemot.com
