← Back to Fiiuno

Privacy Policy

Last updated: June 3, 2026 · Effective: June 3, 2026

1. Introduction

Fiiuno ("we", "us", "our") is operated by an individual proprietorship based in Jaipur, Rajasthan, India — 302001. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our website at fiiuno.com and our application platform.

This policy is compliant with the Digital Personal Data Protection Act, 2023 (DPDP Act), the Information Technology Act, 2000, and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

By using Fiiuno, you consent to the collection and use of your data as described in this policy. If you do not agree, please discontinue use of our services.

2. Data We Collect

Information you provide directly:

  • Name and email address (on registration)
  • Financial inputs entered into calculators (income, expenses, SIP amounts, loan details)
  • Insurance policy details uploaded for IRR analysis
  • Profile preferences and settings

Information collected automatically:

  • IP address and approximate location (city/state level)
  • Browser type, device type, operating system
  • Pages visited, time spent, features used
  • Referral source (how you found us)
  • Cookie identifiers (see our Cookie Policy)

Sensitive Personal Data (as defined under IT Rules 2011): Financial information entered into our calculators is treated as Sensitive Personal Data and is subject to additional protections.

3. How We Use Your Data

We use your data for the following purposes:

  • To provide, operate, and improve our financial tools and AI recommendations
  • To calculate your Financial Health Score and generate personalized insights
  • To send you account-related communications and product updates (with your consent)
  • To analyze usage patterns and improve platform performance
  • To detect and prevent fraud, abuse, and security incidents
  • To comply with legal obligations under Indian law

We do not sell your personal data to third parties. We do not use your data for automated decision-making that has legal or similarly significant effects without your explicit consent.

4. Legal Basis for Processing

Under the DPDP Act 2023, we process your data on the following lawful bases:

  • Consent: For analytics cookies, marketing communications, and non-essential data processing
  • Contractual necessity: To provide the services you signed up for
  • Legitimate interests: For security monitoring and fraud prevention
  • Legal obligation: Where required by Indian law

5. Data Sharing & Third Parties

We share your data only with the following categories of trusted service providers, strictly for operational purposes:

  • Vercel Inc. — Website hosting and deployment (USA, GDPR-compliant)
  • Supabase Inc. — Database and authentication infrastructure — stores all user personal and financial data (USA, SOC2-compliant)
  • Brevo (Sendinblue) — Email delivery service — processes user email addresses for transactional emails (France, GDPR-compliant)
  • Google LLC — Analytics (GA4), if you consent to analytics cookies
  • Anthropic / OpenAI — AI processing for financial recommendations (anonymized inputs only)

All third-party processors are contractually bound to protect your data and may not use it for their own purposes. Where data is transferred outside India (e.g. to Google LLC or Anthropic in the United States), such transfers are made under Standard Contractual Clauses or equivalent safeguards as permitted under the DPDP Act 2023 and applicable data protection frameworks.

We may disclose your data if required by law, court order, or government authority under Indian jurisdiction.

6. Data Retention

We retain your personal data only as long as necessary:

  • Account data: Until you delete your account + 30 days
  • Financial calculator inputs: Session-based; not stored on our servers unless you save them
  • Analytics data: 26 months (Google Analytics default)
  • Support communications: 2 years
  • Legal/compliance records: 7 years as required under Indian law

7. Your Rights under DPDP Act 2023

As a Data Principal under the DPDP Act, you have the following rights:

  • Right to Access: Know what personal data we hold about you
  • Right to Correction: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Withdraw Consent: Withdraw consent at any time without affecting prior processing
  • Right to Grievance Redressal: Lodge a complaint with our Grievance Officer
  • Right to Nominate: Nominate another person to exercise rights on your behalf in case of death or incapacity

To exercise any of these rights, email us at support@fiiuno.in. We will respond within 72 hours of receiving your request.

8. Data Security

We implement the following security measures as required under IT Rules 2011:

  • HTTPS encryption for all data in transit
  • Secure authentication with hashed passwords
  • Access controls limiting who can view personal data
  • Regular security reviews and vulnerability assessments

In the event of a data breach that is likely to result in harm to you, we will notify you within 72 hours of becoming aware of the breach, as required under the DPDP Act.

9. Cookies

We use cookies as described in our Cookie Consent banner. You can manage your cookie preferences at any time by clicking the cookie settings option in our website footer or banner. For full details, see our cookie categories: Necessary, Functional, Analytics, and Marketing.

10. Children's Privacy

Fiiuno is not directed at children under the age of 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected data from a minor, please contact us immediately and we will delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by displaying a prominent notice on our website. The "Last updated" date at the top of this page indicates when the policy was last revised. Continued use of our services after changes constitutes acceptance of the updated policy.

12. Governing Law & Jurisdiction

This Privacy Policy is governed by the laws of India. Any disputes arising under this policy shall be subject to the exclusive jurisdiction of the courts in Rajasthan, India.

13. Contact & Grievance Officer

For privacy-related queries, data requests, or complaints:

Grievance Officer: Fiiuno Support Team

Platform: Fiiuno

Location: Rajasthan, India

Email: support@fiiuno.in

Response time: Within 72 hours