Contact
Contact us

Privacy policy

Last updated: February 10, 2026

Fimento AB (“Fimento”) is a Swedish technology company that takes your privacy seriously. This Privacy Policy explains how we handle personal data in our product offerings, why we do it, and what rights you have. We believe transparency builds trust – so here’s exactly how we handle your data, in plain language.

Our Different Roles

We have different roles depending on how we process your data:

When we act as a data processor (most common)

In the vast majority of cases, we process personal data on behalf of our customers – for example, banks or other companies. In these cases, our customer is the data controller and determines how the data should be handled. We follow their instructions.

What this means for you: If you want to exercise your rights (for example, delete your data), you should contact the company you have a relationship with, not Fimento directly. When they delete your data, it is automatically deleted from our systems.

When we act as a data controller

In certain limited cases, we act as an independent data controller – primarily when we train and improve our AI models. We do this to develop and ensure the quality of our services.

How we protect your privacy:

We separate training and development environments from production systems

Identifiable data is retained only for a limited period (maximum 12 months)

After this period, data is deleted or pseudonymised/anonymised permanently

Aggregated or fully anonymised data may be retained longer

Important information: Once data has been permanently anonymised, it can no longer be linked to you as an individual. This means we cannot delete it on an individual basis – simply because we can no longer identify whose data it is. This is a security measure that protects your privacy.

Pseudonymised data is handled with strict safeguards and retained only as long as necessary.

Information We Collect

Depending on how you use our services, we may process both personal data and other types of data.

Personal Data

Personal data is any information that can be directly or indirectly linked to an identifiable individual. We may process the following personal data:

  • Contact information: name, email address, phone number
  • Customer data through our services: transaction data, financial data, and accounting data that can be linked to an identifiable individual
  • System logs: user activity and access logs that contain identifiable information

 

Other Data (Non-Personal Data)

We also process data that is not personal data, including:

  • Aggregated and anonymized data: statistical data that cannot be linked to any individual
  • Technical system data: non-identifiable system performance data and error logs

How We Use Personal Data – Purpose and Legal Basis

Under the GDPR, we must have a legal basis for each purpose for which we process personal data. Below is an overview of our purposes and the corresponding legal basis. We only process your data when we have a clear reason to do so.

 

Purpose Legal Basis Description 
Provide and operate our services Performance of contract (GDPR Art. 6.1(b))  Processing is necessary to fulfil our contractual obligations to our customers. 
Deliver support and troubleshooting Performance of contract (GDPR Art. 6.1(b)) Processing is necessary to provide the support included in our service agreements. 
Maintain security, logging, and system stability Legitimate interest (GDPR Art. 6.1(f)) We have a legitimate interest in ensuring the security and stability of our systems. This interest has been balanced against the rights of individuals. 
Improve and develop our products and services (including AI model training) Legitimate interest (GDPR Art. 6.1(f)) We have a legitimate interest in improving and developing our services. Data used for this purpose is pseudonymised or anonymised as soon as possible. 
Comply with legal obligations Legal obligation (GDPR Art. 6.1(c)) Processing is necessary to comply with applicable laws, such as accounting and regulatory requirements. 

When we process personal data based on legitimate interest, we have conducted a balancing of interests to ensure that our interests do not override your rights and freedoms.

Data Sharing

We never sell personal data.

We may share data with:

  • Our customers (the data controllers)
  • Trusted sub-processors who help us deliver our services (such as cloud services, communication tools, and AI providers)
  • Authorities when required by law

Data Security

We use appropriate security measures to protect personal data and continuously work to improve our security. Data is encrypted both in transit and at rest, and we use role-based access control to ensure that only authorized personnel have access to data.

Your Rights

You have the right to request:

  • Access to your personal data
  • Correction of inaccurate data
  • Deletion of your data
  • Restriction of processing
  • Data portability
  • To object to processing

How to exercise your rights

If your data was processed through one of our customers (which is the most common scenario), the customer is responsible for handling your request. You should contact them directly.

If you contact Fimento, we will guide you to the correct organization where applicable.

When data has been properly anonymized, it can no longer be linked to you as an individual, not by Fimento or anyone else. This is a key privacy protection: your identity has been permanently separated from the data. As a result, individual deletion requests do not apply to anonymized data, since there is no way to determine whose data it is.

 

Our Commitment to
Protecting Your Data

Fimento is a Swedish company, and all our data processing is governed by the EU General Data Protection Regulation (GDPR). We continuously review and improve our privacy and security practices to ensure your data remains protected.

Updates to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website.

Updates to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website. 

Contact us

Don’t hesitate to reach out – we’re happy to answer any questions about how your data is handled.

Fimento AB

Organisation number: 559223-6896
Mäster Samuelsgatan 20
111 56, Stockholm
Sweden

For privacy-related questions, contact us at [email protected]

At the heart of finance and tech, we shape the future with precision-crafted solutions, infusing every line