Privacy Policy

1. Introduction

Fronira ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our payment processing portal, in compliance with applicable privacy laws including the GDPR, where applicable.

2. Information We Collect

We may collect the following categories of information:

• Identity data: name, email address, company name
• Account data: encrypted passwords, login timestamps
• Financial data: transaction details, invoice history
• Technical data: IP address, browser type, device information, error logs
• Usage data: interaction with the portal, payment preferences
• Uploaded content: company logos (if provided)

3. Legal Bases for Processing

We process your personal data on the following legal bases under GDPR:

• To fulfill contractual obligations (e.g., providing access to the portal)
• With your consent (e.g., receiving emails for password resets or OTPs)
• To comply with legal obligations (e.g., financial record-keeping)
• For our legitimate interests in operating, improving, and securing the platform

4. How We Use Your Information

We use the information we collect to:

• Authenticate users and manage platform access
• Process payments and synchronize with QuickBooks Online
• Communicate with users (e.g., support, login verification)
• Improve security and monitor the platform (e.g., via Sentry)
• Comply with billing, tax, and legal obligations

5. Sharing with Third Parties

We share your information only when necessary to provide our services:

• Stripe: for payment processing
• Intuit (QuickBooks Online): for invoice and customer data
• SendGrid: to send transactional emails
• Amazon Web Services (AWS S3): to store uploaded company logos securely

All third parties are required to maintain confidentiality and implement appropriate safeguards.

6. International Data Transfers

Where applicable, we ensure that international data transfers comply with GDPR and other legal requirements, including the use of Standard Contractual Clauses where necessary.

7. Data Security

We use appropriate technical and organizational measures to protect personal data, including:

• AES encryption for sensitive fields
• HTTPS-only access in production environments
• CSRF protection for form submissions
• Secure database practices and audit logs
• Role-based access to limit internal data exposure

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, or audit requirements. After that, data is securely deleted or anonymized.

9. Your Rights

You have the following rights under GDPR and similar frameworks:

• Right to access your data
• Right to correct inaccurate data
• Right to request deletion (right to be forgotten)
• Right to data portability
• Right to restrict or object to processing

To exercise these rights, please contact us at support@fronira.com. We will respond within applicable timeframes.

10. Children's Privacy

Our platform is not directed to individuals under 18. We do not knowingly collect personal information from children.

11. Updates to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on our website and indicated by an updated "Effective Date." Continued use of our services constitutes acceptance of the revised policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices or to get your data deleted, contact us at:

Email: support@fronira.com