Privacy Policy for Fendous AI (Subsidiary of Fendous Sustainable Solutions)

1. Data Controller

We are the data controller for the personal data we process about our customers and partners. Fendous AI (subsidiary of Fendous Sustainable Solutions) focuses on AI-driven products, including Fendous AI chatbots.

Address: Valdermarsgade 8 1 TV, 9000 Aalborg, Denmark
CVR No.: 43257196

2. Interpretation and Definitions

2.1 Interpretation

• Words with capitalized initials have meanings as defined in this section.
• These definitions apply whether the terms appear in singular or plural form.

2.2 Definitions

• Account – A unique account created for You to access our Service or parts of our Service.
• Affiliate – Any entity that controls, is controlled by, or is under common control with a party. "Control" means ownership of 50% or more of shares, equity interests, or other securities that allow voting rights for managing authority.
• Application – Refers to Fendous AI, the software program provided by the Company.
• Company ("We", "Us", or "Our") – Refers to Fendous Sustainable Solutions ApS, located at Valdermarsgade 8 1 TV, 9000 Aalborg, Denmark.
• Cookies – Small files placed on Your device (computer, mobile, or tablet) by a website to store browsing history and enhance user experience.
• Country – Refers to Denmark.
• Device – Any device that can access the Service, such as a computer, cellphone, or digital tablet.
• Personal Data – Any information that identifies or relates to an individual.
• Product – Refers to the AI-based solutions, including chatbots, provided by Fendous AI.
• Service Provider – A third-party entity that processes data on behalf of the Company, including those facilitating, analyzing, or providing the Service.
• Third-Party Social Media Service – Any social media or external service that allows Users to log in or create an account to use the Service.
• Usage Data – Automatically collected data, including those generated by Service usage or infrastructure (e.g., page visit duration).
• Website – Refers to Fendous AI, accessible from:
  • https://www.fendousai.com
  • www.fendous.eu
• You – The individual accessing or using the Service, or the company/legal entity on behalf of which the individual is acting.

3. Introduction

We value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, store, and protect your information when you use our AI-driven products. We also describe the legal bases for our processing under the GDPR.

4. Processing Activities and Information We Collect

4.1 Website Visits

• Tracking Technologies and Cookies: We use cookies and similar tracking technologies to track activity on our Service and store certain information.
• Types of Cookies We Use:
  • Necessary Cookies: Used to authenticate users and prevent fraudulent account use.
  • Web Beacons: Electronic files (clear gifs, pixel tags) used to count visitors and track engagement.
  • Functionality Cookies: Store user preferences such as language settings.
  • Analytical Cookies: Help us analyze website traffic and user behavior.
  • Other Cookies: Unclassified cookies that may serve additional purposes.

4.2 Communication with Potential Customers

• Contact Methods: When you contact us via our contact form, email, or telephone, we process the information you provide (e.g., your name, email, and phone number) to respond to your inquiries about our services.
• Legal Basis: Processing is based on our legitimate interest (GDPR Article 6(1)(f)).
• Retention: We delete this communication data once it is clear whether you wish to use our services—unless a longer retention period is justified.

4.3 Customers

• Service Delivery: For the proper delivery of our services, we may process personal data such as your name, address, details of services provided, special agreements, IP addresses, cookie identifiers, biometric data (e.g., facial recognition and fingerprint scans), and payment information.
• Legal Basis: This processing is necessary for the performance of a contract (GDPR Article 6(1)(b)).
• Retention: After the service is delivered and any outstanding issues are resolved, your data is promptly deleted.

4.4 Newsletter

• Subscription: Our newsletter is subscription-based. You receive emails with updates, new content, or service announcements only if you have given your explicit consent.
• Legal Basis: The processing of your email address for the newsletter is based on your consent (GDPR Article 6(1)(a)).
• Retention: We retain your data as long as you are subscribed. In case of unsubscription, we cease sending newsletters and maintain a record of your consent for 2 years (in line with applicable retention rules).

4.5 Accounting

• Invoices and Financial Records: In compliance with accounting law, we store invoices and similar documents that may contain personal data (e.g., name, address, service description).
• Legal Basis: Processing is required for compliance with a legal obligation (GDPR Article 6(1)(c)).
• Retention: These records are stored for a minimum of 5 years after the end of the relevant financial year.

4.6 Job Applications

• Recruitment Process: When you apply for a job, we process your application data to assess your suitability for a position. For unsolicited applications, your data is reviewed and, if not relevant, deleted immediately. For advertised positions, if you are not selected, your application is deleted once the position is filled.
• Legal Basis: Processing is based on our legitimate interest (GDPR Article 6(1)(f)).
• Further Information: If you enter into a recruitment process or are hired, we will provide you with additional details on how your data is processed.

4.7 Data Processors

• External Providers: We work with external service providers (data processors) to support our operations—for example, IT hosting, marketing, payment processing, and analytics. These partners are contractually obligated to protect your personal data.
• Examples:
  • Stripe - Privacy Policy
  • MobilePay - Privacy Policy

4.8 Information from Third-Party Social Media Services

The Company allows You to create an account and log in to use the Service through the following Third-party Social Media Services:

• Google
• Facebook
• Twitter
• LinkedIn
• Instagram
• YouTube

5. How We Use Your Personal Data

We use your data for various purposes, including:

• AI Chatbot Interaction: Our AI-powered chatbot collects data (e.g., name, email, conversation history) to improve responses and functionality.
• Service Provision: To provide and maintain our AI products and chatbot functionalities.
• Payment Processing: To process transactions through secure third-party payment processors like Stripe and MobilePay.
• Communications: To send updates, offers, and essential notifications.
• Opt-Out Options: If you prefer not to interact with our AI chatbot, you may choose to engage with a human representative or adjust your communication preferences.

6. Sharing Your Personal Data

We do not share your personal data with third parties unless necessary for one or more of the following reasons:

• Service Providers: For example, payment processors (MobilePay, Stripe) and analytics companies.
• Third-Party Affiliates: For marketing or service purposes.
• Other Users: When you interact publicly on our platform (e.g., comments, forum posts).

7. Retention and Deletion of Your Personal Data

• AI Chatbot Data: Retained only as long as necessary for improving our AI models.
• Communication Data: Deleted after inquiry resolution.
• Customer Data: Deleted promptly after service delivery and resolution of outstanding matters.
• Newsletter Data: Retained until you unsubscribe, with consent records kept for 2 years.
• Accounting Records: Retained for at least 5 years as required by law.

You have the right to request deletion of your data, subject to any legal obligations that require longer retention.

8. Third-Party Services

We use third-party services for payments, analytics, hosting, and database management. These providers have their own privacy policies:

• OpenAI - Privacy Policy
• MongoDB - Privacy Policy
• Stripe - Privacy Policy
• MobilePay - Privacy Policy
• Netlify/Vercel - Privacy Policy
• Landbot - Privacy Policy
• Google Places - Privacy Policy
• Caspio - Privacy Policy
• Mailerlite - Privacy Policy
• Mailjet - Privacy Policy

9. Your Rights Under GDPR

You have the following rights regarding your personal data:

• Right of Access: Request access to your personal data.
• Right to Rectification: Request corrections to any inaccurate or incomplete information.
• Right to Erasure: Request data deletion under certain conditions.
• Right to Restrict Processing: Request limitation on data processing.
• Right to Object: Object to processing, including direct marketing.
• Right to Data Portability: Request data in a structured, machine-readable format.
• Right to Withdraw Consent: Withdraw consent at any time if processing is based on your consent.

For further details about your rights, please refer to the Danish Data Protection Authority’s guidance at www.datatilsynet.dk.

10. Children's Privacy

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. . If we become aware that we have collected Personal Data from anyone under the age of 13 without verification of parental consent, we take steps to remove that information from our servers.

11. Profiling and Automated Decisions

We do not engage in profiling or automated decision-making that produces legal effects or similarly significant impacts on you.

12. Transfers to Third Countries

• Within the EU/EEA: As a rule, we use data processors within the EU/EEA.
• Outside the EU/EEA: In some cases, processors outside the EU/EEA may be used if they provide adequate protection for your personal data as required by law.

14. Complaints

If you are dissatisfied with the way we handle your personal data, you have the right to lodge a complaint with the Danish Data Protection Authority (Datatilsynet) at www.datatilsynet.dk.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated effective date. We encourage you to review this policy periodically.