— gdpr · personal data

GDPR Policy

fiine complies with the General Data Protection Regulation. All data you share with us is stored in the EU, with no third-party trackers, and deleted automatically after 12 months.

Data protection policy

When you use the fiine AI chat, you share information about your company and your projects. We use it only to get back to you and arrange a possible diagnostic call. Nothing more.

Data we collect

During a conversation with the fiine AI agent, we collect:

  • Your email address — requested by the agent in the first message, so Rémi can reply to you.
  • The conversation transcript — the text exchanges with the AI agent.
  • Booking metadata — time slots selected if you book a diagnostic call.
  • Your explicit GDPR consent — collected by the agent before any data is stored.

Why we collect this data

  • To reply by email (draft written by the agent, reviewed and sent by Rémi).
  • To keep a thread if you come back to the conversation.
  • To organise diagnostic calls in Rémi's calendar.

Retention

Your data is kept for a maximum of 12 months from your last interaction, unless you give explicit consent to extend. After 12 months, the conversation, your email and the session file are deleted automatically.

Your rights

You have the following rights over your data:

  • Right of access — you can request a full copy of your conversation by emailing remi@fiine.io.
  • Right of rectification — you can ask to correct information shared during the chat.
  • Right of erasure — you can request complete deletion of your data at remi@fiine.io.

How to exercise your rights

Send an email to remi@fiine.io describing your request. Legal processing time: 30 days. Deletion confirmation within 72 hours. remi@fiine.io

Hosting

The database, file storage and sessions are hosted in the EU (Hetzner Frankfurt or OVH Gravelines by default, via Dokploy). Encryption at rest is enabled at disk level (AES-256).

Cookies

We use only two technical cookies:

  • NEXT_LOCALE — a technical cookie to remember the chosen language (FR or EN). No personal data.
  • better-auth.session_token — a session cookie for Rémi's admin area. Never exposed to public visitors.

No third-party cookies. No analytics tracker. No ad network.