Datenschutzerklärung

Zuletzt aktualisiert: 24. Mai 2026

Dies ist eine informelle Übersetzung. Bei Unklarheiten oder Streitigkeiten ist die englische Originalfassung dieses Dokuments maßgebend, abrufbar unter /en/.

This Privacy Policy explains what personal data Finrys collects about you, why we collect it, how we use it, and the rights you have under the EU General Data Protection Regulation (GDPR). It applies to the Finrys website at finrys.com and any related services we operate.

1. Who we are

The data controller responsible for your personal data is Finrys s. r. o., a company registered in der Slowakischen Republik, with registered office at Záhorácka 1932/47, 901 01 Malacky, Slovakia, company registration number 57633380 (hereinafter "Finrys", "we", "us").

You can contact us about any privacy matter at info@finrys.com.

2. What data we collect

Account data: your email address, name, profile picture (if you sign in with Google), and optional profile fields you choose to add (first name, last name, timezone, username, display username).

Authentication data: a hashed password (if you register with email/password) or OAuth tokens from your identity provider (Google), which we use to verify it is you.

Session data: your IP address, browser user agent, and session timestamps. We use this for security (detecting suspicious logins) and to keep you signed in.

Subscription data: your subscription plan, billing period, status, and a customer identifier issued by our payment processor. We do not store your full card number — the payment processor handles payment data directly.

Product usage data: stocks you add to your watchlist, the last symbols you viewed, your saved valuation assumptions, and your interface preferences (theme, exchanges, brokers, table layout).

Communications: any messages you send us (e.g. support emails).

We do not run analytics or third-party tracking pixels on Finrys. We do not build behavioural profiles.

3. Why we use your data and on what legal basis

To provide the service (create your account, sign you in, deliver the features you use, save your preferences). Legal basis: performance of the contract between you and us (GDPR Art. 6(1)(b)).

To process payments for paid subscriptions. We forward the necessary data to our payment processor (see Section 4). Legal basis: contract (Art. 6(1)(b)) and legal obligation for tax records (Art. 6(1)(c)).

To send you transactional emails such as account confirmation, password reset, payment receipts, and important service notices. Legal basis: contract (Art. 6(1)(b)).

To protect the service against abuse, fraud, and security incidents (e.g. logging IP addresses with sessions). Legal basis: our legitimate interest in operating a secure service (Art. 6(1)(f)).

4. Who we share your data with

We do not sell your personal data. We share it only with the service providers strictly necessary to operate Finrys, each bound by a written data processing agreement:

Cloudflare, Inc. — application hosting, edge runtime, and database (Cloudflare D1). Data is stored in regions Cloudflare designates within its global network.

Our Merchant of Record — processes your name, email, billing address, and payment method when you subscribe.

Resend, Inc. — sends our transactional emails (account verification, password reset, receipts).

Google LLC — identity provider, only if you choose to sign in with Google.

We may also disclose data when legally required (e.g. a valid court order or to comply with a legal obligation in the EU or in the jurisdictions where our processors operate).

5. International data transfers

Some of our service providers (Cloudflare, our Merchant of Record, Resend, Google) are based outside the European Economic Area, primarily in the United States. When your data is transferred outside the EEA, we rely on the European Commission's Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms required by GDPR Chapter V.

You can request a copy of the safeguards in place by contacting us at the email in Section 1.

6. How long we keep your data

Account data: for as long as your account is active.

After you delete your account, we erase your personal data within 30 days, except for records we are legally required to keep (typically invoices and tax records for up to 10 years under EU law).

Session and security logs: retained for up to 90 days, then deleted.

Backups: data in backups is overwritten in the normal backup rotation, typically within 30 days.

7. Your rights under GDPR

You have the following rights regarding your personal data: the right to access your data, to rectify inaccurate data, to erase your data ("right to be forgotten"), to restrict processing, to data portability (receive your data in a machine-readable format), to object to processing based on our legitimate interest, and to withdraw any consent you have given.

To exercise any of these rights, email us at info@finrys.com. We will respond within one month as required by GDPR Art. 12.

You also have the right to lodge a complaint with a supervisory authority in your EU country of residence. In Slovakia this is the Úrad na ochranu osobných údajov SR (dataprotection.gov.sk).

8. Cookies and similar technologies

We use a small number of cookies, all either strictly necessary or functional. We do not use analytics, advertising, or tracking cookies. For the full list and what each one does, see our Cookies Policy.

9. Children

Finrys is not intended for users under 16 years of age. We do not knowingly collect personal data from children under 16. If you believe we have, contact us and we will delete the data.

10. Changes to this policy

We may update this Privacy Policy from time to time. We will indicate the change in the "Last updated" date at the top, and for material changes we will notify you by email at least 14 days before they take effect.

11. Contact

For any privacy questions, write to us at info@finrys.com or by post at Záhorácka 1932/47, 901 01 Malacky, Slovakia.