Version: 1.01

Last updated: 9 September 2021



This Privacy Notice describes how FINMAP LTD collects and processes users’ data through website, including all services and functions of the platform (the “Website”). The terms “we”, “us”, “our” refer to FINMAP LTD, a private company limited by shares and incorporated under the laws of England and Wales.


Contact us:

Finmap LTD

Company number: 13281743

Registered address: 41 Devonshire Street, Ground Floor, London, United Kingdom, W1G 7AJ


The Privacy Notice provides you (a user or a visitor on our Website) with details about the personal information we collect from you in the process of your use of the Finmap services (“Services”), how we use your personal information, and your rights to control the personal information we hold about you. This Privacy Notice is part of the Public Offer Agreement (“Offer”) made between you and FINMAP LTD. Unless explicitly stated otherwise, the terms in this Privacy Notice have the same meaning as in the Offer.

Please read this Privacy Notice carefully. By accessing or browsing this Website and using the Services, you confirm that you have read, understood, and agree to this Privacy Notice in its entirety. If you do not agree to this Privacy Notice in its entirety, you must not use this Website.

We may change this Privacy Notice from time to time, and you agree that by accessing or browsing the Website and using the Services at any time after a change, you will be confirming your acceptance of the new version of the Privacy Notice.

We respect your right to privacy and will only process personal information you provide to us in accordance with this Privacy Notice and applicable privacy laws.


Information we collect from you

Account set-up

If you want to use the Website’s functionality and the Services, you will have to register a personal account on the Website (“Account”). To register an Account, you have to provide us with your email address and create a password.

When opening an Account, you also have to choose the first sub-account’s name, i.e. company’s name, the main currency for the first legal entity for which you create a sub-account, and the type of business activity. It can be changed later and new currencies can be added later as well.

Please note that when creating an Account, you do not have to provide us with any official information about a legal entity for which you create a sub-account meaning that you are free to choose any name you want for each sub-account. However, by opening an Account on behalf of a legal entity, you represent and warrant that you are its duly authorized representative and have the right to do so.

After the registration, you will be able to choose the type of Finmap subscription plan you would like to use.

We use your Account information to:

      create and maintain your user Account, including in connection with other data points listed below. The applied legal basis for this is the performance of the contract (Offer) between you and us (GDPR Art. 6.1.b);

      contact you regarding the work of the Website or your Account, including by email and sending you web notifications (GDPR Art. 6.1.b);

      analyse the efficiency of our Website in our legitimate interests (GDPR Art. 6.1.f);

      upon receiving the consent from you, to send you marketing or promotional materials (GDPR Art. 6.1.a).

We will store your Account data, including the categories from the below sections (Website functionality and Technical support) for as long as you have the Account with us. If you become inactive, we will delete or anonymise your information 12 months after your last user session.


Website functionality

Via the Website, you will be able to access the cash flow management tool to manage your financial activities. We will store and process the following categories of information which may contain personal data:

      tasks and financial transactions that you create and manage on the Website;

      counterparties, such as customers, investors, debtors, creditors, suppliers, contractors, owners, etc.;

      employees’ data, including employees’ names, salary information, etc.;

      projects and tags, containing, e.g., a reference to an agreement or a responsible manager;

      imported financial data from Excel, PlanFact, Finolog, Finmap 1.0, Raiffeisen, or other systems;

      data received through synchronization with bank accounts or bank cards, for instance, Merchant ID created in Privat24 and used on the Website for integration purposes;

      data received through integration via an application programming interface (API) with 1C, online banking, client relationship management (CRM), enterprise resource planning (ERP), or other systems.

The applied legal basis for this is the performance of the contract (Offer) between you and us (GDPR Art. 6.1.b).

The storage period is the same as Account data.


Technical support

If you want to ask us a question about the functionality of the Website or use of the Services, you may leave a request on the Website by filling a request form. For this purpose, you will need to provide us with your name, phone, and email address. The said information is necessary to contact you regarding the answer to your request with determining the current solution.

Alternatively, if you need any help when using the Website or the Services, you can contact our Customer Support via the chat window on the Website. In both cases, we additionally collect information, which you have freely provided to us through the text field for messaging. Should it contain any personal data, we will duly process it as specified hereinafter.

Also, we may use the collected information to fix and improve the Website and analyse our efficiency in marketing and product efforts, including by creating statistics of inquiries. The applied legal basis for this is the performance of the contract (Offer) between you and us (GDPR Art. 6.1.b) and our legitimate interest to improve the Website (GDPR Art. 6.1.f).

We store this information for 2 months after we help you with your request.


Website, sales, and marketing activities

The following data collection activities are carried on our Website:

      collection of visitor logs (device, browser information, IP address) to ensure fraud prevention and manage user sessions, stored for 6 months of your last visit. The applied legal basis is our legitimate interests (GDPR Art. 6.1.f);

      visitor traffic analysis done using third-party analytics providers. This activity, depending on the method used, is performed based either on your consent (cookie tracking) or our legitimate interests (GDPR Art. 6.1.f);

      provision of a newsletter, which you may obtain by providing your email address. The processing is based on your consent (GDPR Art. 6.1.a).

We store marketing data for 12 months of the last communication with you. For the activities that are based on consent, you can withdraw your consent at any time by contacting us directly. The withdrawal will not affect the lawfulness of processing based on consent before. You can also opt-out of the email subscription by clicking the appropriate button in our emails to you.



In order to provide you with a personalised experience and improve the functionality and efficiency of the Website, we may use cookies, web beacons, and other similar technologies to collect, store and use information about your interaction on the Website.

We can place cookies on your device by default if they are strictly necessary for the operation of this Website. Necessary cookies help make the Website usable by enabling basic functions, such as page navigation and access to secure areas of the Website. The website cannot function properly without these cookies.

For all other types of cookies, we need your consent:

      preference cookies enable the Website to remember information that changes the way the Website behaves or looks, like your preferred language or the region that you are in;

      statistic cookies help us to understand how you interact with the Website by collecting and reporting information anonymously;

      marketing cookies are used to track you across the Website. They are placed on your terminal equipment by Facebook and Google.

Unless you choose otherwise, we can store and process only those cookies that are necessary for the operation of our Website. If you don’t want to be tracked by other types of cookies, you can refuse to give your initial consent or opt-out later.

Most cookies are stored for 1 day or less, however, some of the cookies are stored for 1 or 2 years. Certain cookies may have their own automatically determined storage periods which we cannot control. To get more information about retention periods, you can scan the Website using cookie scanner services, such as

You can check the specific types of cookies in the pop-up window shown during your first visit on the Website. By clicking “Allow all cookies”, you agree with the use of cookies for all purposes mentioned above. Declining other types of cookies will affect your experience on our Website since there will be no personalisation and recognition of devices during the subsequent uses of the Website. You can change or withdraw your consent at any time by contacting us at: Also, your web browser allows you to control and limit cookies on the device.

Please keep in mind that simply disabling all cookies or all of our cookies in your browser settings may lead to certain sections or features of our Website not working. Therefore, we recommend using the Cookie Settings on our Website instead of disabling all cookies in your web browser.



We may use your personal data, such as name, occupation, company you work in, photograph you are depicted in, video you are filmed in, etc. to post customer’s reviews of our Services. By creating an Account on the Website and providing us with a review of that kind, you agree to such use of your personal data. Thus, in this case, the processing is based on your consent (GDPR Art. 6.1.a).

We will display the review for so long as it is necessary for promotional and marketing purposes. However, you are free to contact us at any time (at to withdraw your consent from using your review. We will delete your review as soon as practicable after we receive your request.


Third-party access to information

We use the following third-party software providers:

      analytics providers to analyse our efficiency and conduct marketing research;

      client relationship management software to manage and perform our marketing (email) activities;

      email notification providers;

      technical support and management software;

      cloud hosting providers to store and process collected data;

      third-party advertisement providers;

      response forms, app-to-app integrations;

      website personalisation tools.

The providers of services listed above process personal data based on our instructions only. They are not allowed to use any of your personal data for their own purposes.



When using the analytics services, we collect details of the use of the Website, including, but not limited to, traffic data, location data, length of visits, and other communication data.

Non-personally identifiable information is collected and processed, among other services, by Google Analytics in an anonymised and aggregated way to improve our Website’s usability and for marketing purposes. Google Analytics is a web analytics service that tracks and reports user traffic on apps and websites. Google Analytics uses the data collected to track and monitor the use of the Website. This data may also be shared with other Google services.

For more information on the privacy practices of Google, you can check its Policies at:


Payment providers

To process payments that you make for using Services on the Website, we use third-party payments processors. Please note that we do not receive your payment details from them, but only payment confirmations and details of the transactions you perform. This means that we do not collect nor process your payment information. Payment processors are independent controllers over your payment information which includes your payment card data.

To learn more about how those third-party payment processors process your payment details, please visit their websites or contact them directly.


Integrated plug-ins

The Website allows the connection of third-party software providers via an API. Please note that whenever you interact with those third-party providers, you provide your information directly to them.


Other disclosures

In addition to the disclosures for the purposes identified before, we may disclose information about you:

      if we are required to do so by law, in connection with any legal proceedings or to establish, exercise, or defend our legal rights; and

      in case we sell, license or otherwise assign our company, corporate rights, the Website or its separate parts, or features to third parties.

Except as provided in this Privacy Notice, we will not sell, share or rent your information to third parties.


Your rights

You have a right to access your personal data, withdraw your consent for data processing, obtain the information whether or not your personal data is being processed and request the correction, updating or deletion of incorrect or/and inaccurate data by contacting us at:


If you are a resident of the European Union (EU) or European Economic Area (EEA), you may exercise GDPR rights regarding your personal data. In particular, you have the following rights:

      The right to object against the processing of your information.

If we process your information for our legitimate interests (e.g., for direct marketing emails or for our marketing research purposes), you can object against it. Let us know what you object against and we will consider your request. If there are no compelling interests for us to refuse to perform your request, we will stop the processing for such purposes. If we believe our compelling interests outweigh your right to privacy, we will clarify this to you.

      The right to access your information.

You have the right to know what personal data we process. As such, you can obtain the disclosure of the data involved in the processing and you can obtain a copy of the information undergoing processing.

      The right to verify your information and seek its rectification.

If you find that we process inaccurate or out-of-date information, you can verify the accuracy of your information and/or ask for it to be updated or corrected;

      Restrict the processing of your information.

When you contest the accuracy of your information, believe we process it unlawfully, or want to object against the processing, you have the right to temporarily stop the processing of your information to check if the processing was consistent. In this case, we will stop processing your data (other than storing it) until we are able to provide you with evidence of its lawful processing;

      The right to have your personal data deleted.

If we are not under the obligation to keep the data for legal compliance and your data is not needed in the scope of an active contract or claim, we will remove your information upon your request.

      The right to have your personal data transferred to another organisation.

Where we process your personal data on the legal basis of consent you provided us or on the necessity to perform a contract, we can make, at your request, your data available to you or to an organisation of your choosing.

You can formulate such requests or send further questions on data protection by contacting us at

If you believe that our use of personal data violates your rights, or if you are dissatisfied with a response you received to a request you formulated to us, you have the right to lodge a complaint with the competent data protection authority of your choice.


If you are a California resident, you may exercise the California Consumer Privacy Act (CCPA) rights regarding your personal data. In particular, you have the right to:

      know what personal data is being collected about you and access your personal data;

      delete your personal data;

      correct inaccurate personal data;

      request that we disclose the categories of personal data collected, its sources, commercial purpose, third parties with whom we share it, specific pieces of information collected;

      opt-out from sharing your personal data with third parties.

Please see more at:

You can formulate such requests or channel further questions on data protection by contacting us at


Security of information

We will take all necessary measures to protect your information from unauthorised or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions of third parties. As we use the services of third-party software providers across several countries, we may transfer the collected data to those countries for further processing. In such cases, we will make sure that relevant safeguards are in place. More information on taken international safeguards can be provided upon request.

We also use a 256-bit SSL encryption method and store data using secure cloud service providers to keep your information secure.

Immediate access to the data is only allowed to our authorised employees involved in maintaining the application. Such employees keep strict confidentiality and prevent unauthorised third-party access to personal information.


Third-party websites

Our Website may contain links to other websites operated by sellers, social media websites, and other third parties. Please note that this Privacy Notice applies only to the personal information that we collect through this Website.

We cannot be responsible for personal information that third parties may collect, store and use through their websites, including, but not limited to, by means of their own cookies. For this reason, we encourage you to be aware when you leave our Website and to read the privacy statements of other services that collect personal data.


Applicable law

In general, the laws of England and Wales shall apply to this Privacy Notice and your use of the Website. Additional legislation applies depending on your country of residence:

      if you are a United Kingdom (UK) resident, the Data Protection Act and the GDPR (as may be amended from time to time) shall apply;

      if you are a resident of the EU or EEA, you may exercise GDPR rights regarding your personal data;

      if you are a California resident, you may exercise the CCPA rights regarding your personal data;

      if you are a resident of Ukraine, you may exercise your information rights under the Law of Ukraine “On personal data protection”.


Changes to Privacy Notice

We may update this Privacy Notice from time to time by posting a new version on our Website. The Privacy Notice changes come into effect immediately after their publication.

We advise you to check this page occasionally to ensure you are happy with any changes. However, we will endeavour to provide you with an announcement about any significant changes.

If you continue to use the Website after the changes take place, this means that you accept the revised Privacy Notice.