Privacy Policy
Last updated: April 20, 2025
1. Introduction
Echo AI Enterprise, Inc. ("Company", "we", "us", or "our") operates Fiden CFO ("Service"). This Privacy Policy explains how we collect, use, disclose, and protect information about you when you use our Service. By using the Service, you agree to the practices described in this policy.
2. Information We Collect
2.1 Information you provide directly
- Account registration data: name, email address, password
- Company information: company name, industry, team size, revenue and expense estimates
- API credentials for third-party integrations (stored encrypted)
- Support communications and feedback
- Billing information (processed by Stripe — we do not store raw card data)
2.2 Financial data from integrations
When you connect third-party services, we retrieve and store financial data including: transactions, invoices, subscription data, bank balances, payroll records, equity grants, and cloud cost data. This data is stored in your isolated organization tenant and used solely to provide the Service.
2.3 Usage and technical data
- Log data: IP address, browser type, pages visited, timestamps
- Device information: operating system, browser version
- Feature usage patterns (to improve the Service)
- Cookies and similar tracking technologies (see Section 7)
3. How We Use Your Information
We use the information we collect to:
- Provide, operate, and improve the Service
- Generate financial reports, dashboards, and AI-driven analysis
- Process payments and manage your subscription
- Send transactional emails (receipts, sync alerts, product updates)
- Respond to support requests
- Detect and prevent fraud, abuse, and security incidents
- Comply with legal obligations
- Train and improve our AI models — using only aggregated, anonymized data, never your identifiable financial data
We do not sell your personal data or your financial data to any third party, ever.
4. How We Share Your Information
We may share your information with:
4.1 Service providers
We use trusted third-party vendors to operate the Service, including Supabase (database and authentication), Stripe (billing), Anthropic and Google (AI model inference), and Vercel (hosting). These vendors process data only on our behalf and under contractual data processing agreements.
4.2 Legal requirements
We may disclose information if required by law, court order, or government authority, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
4.3 Business transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email before your data is transferred and becomes subject to a different privacy policy.
4.4 With your consent
We may share information with third parties when you explicitly direct us to (e.g., sharing an investor portal link).
5. Data Security
We take security seriously. Our measures include:
- All data encrypted in transit using TLS 1.2+
- All data encrypted at rest using AES-256
- API credentials stored encrypted, never logged
- Strict tenant isolation — no cross-organization data access is possible
- Row-level security enforced at the database layer
- Access controls limiting employee access to customer data
No security system is perfect. If you discover a vulnerability, please disclose it responsibly to security@fidencfo.com.
6. Data Retention
We retain your data for as long as your account is active. If you cancel your subscription or request deletion, we will delete your data within 90 days, except where we are legally required to retain it (e.g., billing records for tax purposes, which are retained for 7 years).
You can export all your data at any time from the Settings page while your account is active.
7. Cookies
We use cookies and similar technologies for authentication (session tokens), security (CSRF protection), and basic analytics (page views, feature usage). We do not use advertising cookies or sell data to ad networks.
You can control cookies through your browser settings. Disabling cookies may affect the functionality of the Service, particularly authentication.
8. Your Rights
Depending on your location, you may have the right to:
- Access — request a copy of the personal data we hold about you
- Correction — request correction of inaccurate data
- Deletion — request deletion of your personal data
- Portability — receive your data in a machine-readable format
- Objection — object to certain processing of your data
- Withdrawal of consent — where processing is based on consent
To exercise any of these rights, email privacy@fidencfo.com. We will respond within 30 days.
9. Children's Privacy
The Service is not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.
10. International Transfers
Your data is stored and processed in the United States. If you are located outside the US, your data will be transferred to and processed in the US, which may have different data protection laws than your country. By using the Service, you consent to this transfer.
11. AI and Automated Processing
The Service uses AI models (including Anthropic Claude and Google Gemini) to generate financial analysis, board reports, and agent actions. These models process your financial data to produce outputs. We do not use your identifiable financial data to train external AI models. AI-generated outputs are for informational purposes only and do not constitute professional advice.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or by prominently displaying a notice in the Service at least 14 days before the changes take effect.
13. Contact
For privacy-related questions or requests, contact our privacy team at privacy@fidencfo.com or by mail at:
Echo AI Enterprise, Inc.Attn: Privacy
Delaware, United States