Privacy Policy

Last updated: April 20, 2025

1. Introduction

Echo AI Enterprise, Inc. ("Company", "we", "us", or "our") operates Fiden CFO ("Service"). This Privacy Policy explains how we collect, use, disclose, and protect information about you when you use our Service. By using the Service, you agree to the practices described in this policy.

2. Information We Collect

2.1 Information you provide directly

  • Account registration data: name, email address, password
  • Company information: company name, industry, team size, revenue and expense estimates
  • API credentials for third-party integrations (stored encrypted)
  • Support communications and feedback
  • Billing information (processed by Stripe — we do not store raw card data)

2.2 Financial data from integrations

When you connect third-party services, we retrieve and store financial data including: transactions, invoices, subscription data, bank balances, payroll records, equity grants, and cloud cost data. This data is stored in your isolated organization tenant and used solely to provide the Service.

2.3 Usage and technical data

  • Log data: IP address, browser type, pages visited, timestamps
  • Device information: operating system, browser version
  • Feature usage patterns (to improve the Service)
  • Cookies and similar tracking technologies (see Section 7)

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve the Service
  • Generate financial reports, dashboards, and AI-driven analysis
  • Process payments and manage your subscription
  • Send transactional emails (receipts, sync alerts, product updates)
  • Respond to support requests
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations
  • Train and improve our AI models — using only aggregated, anonymized data, never your identifiable financial data

We do not sell your personal data or your financial data to any third party, ever.

4. How We Share Your Information

We may share your information with:

4.1 Service providers

We use trusted third-party vendors to operate the Service, including Supabase (database and authentication), Stripe (billing), Anthropic and Google (AI model inference), and Vercel (hosting). These vendors process data only on our behalf and under contractual data processing agreements.

4.2 Legal requirements

We may disclose information if required by law, court order, or government authority, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.3 Business transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email before your data is transferred and becomes subject to a different privacy policy.

4.4 With your consent

We may share information with third parties when you explicitly direct us to (e.g., sharing an investor portal link).

5. Data Security

We take security seriously. Our measures include:

  • All data encrypted in transit using TLS 1.2+
  • All data encrypted at rest using AES-256
  • API credentials stored encrypted, never logged
  • Strict tenant isolation — no cross-organization data access is possible
  • Row-level security enforced at the database layer
  • Access controls limiting employee access to customer data

No security system is perfect. If you discover a vulnerability, please disclose it responsibly to security@fidencfo.com.

6. Data Retention

We retain your data for as long as your account is active. If you cancel your subscription or request deletion, we will delete your data within 90 days, except where we are legally required to retain it (e.g., billing records for tax purposes, which are retained for 7 years).

You can export all your data at any time from the Settings page while your account is active.

7. Cookies

We use cookies and similar technologies for authentication (session tokens), security (CSRF protection), and basic analytics (page views, feature usage). We do not use advertising cookies or sell data to ad networks.

You can control cookies through your browser settings. Disabling cookies may affect the functionality of the Service, particularly authentication.

8. Your Rights

Depending on your location, you may have the right to:

  • Access — request a copy of the personal data we hold about you
  • Correction — request correction of inaccurate data
  • Deletion — request deletion of your personal data
  • Portability — receive your data in a machine-readable format
  • Objection — object to certain processing of your data
  • Withdrawal of consent — where processing is based on consent

To exercise any of these rights, email privacy@fidencfo.com. We will respond within 30 days.

9. Children's Privacy

The Service is not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.

10. International Transfers

Your data is stored and processed in the United States. If you are located outside the US, your data will be transferred to and processed in the US, which may have different data protection laws than your country. By using the Service, you consent to this transfer.

11. AI and Automated Processing

The Service uses AI models (including Anthropic Claude and Google Gemini) to generate financial analysis, board reports, and agent actions. These models process your financial data to produce outputs. We do not use your identifiable financial data to train external AI models. AI-generated outputs are for informational purposes only and do not constitute professional advice.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by prominently displaying a notice in the Service at least 14 days before the changes take effect.

13. Contact

For privacy-related questions or requests, contact our privacy team at privacy@fidencfo.com or by mail at:

Echo AI Enterprise, Inc.
Attn: Privacy
Delaware, United States