FIOS Privacy Policy 1

This Privacy Policy explains how information is collected, processed, stored, and protected when using the FIOS AI-enabled fintech productivity environment, including AI chat, prompt optimisation, document-assisted interaction, and related operational workflows.

Effective date: [Insert Date] | Version: 1.1 | Applies to: Free and Paid Service Tiers

1. Who We Are

FIOS is operated by Core Fintech Ltd ("FIOS", "we", "our", or "us"). Depending on the deployment environment, the organisation operating or deploying FIOS may act as the data controller or joint controller for personal information processed through the system.

If FIOS is deployed within an organisation, that organisation may also determine how user data is processed in accordance with its internal policies and applicable law.

2. Information We Collect

We may collect and process several categories of information, including:

Account information: username, email address, user profile details, and account configuration information.
Authentication data: login activity, authentication tokens, session identifiers, and access logs.
User interactions: chat inputs, prompts, uploaded documents, instructions, and system interactions.
Technical information: device information, connection status, diagnostics, usage metrics, and service logs.
Interaction metadata: timestamps, feature usage, request patterns, and response generation metrics.
Subscription and billing information: plan type, subscription status, billing address or billing profile details, transaction records, renewal status, and payment-related identifiers supplied by payment providers.

Information may be provided directly by users or generated automatically through system usage.

3. Legal Basis for Processing

Where applicable under data protection laws, processing of personal information may rely on one or more of the following legal bases:

Performance of a contract or provision of requested services.
Legitimate interests in operating, improving, and securing the FIOS platform.
Compliance with legal obligations.
User consent where required.

4. How We Use Information

Collected information may be used to:

Provide, operate, and maintain the FIOS platform.
Authenticate users and maintain secure sessions.
Process prompts, chats, and uploaded files.
Generate AI-assisted responses and requested outputs.
Administer free and paid service tiers, subscriptions, renewals, billing support, and account management.
Monitor performance, diagnose issues, and improve service reliability.
Detect misuse, abuse, security incidents, or unauthorised access.
Comply with legal, regulatory, accounting, or audit requirements.

5. Uploaded Files and AI Processing

When users submit prompts, upload files, or interact with the system, that content may be processed by underlying AI models or third-party AI service providers for the purpose of generating responses, analysing documents, or improving the quality of requested outputs.

Users should only upload information that they are authorised to use and share with the system.

AI-generated responses may rely on automated processing of submitted content but are intended to support users rather than replace human review or decision-making.

6. Storage and Retention

We may store account information, session data, chat history, uploaded files, subscription information, and operational logs to support platform functionality, troubleshooting, auditing, billing administration, and service improvement.

Retention periods may vary depending on system configuration, operational requirements, legal obligations, accounting rules, security monitoring needs, or contractual requirements associated with the deployment environment.

7. Sharing of Information

We do not sell personal information. Information may be shared only where necessary to:

Operate the service using trusted hosting, infrastructure, analytics, AI processing, or payment processing providers acting on our behalf.
Comply with legal obligations, regulatory requirements, or lawful requests.
Protect the rights, safety, or security of the service, users, or associated organisations.

8. Payment Processing

Where paid subscriptions are offered, payment transactions may be handled by external payment service providers. We typically do not store full payment card numbers on our own systems unless expressly stated otherwise.

We may receive limited payment-related information such as billing status, subscription status, payment confirmation, transaction identifiers, and partial billing details necessary to manage subscriptions, support users, and maintain accounting records.

9. International Data Transfers

Depending on infrastructure and service providers used to operate the platform, information may be processed in different jurisdictions. Where required, appropriate safeguards may be implemented to ensure personal data remains protected in accordance with applicable data protection laws.

10. Security

We apply reasonable technical and organisational safeguards designed to protect information from unauthorised access, misuse, loss, or disclosure. These safeguards may include access controls, monitoring systems, and secure infrastructure environments.

However, no digital system can guarantee absolute security.

11. User Responsibilities

Users are responsible for maintaining the confidentiality of their login credentials, securing their devices, and ensuring that any information submitted through FIOS is lawful, authorised, and consistent with applicable policies.

12. Your Rights

Subject to applicable law, individuals may have rights relating to their personal information, including:

Access to personal data held about them.
Correction of inaccurate information.
Deletion of personal data in certain circumstances.
Restriction of processing.
Objection to certain processing activities.
Data portability where applicable.

Requests to exercise these rights may be reviewed in accordance with legal obligations and operational requirements.

13. Third-Party Links

FIOS may contain links to external resources such as third-party privacy notices, terms pages, or service documentation. We are not responsible for the privacy practices or content of external sites.

14. Changes to This Policy

This Privacy Policy may be updated periodically to reflect changes in legal requirements, system functionality, billing arrangements, or operational practices. Updated versions become effective when published through the FIOS interface or associated service channels.

15. Contact

For privacy-related questions or requests, please contact the FIOS service administrator or the organisation operating the relevant FIOS deployment environment.