Privacy Policy
This privacy policy was last updated on March 5, 2026. This is an AI-drafted policy provided for transparency. Please review with legal counsel before relying on it.
Information We Collect
We collect the following types of information when you use Fndr OS:
- Account information — your name, email address, and password hash.
- Company data — business details you enter during the strategy sprint, including company profile, market position, strategic pillars, and OKRs.
- Usage analytics — page views, feature usage, and general interaction patterns to improve the product.
How We Use Your Data
- Service delivery — powering your strategy sprints, dashboards, check-ins, and reports.
- AI-powered suggestions — your data provides context for AI recommendations within the wizard and OKR workflows.
- Product improvement — aggregated, anonymized usage data helps us improve the platform.
- We never sell your data to third parties.
Data Storage & Security
- PostgreSQL database hosted on Neon.
- Application hosted on Vercel.
- Data encrypted in transit (TLS).
- Regular backups to prevent data loss.
Cookies & Tracking
We use essential cookies for authentication and session management. We do not use third-party advertising cookies.
Third-Party Services
- Stripe — for payment processing.
- Resend — for transactional email delivery.
- Moonshot AI (Kimi K2.5) — for AI-powered strategy suggestions. Data sent to Moonshot AI is limited to what is needed for generating suggestions and is not used to train their models.
Your Rights
- Access your data at any time through the platform.
- Request deletion of your account and all associated data.
- Export your strategic plans using the PDF export feature.
- Update your information through account settings.
Data Retention
- When you request account deletion, your data is retained for 30 days before being permanently deleted.
- During this 30-day period, your account can be recovered by contacting support.
- After 30 days, all personal data and company data associated with your account is permanently and irreversibly removed from our systems.
- Anonymized, aggregated usage data may be retained indefinitely as it cannot be linked back to you.
GDPR & CCPA
We respect data protection rights under GDPR and CCPA. If you are a resident of the European Economic Area or California, you may exercise your rights by contacting us at the address below.
Contact
For privacy-related questions, contact us at privacy@fndros.io.
Changes to This Policy
We may update this policy from time to time. Changes will be posted on this page with an updated date.