FinlexPro
Get Started

Privacy Policy

Last updated: February 2026 • GDPR Compliant

FinlexPro is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your personal data when you use our regulatory research platform.

Information We Collect

Account Data

  • • Name and email address
  • • Profile picture (social login)
  • • Account creation date
  • • Authentication data (via Clerk)

Payment Data

  • • Billing address
  • • Transaction history
  • • Subscription status
  • • Payment via Stripe (no card storage)

Usage Data

  • • Search queries and history
  • • AI query interactions
  • • Device and browser info
  • • IP address and location

Document Data

  • • Gap Analysis uploads (not stored)
  • • Processed in real-time only
  • • Sent to OpenAI for analysis
  • • Immediately discarded

How We Use Your Information

Service Delivery

Provide and maintain platform services

Payments

Process subscriptions and transactions

Communications

Send receipts and account updates

Improvements

Enhance platform and user experience

Legal Compliance

Meet regulatory obligations

Security

Prevent fraud and abuse

Third-Party Service Providers

ClerkAuthenticationUser login and account management
Policy →
StripePaymentsSecure payment processing (PCI-DSS)
Policy →
OpenAIAI AnalysisDocument analysis and AI responses
Policy →
VercelHostingApplication hosting and CDN
Policy →
ResendEmailTransactional email delivery
Policy →

We do NOT:

✗ Sell your data✗ Share for advertising✗ Store uploaded documents✗ Transfer unnecessarily

Your Rights Under GDPR

Access

Request your data copy

Rectification

Correct inaccurate data

Erasure

Request data deletion

Restriction

Limit data processing

Portability

Export your data

Object

Object to processing

Withdraw

Revoke consent

Complain

File with DPA

To exercise these rights, contact us at privacy@finlexpro.com

Gap Analysis Document Processing

When you use our Gap Analysis feature, your uploaded documents are processed in real-time and are not stored on our servers. Document content is transmitted to OpenAI's API for AI-powered analysis. OpenAI processes data according to their enterprise API policy and does not use API data for model training. For highly sensitive documents, we recommend redacting confidential client names and proprietary information before upload.

Data Controller

RAVENCORD OÜ

Register No: 17088619

D-U-N-S® No: 536440446

Meistri tn 6
Tallinn, 13517
Estonia

Security Measures

  • SSL/TLS encryption
  • PCI-DSS compliance (Stripe)
  • SOC 2 certified providers
  • Regular security audits
  • Access controls & logging

Data Retention

Active accounts: Duration of service

Post-deletion: Up to 7 years (legal requirements)

Uploaded documents: Not stored

Search history: 90 days

Privacy Contact

For privacy inquiries or to exercise your GDPR rights:

privacy@finlexpro.com

Response within 30 days as required by GDPR.

Related Policies

Terms of ServiceCookie Policy

International Transfers

Data may be processed by providers outside the EU. All transfers are protected by Standard Contractual Clauses (SCCs) as required by GDPR.

Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect data from minors.

Policy Updates

We may update this policy periodically. Significant changes will be notified via email. Continued use constitutes acceptance.