Sofinsod

Intelligent Financial Data Processing

BaFin-ID: 50081127 info@sofinsod.com Dublin 6, Ireland

Privacy Policy

How we protect and handle your personal information with complete transparency

Last Updated: March 15, 2025 | Effective Date: March 15, 2025

Who We Are

Sofinsod operates as a financial technology service provider, specializing in AI-driven expense categorization solutions. We're based in Dublin, Ireland, and registered with BaFin under ID 50081127. This privacy policy explains how we collect, use, and protect your personal data when you use our services.

Our registered address is Ranelagh Road, D06 R9 X8 DUBLIN 6, Ireland. We take data protection seriously and comply with Irish Data Protection Act 2018 and the EU General Data Protection Regulation (GDPR).

Information We Collect

We collect different types of information depending on how you interact with our services:

Data Category What We Collect Why We Need It
Account Information Name, email address, company details, contact information Account creation, service delivery, communication
Financial Data Transaction descriptions, amounts, categories, bank account connections Expense categorization, AI training, service functionality
Usage Data Login times, feature usage, system interactions, preferences Service improvement, user experience optimization
Technical Data IP address, browser type, device information, cookies Security, technical support, system maintenance

How We Use Your Information

Your data serves specific purposes that directly relate to providing and improving our expense categorization services:

  • Processing and categorizing your financial transactions using our AI algorithms
  • Maintaining your account and providing customer support when you need assistance
  • Improving our AI models and service accuracy based on anonymized usage patterns
  • Sending service-related notifications and updates about your account
  • Ensuring system security and preventing fraudulent activities
  • Complying with legal obligations under Irish and EU financial regulations

Important: We never sell your personal data to third parties or use it for marketing purposes outside of our direct services. Your financial information is processed solely for the expense categorization services you've requested.

Your Rights Under Irish and EU Law

Under the GDPR and Irish Data Protection Act, you have comprehensive rights regarding your personal data. Here's what you can do:

Access Your Data

Request a complete copy of all personal data we hold about you, including how we're using it and who we've shared it with.

Correct Information

Update any inaccurate or incomplete personal information in your account at any time through your dashboard or by contacting us.

Delete Your Data

Request complete deletion of your account and associated data, subject to legal retention requirements for financial records.

Restrict Processing

Limit how we process your data while maintaining your account, particularly useful if you're disputing data accuracy.

Data Portability

Receive your data in a structured, machine-readable format to transfer to another service provider if desired.

Object to Processing

Object to specific types of data processing, though this may affect our ability to provide certain services.

Data Security and Protection

We implement comprehensive security measures to protect your personal and financial information:

  • End-to-end encryption for all data transmission between your devices and our servers
  • Advanced encryption standards (AES-256) for data storage and database security
  • Regular security audits and penetration testing by independent security firms
  • Multi-factor authentication requirements for account access and administrative functions
  • Strict access controls limiting employee access to data on a need-to-know basis
  • Continuous monitoring systems for detecting and preventing unauthorized access attempts
  • Regular security training for all staff handling personal data

Bank-Level Security: Our security infrastructure meets the same standards used by major financial institutions, with additional protections specific to AI-driven financial data processing.

Data Sharing and Third Parties

We maintain strict control over your data and only share it in specific, limited circumstances:

  • Banking Partners: Secure connections to your financial institutions for transaction data retrieval, using bank-approved APIs
  • Cloud Infrastructure: AWS Ireland region for secure data storage and processing, with comprehensive data processing agreements
  • Legal Requirements: When required by Irish or EU law, court orders, or regulatory investigations
  • Service Providers: Carefully vetted third-party services for specific functions like email delivery or customer support tools

All third-party relationships include comprehensive data processing agreements ensuring your data receives the same level of protection. We never share data for marketing purposes or allow third parties to use your information for their own business purposes.

Data Retention and Deletion

We keep your data only as long as necessary for providing services and meeting legal obligations:

  • Active Accounts: Data retained while your account remains active and for service provision
  • Closed Accounts: Personal data deleted within 90 days of account closure, except where legally required
  • Financial Records: Transaction data may be retained for up to 7 years to comply with Irish financial regulations
  • Backups: Data in system backups is automatically purged within 12 months of account deletion
  • AI Training Data: Anonymized, non-identifiable data patterns may be retained for service improvement

International Data Transfers

Your data is primarily processed within the European Economic Area. When transfers outside the EEA are necessary, we ensure adequate protection through:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions recognizing equivalent data protection standards
  • Additional technical and organizational measures for data security
  • Regular monitoring of transfer arrangements and data protection compliance

Cookies and Tracking

We use cookies and similar technologies to provide and improve our services:

  • Essential Cookies: Required for basic service functionality, account access, and security
  • Analytics Cookies: Help us understand how users interact with our platform for improvements
  • Preference Cookies: Remember your settings and customizations for better user experience

You can control cookie settings through your browser, though disabling certain cookies may affect service functionality.

Children's Privacy

Our services are designed for business use and are not intended for individuals under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected such information, we will take steps to delete it promptly.

Changes to This Policy

We may update this privacy policy periodically to reflect changes in our services, legal requirements, or data handling practices. When we make significant changes:

  • We'll email registered users about important updates at least 30 days in advance
  • The updated policy will be posted on our website with the new effective date
  • Continued use of our services after the effective date constitutes acceptance of the updated policy

Contact Us About Privacy

Questions about this privacy policy or how we handle your data? We're here to help.

Email: info@sofinsod.com

Address: Ranelagh Road, D06 R9 X8 DUBLIN 6, Ireland

BaFin Registration: 50081127

We typically respond to privacy inquiries within 3 business days and fulfill data requests within 30 days as required by law.