Datenschutzerklärung

1. Introduction

Fynd S.à r.l. ("we," "our," or "us") operates Fynd.lu, a platform that connects service seekers with verified service providers in Luxembourg. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information in compliance with the General Data Protection Regulation (GDPR) and Luxembourg data protection laws.

We are committed to protecting your privacy and ensuring transparent data practices. This policy applies to all users of our platform, website, and related services.

2. Data Controller Information

3. Legal Basis for Processing

We process your personal data based on the following legal bases under GDPR Article 6:

• Consent (Article 6(1)(a)): For marketing communications and non-essential cookies
• Contract Performance (Article 6(1)(b)): To provide our matching services
• Legal Obligation (Article 6(1)(c)): For tax and regulatory compliance
• Legitimate Interest (Article 6(1)(f)): For fraud prevention and service improvement

4. Information We Collect

4.1 Information You Provide

• Account Information: Name, email address, phone number, postal address
• Project Information: Service requirements, project descriptions, location preferences
• Service Provider Data: Business credentials, licenses, insurance information, portfolio
• Communication Data: Messages, quotes, reviews, and feedback
• Payment Information: Billing details (processed by third-party payment processors)

4.2 Automatically Collected Information

• Device Information: IP address, browser type, operating system
• Usage Data: Pages visited, time spent, click patterns
• Technical Data: Cookies, session data, error logs
• Location Data: General geographic location (with consent)

5. How We Use Your Information

5.1 Primary Services

• Matching service seekers with appropriate service providers
• Facilitating communication between users
• Processing and managing quotes and project requests
• Providing customer support and resolving disputes

5.2 Platform Improvement

• Analyzing usage patterns to improve our AI matching algorithms
• Enhancing user experience and platform functionality
• Conducting research and analytics for service optimization

5.3 Legal and Security

• Verifying identity and preventing fraud
• Complying with legal obligations and regulatory requirements
• Protecting against security threats and maintaining platform integrity

6. Information Sharing and Disclosure

6.1 Service Providers

We share relevant project information with matched service providers to enable them to provide quotes and services. This includes your project requirements, location, and contact information.

6.2 Third-Party Service Providers

We may share information with trusted third parties who assist us in operating our platform:

• Payment processors (for billing and subscription management)
• Cloud hosting providers (for data storage and platform operations)
• Analytics providers (for service improvement)
• Customer support tools

6.3 Legal Requirements

We may disclose your information when required by law, regulation, legal process, or governmental request.

6.4 Data Sales

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

7. International Data Transfers

Your data is primarily processed within the European Union. When we transfer data outside the EU, we ensure adequate protection through:

• European Commission adequacy decisions
• Standard Contractual Clauses (SCCs)
• Appropriate technical and organizational measures

8. Data Security

We implement robust security measures to protect your personal information:

• Encryption: All data is encrypted in transit (TLS) and at rest (AES-256)
• Access Controls: Role-based access with multi-factor authentication
• Regular Audits: Security assessments and vulnerability testing
• Employee Training: Regular data protection and security training
• Incident Response: Comprehensive breach response procedures

9. Data Retention

We retain your personal information only as long as necessary for the purposes outlined in this policy:

• Account Data: Until account deletion + 30 days for security
• Transaction Records: 7 years for tax and legal compliance
• Communication Data: 3 years for dispute resolution
• Marketing Data: Until consent withdrawal
• Technical Logs: 12 months for security and troubleshooting

10. Your Rights Under GDPR

You have the following rights regarding your personal data:

To exercise your rights, contact us at privacy@fynd.lu. We will respond within 30 days.

11. Cookies and Similar Technologies

We use cookies and similar technologies to enhance your experience. For detailed information about our cookie practices, please see our Cookie Policy. You can manage cookie preferences through your browser settings or our cookie consent banner.

12. Children's Privacy

Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us immediately.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by email and by posting a notice on our platform. Your continued use of our services after such changes constitutes acceptance of the updated policy.

14. Supervisory Authority

If you have concerns about our data processing that we cannot resolve, you have the right to lodge a complaint with the Luxembourg data protection authority:

15. Contact Information

For questions about this Privacy Policy or our data practices, please contact: