GDPR · Data Sovereignty

Privacy Policy

Last updated: June 2026 · Data controllers: finchwire sp. z o.o. (PL) & finchwire LLC (JO)

1. Short version

We collect almost nothing. We don't use trackers, analytics services, ad networks, or third-party cookies. What little we collect is either strictly necessary for the site to function, or voluntarily provided by you when you request a setup or audit.

2. What we collect

Form submissions — when you use our audit/setup request form we receive your name, work email, company size, region, and message. Stored securely on our EU server and forwarded to our inbox.
Secure Chat — messages are processed by STARA-Assist via our AI provider. The conversation is held in your browser's session only; no transcript is persisted on our servers after the session ends.
Server logs — our web stack logs IP address, user-agent, and request path temporarily for abuse prevention. No cookies are set by the server.
Cookie preference — a single fw_cookies value in your browser's localStorage, storing only your accept/decline choice.

3. What we do not collect

No advertising or marketing cookies.
No third-party analytics (Google Analytics, Meta Pixel, Plausible, etc.).
No device fingerprinting.
No behavioural profiles or cross-site tracking.

4. Where data lives

This website is hosted on EU-jurisdiction infrastructure. Form submissions are stored in our EU region. Customer deployments (Business OS, STARA, Cloud, RHEL) reside in the jurisdiction specified in the customer's Statement of Work — typically EU or inside the customer's own MENA country.

5. Your rights (GDPR)

For EU data subjects: access, rectification, erasure, restriction, portability, and objection. Exercise by emailing privacy@finchwire.com. We respond within 30 days. You may lodge a complaint with the Polish UODO or your local supervisory authority.

6. International transfers

Chat messages may transit through cloud infrastructure to reach our AI model. We apply the principle of data minimization: only your typed message (and short session history) is sent; no personal identifiers are attached. For deployments requiring strict sovereignty, the STARA platform can be run entirely on-premise with zero external API calls.

7. Cookies

This site does not set cookies from the server. A single localStorage entry records your cookie-banner preference. You may clear it at any time from your browser settings, or via the "Cookie settings" link in the footer.

8. Children

Our Services are intended for business users aged 16+. We do not knowingly collect data from children.

9. Changes

We will post updates here with a revised date. Material changes affecting existing customers will also be communicated by email.

10. Contact & DPO

Privacy inquiries: privacy@finchwire.com
Encrypted mail: hello@finchwire.com (PGP key available on request).
Postal: finchwire sp. z o.o., Warsaw, Poland · finchwire LLC, Amman, Jordan.

Back to finchwire.com