Privacy Policy

Foundbase ApS is the data controller for the processing of personal data in connection with the Service.

3.1 Data you provide us

We collect the following personal data when you use the Service:

• Account information: Name, email address, phone number, company name
• User data: Content you create in the Service, including projects, tasks, contacts, documents
• Payment data: Payment information (processed by our payment providers)
• Communication: Emails, support requests and other communications with us

3.2 Automatically collected data

We automatically collect the following data:

• Technical data: IP address, browser type, operating system, device information
• Usage data: How you use the Service, features you access, usage times
• Cookies and similar technologies: See our cookie policy for details

We process your personal data for the following purposes:

• Service delivery: To provide and manage your account and the Service
• Billing: To handle payments and billing
• Support: To provide customer support and answer questions
• Improvement: To improve and develop the Service
• Security: To ensure the security of the Service and prevent abuse
• Communication: To communicate important updates and changes

4.1 Legal basis

Processing is based on:

• Contract performance: To provide the Service according to our agreement
• Legitimate interests: To improve the Service and ensure security
• Consent: For marketing and non-essential communications
• Legal obligation: To comply with applicable legislation

5.1 Third parties

We only share your personal data with third parties in the following cases:

• Payment providers: To handle payments (Stripe, PayPal)
• Hosting and infrastructure: Cloud providers for hosting the Service
• Analytics and support: Tools to improve the Service
• Legal requirements: When required by law

5.2 Data processors

We use data processors who are obliged to protect your data and only process it according to our instructions.

5.3 International transfers

Data may be transferred to countries outside the EU/EEA. In such cases, we ensure appropriate protection through standard contractual clauses or other approved mechanisms.

We implement appropriate technical and organizational measures to protect your personal data against:

• Unauthorized access or disclosure
• Alteration, loss or destruction
• Misuse or unlawful processing

6.1 Security measures

Our security measures include:

• Data encryption in transit and at rest
• Regular security updates and patches
• Access control and authentication
• Regular security audits
• Employee training in data security

We only retain your personal data for as long as necessary to fulfill the purposes for which it was collected:

• Account information: As long as your account is active plus 3 years
• Payment data: In accordance with accounting legislation (5 years)
• Support data: 3 years after last contact
• Analytics data: 2 years

7.1 Data deletion

When the retention period expires, we securely delete or anonymize your personal data. You can also request deletion of your data earlier (see your rights below).

You have the following rights regarding your personal data:

• Access: Right to access your personal data
• Rectification: Right to have inaccurate or incomplete data corrected
• Erasure: Right to have your data deleted ("right to be forgotten")
• Restriction: Right to have the processing of your data restricted
• Portability: Right to have your data in a structured format
• Objection: Right to object to processing
• Complaint: Right to complain to the Data Protection Authority

8.1 Exercising your rights

To exercise your rights, contact us at info@foundbase.io. We will respond to your request within 30 days.

We use cookies and similar technologies to improve your experience of the Service. See our separate cookie policy for detailed information about which cookies we use and how you can control them.

The Service is not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16 years of age. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us immediately.

We may update this privacy policy from time to time. Significant changes will be notified via email or through the Service at least 30 days before they take effect.

The current version of the policy is always available on our website. Continued use of the Service after changes constitutes acceptance of the updated policy.

If you have questions about this privacy policy or our processing of your personal data, you can contact us at:

You can also complain to the Data Protection Authority if you believe that our processing of your personal data violates applicable legislation.