1) Who we are
Finance in a Box (“FIAB”, “we”, “us”) provides on-demand, tech-enabled finance, people ops, payroll, and recruiting services, plus software integrations and analytics. Contact: info@financeinabox.com
2) Scope
This Policy describes how we collect, use, disclose, and protect personal data when you visit our websites, use our services, or interact with us. It applies to www.financeinabox.com and related sub-domains, products, and portals.
3) Roles under data protection law
Depending on the engagement:
● We act as a Controller for the data we collect about website visitors, prospects, and our own personnel.
● We act as a Processor for client data processed to deliver our services (e.g., accounting, HR/payroll, recruiting). In those cases, a Data Processing Addendum (DPA) governs our processing.
4) Data we collect
● Provided by you: contact details, company info, job application data, support requests, and any documents you upload.
● From your use of our sites/services: log data, device information, IP address, analytics, cookies, and similar technologies.
5) Purposes & legal bases (GDPR)
We process data to:
● Provide and improve services, fulfill contracts (Art. 6(1)(b)).
● Communicate about proposals, updates, and service notices (Art. 6(1)(b), (f)).
● Run security, fraud prevention, and compliance checks (Art. 6(1)(c), (f)).
● Deliver marketing with your consent (Art. 6(1)(a)) or legitimate interest ((f) where permitted).
You can withdraw consent any time without affecting prior processing.
6) Cookies & analytics
We use necessary cookies and, with consent where required, analytics/advertising cookies. Manage preferences via our Cookie Banner or browser settings. See Cookie Notice for details.
7) Sharing & disclosures
We share data with:
● Service providers/sub-processors (hosting, email, analytics, payment, support).
● Partners at your direction (e.g., Salesforce, NetSuite, Zoho, Power BI, Keka, Rippling, ManageEngine).
● Legal/regulatory bodies where required.
We do not sell personal information. We do not permit sub-processors to use data for their own purposes.
8) International transfers
Where data moves outside your jurisdiction, we use appropriate safeguards (e.g., EU Standard Contractual Clauses, UK IDTA/Addendum) and conduct transfer risk assessments.
9) Retention
We keep data only as long as needed for the purposes above, our agreements, and legal requirements. Typical periods: prospect data 24 months, support records 24–36 months, contract data 7 years (or as required by tax/audit law).
10) Your rights
Subject to law, you may request access, correction, deletion, restriction, portability, or objection. California residents have additional rights under CCPA/CPRA. To exercise rights, contact info@financeinabox.com. We may verify your identity before fulfilling a request.
11) Security
We apply administrative, technical, and physical safeguards (least privilege, MFA, encryption in transit/at rest where supported, logging/monitoring, vulnerability management, and vendor due diligence).
12) Children
Our services are not intended for children under 16. We do not knowingly collect children’s data.
13) Third-party links
Our sites may link to third-party services. Their privacy practices are governed by their own policies.
14) Changes
We may update this Policy from time to time. Material changes will be posted here with an updated effective date.
Contact: info@financeinabox.com
We transform finance by simplifying complexity and guiding businesses with expertise.
Copyright © 2025. All rights reserved.
At Finance in a Box, we are on a mission to transform the financial landscape by simplifying complex financial matters and providing expert guidance to businesses.
