Privacy Policy

1. Who we are

The data controller responsible for your personal data is:

FaimosAI Ltd

4 Hambleden Drive, Wallingford, OX10 0PQ, United Kingdom

Company number: 17042011

Registered in England and Wales

Email: hello@faimos.ai

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use FAImos (the “Service”). We are committed to protecting your privacy and complying with applicable data protection laws, including but not limited to:

  • UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018
  • New Zealand Privacy Act 2020
  • Australian Privacy Act 1988 (including the Australian Privacy Principles)
  • South Africa’s Protection of Personal Information Act 2013 (POPIA)
  • California Consumer Privacy Act / California Privacy Rights Act (CCPA/CPRA)

2. Data We Collect

Account Information

  • Name and email address
  • Company name (optional)
  • Billing information

Usage Data

  • Pages visited and features used
  • Browser type and device information
  • IP address and location data

Content Data

  • Strategy content and campaigns you create
  • Workspaces and team members
  • Uploaded files

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

3. How We Use Your Data

We use your data to:

  • Provide and improve the Service
  • Process payments and send invoices
  • Send service updates and support messages
  • Ensure security and prevent fraud
  • Comply with legal obligations

4. AI Processing and Third-Party Services

FAImos integrates with AI providers (OpenAI, Google, Anthropic) to power our marketing tools. When you use AI features:

  • Your prompts and context are sent to the selected AI provider
  • AI providers may process data according to their own privacy policies
  • You can configure which AI provider to use in workspace settings
  • API keys you provide are encrypted and stored securely.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

5. Legal Basis for Processing

We process your personal data on the following legal bases:

UK GDPR

  • Contract performance — To provide the Service to you
  • Legitimate interests — To improve and secure the Service
  • Legal obligation — To comply with tax and accounting laws
  • Consent — For marketing communications (optional, and you may withdraw consent at any time)

South Africa (POPIA)

Under POPIA, we process your personal information based on: your consent, the necessity to perform a contract with you, compliance with a legal obligation, and our legitimate interests where these are not overridden by your rights and interests.

New Zealand, Australia & United States

Under the New Zealand Privacy Act 2020, the Australian Privacy Act 1988, and the CCPA/CPRA, we collect and use your personal information only for the purposes described in this policy, and we handle your data in accordance with the applicable information privacy principles and consumer rights in each jurisdiction.

6. Data Sharing

We do not sell your personal data. We share data with the following sub-processors to operate the Service:

  • Stripe — Payment processing (United States)
  • Supabase — Authentication and database (United States)
  • OpenAI, Google Gemini, Anthropic Claude — Content generation, only when you use AI features (United States)
  • Replit Inc. — Cloud hosting infrastructure (United States)

Each sub-processor is contractually required to process your data only as necessary to provide their services to us, and to implement appropriate security measures.

We may also share data with legal authorities when required by law.

For California residents (CCPA/CPRA)

We do not sell or share your personal information for cross-context behavioural advertising. We do not use or disclose sensitive personal information for purposes other than those permitted by the CCPA. You have the right to opt out of the sale of personal information — however, we do not engage in data sales.

7. International Transfers

Your data is primarily processed and stored in the United States through our sub-processors listed above. FaimosAI Ltd is based in the United Kingdom but uses US-based infrastructure to deliver the Service. This means your personal data may be transferred to, and processed in, a country outside your jurisdiction.

We ensure that appropriate safeguards are in place for these transfers under the applicable laws of each jurisdiction:

United Kingdom (UK GDPR, Chapter V)

Where we transfer personal data outside the UK, we rely on appropriate safeguards including UK International Data Transfer Agreements (IDTAs) or the UK Addendum to the EU Standard Contractual Clauses (SCCs). We assess the data protection standards of the recipient country and implement supplementary measures where necessary.

New Zealand (Privacy Act 2020, IPP 12)

Under Information Privacy Principle 12, we ensure that personal information sent to an overseas recipient is subject to comparable privacy protections, or that we have obtained your authorisation. Our sub-processors are contractually bound to protect your data to standards comparable to the New Zealand Privacy Act 2020.

Australia (Privacy Act 1988, APP 8)

Under Australian Privacy Principle 8, before disclosing personal information to an overseas recipient, we take reasonable steps to ensure the recipient does not breach the Australian Privacy Principles. We remain accountable for the handling of your personal information by our overseas sub-processors as if we had handled it ourselves.

South Africa (POPIA, Section 72)

Under Section 72 of POPIA, we transfer personal information to recipients outside South Africa only where: the recipient is subject to binding rules or a contract that provides an adequate level of protection, or you have consented to the transfer, or the transfer is necessary for the performance of a contract between us. Our sub-processors are contractually obligated to protect your personal information in accordance with POPIA.

United States (CCPA/CPRA)

As our infrastructure is located in the United States, no cross-border transfer occurs for US-based users. For users outside the US, our service providers are bound by data processing agreements that restrict how they use your personal information.

8. Data Retention

  • Account data — Retained until you delete your account
  • Billing data — Retained for 7 years (UK tax law requirement)
  • Usage data — Retained for 2 years

9. Your Rights

Depending on your location, you have the following rights regarding your personal data:

All Users

  • Access — Request a copy of your personal data
  • Correct — Rectify inaccurate or incomplete data
  • Delete — Request deletion of your data (subject to legal obligations)
  • Export — Receive your data in a portable format
  • Withdraw consent — Withdraw consent for marketing communications at any time

Additional Rights by Jurisdiction

United Kingdom (UK GDPR)

Right to object to processing, right to restrict processing, right not to be subject to automated decision-making.

New Zealand (Privacy Act 2020)

Right to request correction of personal information (IPP 7), right to be informed about the collection and use of your information (IPP 3).

Australia (Privacy Act 1988)

Right to access personal information held about you (APP 12), right to request correction (APP 13), right to complain about breaches of the APPs.

South Africa (POPIA)

Right to be notified of data collection (Section 18), right to request correction or deletion (Section 24), right to object to processing (Section 11(3)), right not to be subject to automated decision-making (Section 71).

California, United States (CCPA/CPRA)

Right to know what personal information is collected and how it is used, right to delete, right to opt out of the sale of personal information (we do not sell data), right to non-discrimination for exercising your rights, right to correct inaccurate information, and right to limit the use of sensitive personal information.To exercise any of these rights, contact us at hello@faimos.ai. We will respond within the timeframes required by the applicable law in your jurisdiction.

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including encryption in transit and at rest, access controls, regular security audits, and secure authentication. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

11. Cookies

We use essential cookies for authentication and session management. Analytics cookies are optional and used to help us understand how the Service is used.For more information, please see our Cookie Policy.

12. Changes to This Policy

We may update this Privacy Policy from time to time. For significant changes, we will notify you via email or in-app notification. The “Last updated” date at the top of this page will be revised accordingly.

13. Contact & Complaints

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

FaimosAI Ltd

4 Hambleden Drive, Wallingford, OX10 0PQ, United Kingdom

Email: hello@faimos.ai

If you are unsatisfied with our response, you have the right to lodge a complaint with the relevant supervisory authority in your jurisdiction:

United Kingdom

Information Commissioner’s Office (ICO) — www.ico.org.uk

New Zealand

Office of the Privacy Commissioner — www.privacy.org.nz

Australia

Office of the Australian Information Commissioner (OAIC) — www.oaic.gov.au

South Africa

Information Regulator — www.justice.gov.za/inforeg

California, United States

California Attorney General — oag.ca.gov/privacy

California Attorney General — oag.ca.gov/privacy

Scroll to Top