Fynso Privacy Policy

This Privacy Policy applies to:

• Businesses that use Fynso to connect their schedule, booking, billing, financial, or operational data for revenue intelligence.
• Visitors and users of our website, app, and communications channels.

This Policy does not cover third-party platforms or services not controlled by Fynso.

We use the data connected to Fynso solely to deliver and improve the service for your business:

1. Revenue Insights & Daily Briefings:Connecting your schedule, billing, and bank data to generate daily briefings, no-show cost analysis, client churn risk flags, utilization reporting, and revenue pacing insights.
2. Proactive Recovery & Retention:Detecting at-risk revenue — missed appointments, lapsed clients, underbooked providers, cash-flow timing gaps — and surfacing ranked priorities with dollar impact so you can act before revenue is lost.
3. AI-Generated Outreach:Drafting and (with your authorization) sending re-engagement and recovery emails to your at-risk clients using the context from your connected data. You retain control and can review, modify, or disable this at any time.
4. Service Delivery & Product Improvement:Operating, maintaining, and improving Fynso's features, dashboards, and the accuracy of the AI insights we generate for your business. We do not use your data to train models for other customers.
5. Compliance & Security:Safeguarding your data, preventing fraud, and maintaining SOC 2 compliant protection measures through our infrastructure and Drata monitoring.
6. Communications:Sending product updates, operational alerts, and occasional educational content (you can opt out anytime).

We may share information only as follows:

• With Service Providers:Third parties that support our operations (hosting, analytics, customer support, data processors) under strict confidentiality and data protection agreements.
• Legal & Regulatory:When required to comply with law, enforce policies, or prevent fraud.
• Business Transfers:In the event of a merger, acquisition, or restructuring, your data may be transferred under equal or stronger privacy terms.

We use industry-leading safeguards to protect all personal and business data:

• Encryption:TLS 1.2+ for all data in transit, AES-256-GCM encryption for sensitive credentials and integration tokens, and database encryption at rest via our managed infrastructure.
• Access Controls:Read-only integrations, row-level security policies, and encrypted API keys and tokens for every connection.
• Compliance:Built on SOC 2 compliant infrastructure. Actively partnering with Drata to formalize SOC 2 Type II and HIPAA certifications.
• Data Minimization:We only store what's essential and delete inactive data on a rolling schedule.

While we work hard to protect your information, no method of transmission or storage is 100% secure. Fynso cannot guarantee absolute security and you acknowledge the inherent risks of sharing information online. In the event of a confirmed security incident that materially affects your data, Fynso will notify you without undue delay in accordance with applicable law, provide the information we reasonably have available at that time, and describe the steps we are taking in response.

We retain information only as long as necessary to:

• Provide and improve Services.
• Meet legal or contractual obligations.
• Resolve disputes and enforce terms.

When data is no longer needed, it is securely deleted or anonymized.

Depending on your jurisdiction, you may have rights to:

• Access data we hold about you.
• Request correction of inaccurate information.
• Request deletion of data, except where retention is required by law.
• Withdraw consent for connected accounts at any time.
• Opt out of promotional communications.

Submit requests at support@fynso.ai.

When you use Fynso, you are responsible for the information you provide to us or make available to us through connected systems. In particular, you represent and warrant that:

• You have the legal right and all necessary authority, permissions, consents, and notices in place to connect your business data (including data about your clients, patients, customers, employees, or other third parties) to Fynso and to allow Fynso to process it for the purposes described in this Policy.
• The information you provide is accurate and kept up to date, and you will update it as necessary.
• You are responsible for complying with all laws that apply to your business, including those governing the collection, storage, and use of personal information about your clients, patients, customers, or other individuals whose data you share with Fynso.
• You are responsible for maintaining the confidentiality of your account credentials and for all activity that occurs under your account.
• You will not use Fynso to process any category of information for which Fynso has not been explicitly represented or certified (for example, payment card data, government-issued identifiers, or other regulated data categories outside the scope of the Services).

Fynso uses automated processing, including artificial intelligence and machine learning models, to analyze your connected data and produce insights, recommendations, draft communications, and other output. You should be aware of the following:

• The output is generated automatically and may be incomplete, inaccurate, or contain errors. It should not be treated as legal, tax, accounting, medical, or other professional advice.
• AI-generated outreach (such as drafted emails to lapsed or at-risk clients) requires your authorization before any communication is sent on your behalf. You retain the ability to review, edit, pause, or disable this functionality at any time.
• Fynso does not use your business or customer data to train AI models for the benefit of other Fynso customers or third parties.
• Fynso does not make decisions that produce legal or similarly significant effects about you or your clients solely through automated means. You remain the decision-maker for your business.

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), gives you certain rights regarding personal information we collect about you, subject to legal exceptions:

• The right to know what personal information we collect, use, disclose, and retain.
• The right to request deletion or correction of your personal information.
• The right to opt out of the sale or sharing of your personal information.
• The right to limit the use and disclosure of sensitive personal information.
• The right not to receive discriminatory treatment for exercising any of these rights.

No Sale or Sharing of Personal Information. Fynso does not sell personal information and does not share personal information for cross-context behavioral advertising. We do not respond to "Do Not Track" browser signals because no industry standard currently exists, but we honor the privacy choices described in this Policy and provided in our product.

To exercise any of these rights, email us at support@fynso.ai. We may request information to verify your identity before responding.

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THIS PRIVACY POLICY AND FYNSO'S PRACTICES ARE PROVIDED "AS IS." FYNSO MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND REGARDING THE ACCURACY, COMPLETENESS, OR RELIABILITY OF ANY INFORMATION OBTAINED FROM THIRD-PARTY SOURCES, INCLUDING DATA PROVIDED BY INTEGRATED SERVICES SUCH AS PLAID, QUICKBOOKS, STRIPE, SQUARE, OR ANY OTHER CONNECTED SYSTEM.

Fynso relies on third-party sources for a significant portion of the data it processes. Fynso is not responsible for the accuracy, completeness, legality, or availability of data received from those third-party sources and is not liable for any losses, claims, or damages resulting from errors, omissions, delays, or unavailability of third-party services.

To the maximum extent permitted by law, Fynso and its affiliates, officers, employees, and agents shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits, revenue, or data, arising out of or in connection with this Policy, the processing of your information, or your use of the Services. Any liability of Fynso related to this Policy is subject to the limitations set forth in the Fynso Terms of Service.

The provisions of this Policy that by their nature should survive termination of your account or of your use of the Services — including those relating to data security obligations, retention, data rights, confidentiality, dispute resolution, and limitations of liability — will survive.

We use cookies and analytics for:

• Essential site functions (security, session management).
• Performance insights (traffic, load times, error tracking).
• Personalization (user preferences, dashboard state).

You can control cookies through browser settings, though some features may not function properly if disabled.

Fynso operates from the United States.

If you access our Services from outside the U.S., your data may be transferred to servers in the U.S. under appropriate safeguards compliant with GDPR and other international frameworks.

Fynso is not intended for use by anyone under 18 years of age.

We do not knowingly collect personal data from minors.

If we discover such data, it will be promptly deleted.

We may update this Privacy Policy periodically.

If material changes occur, we will notify you by email or in-app alert.

Continued use of Fynso after an update means you accept the revised Policy.

For questions or privacy concerns, contact: