Privacy policy
Last updated: June 28, 2026
Fentyr ("we", "us") provides client-onboarding software for freelancers and agencies. This policy explains what personal data we process, why, how long we keep it, who we share it with, and the rights you have under the EU/UK General Data Protection Regulation (GDPR).
1. Data we collect
- Account data: name, email, password (hashed), company name, and preferences.
- Billing data: subscription status and customer ID. Card details are handled directly by Stripe — we never store full card numbers.
- Product data: the onboarding flows, projects, and client portals you create.
- Client data (on behalf of our users): information your clients submit through a portal (form answers, uploaded files, contract signatures, payments). For this data the agency is the controller and Fentyr is the processor.
- Usage data: log data and, only with your consent, analytics (Microsoft Clarity) to improve the product.
2. Why we collect it (legal bases)
- Contract: to provide the service you signed up for (accounts, flows, portals, payments).
- Legitimate interest: to secure the service, prevent abuse, and send essential transactional emails.
- Consent: for analytics cookies and non-essential marketing emails. You can withdraw consent at any time.
- Legal obligation: to keep billing records as required by law.
3. How long we keep it (retention)
We keep your data for as long as your account is active. Inactive accounts are automatically deleted after 24 months of inactivity, along with their flows, projects, and client data. We send a warning email 30 days before deletion so you can sign in to keep your account. Billing records may be kept longer where required by law. You can delete your account at any time from Settings → Account.
4. Who we share it with
We do not sell your data. We share it only with the processors needed to run Fentyr:
- Supabase — database and authentication hosting.
- Stripe — payment processing and subscriptions.
- Resend — transactional and lifecycle emails.
- Microsoft Clarity — product analytics (only with your consent).
- Vercel — application hosting.
5. Your rights
Under the GDPR you have the right to:
- Access — download a copy of your data (Settings → Account → Download my data).
- Deletion — permanently delete your account and data (Settings → Account → Delete my account).
- Portability — receive your data in a machine-readable JSON format.
- Objection & restriction — object to or restrict certain processing, including opting out of non-essential emails via the unsubscribe link in any email.
- Rectification — correct your data from your account settings.
6. Contact & data requests
For any data subject request (access, deletion, portability, objection), contact our data protection contact at leandre.le.berre@gmail.com. We respond to all requests within 30 days, as required by the GDPR.