There are two ways personal data flows through Fiive:

When we are the controller

We decide how and why to use personal data about:

• customers who create a Fiive account;
• users invited into a customer's account (for example, team members, agency users, and client users);
• prospects and website visitors.

This Privacy Policy mainly covers this situation.

When we are the processor

You (the customer) may store personal data about your own clients, agencies, team, and partners in Fiive ("Customer Data"). In that case, you are the data controller and we process Customer Data only:

• on your documented instructions;
• as set out in our Terms of Service and any data processing addendum; and
• as required by law.

This Privacy Policy does not describe how you, as a customer, use the personal data you store in Fiive. If you are a client or partner of one of our customers, please refer to their privacy notice.

You are not legally required to provide personal data to us. However, if you choose not to, some parts of the Service may not work.

Data you give us

You may give us personal data when you:

• create a Fiive account or profile;
• set up an organisation, agency, or client workspace;
• invite users or manage team members and client contacts;
• create or manage projects, tasks, requests, or other records;
• contact us for support or feedback;
• subscribe to updates or marketing.

This can include:

• Account details – name, email address, password (stored in hashed form), job title, profile information.
• Organisation details – agency or company name, contact details, billing contact.
• Client contact details – names, roles, email addresses, and other contact information you choose to store in Fiive.
• Support and communication data – messages and attachments you send us, feedback, and related information.
• Billing details – billing contact information and basic transaction details (payment card details are handled by our payment providers, not by Fiive).

Data we collect automatically

When you use our site or the Service, we collect:

• Usage data – actions taken in the app (for example, logins, page views, clicks, features used).
• Log data – IP address, browser type, operating system, device identifiers, and timestamps.
• Cookies and similar technologies – small files that help us keep you signed in, secure the Service, and understand how it is used.

Where required by law, we will only use non-essential cookies (for example, analytics cookies) if you agree.

Data from other sources

We may receive personal data about you from:

• a customer who invites you to Fiive using your email address;
• payment providers (for example, payment status and limited billing details);
• tools we use for email delivery, customer support, or analytics.

We only use personal data when we have a valid legal reason. In most cases this is because:

• we need it to run the Service you have asked us to provide (contract);
• we have a legitimate business reason that does not unfairly impact your rights (legitimate interests); or
• we must do so to meet legal requirements (legal obligation).

Running Fiive

We use personal data to:

• create and manage accounts and workspaces;
• authenticate users and provide access;
• process subscriptions and billing;
• provide support and handle your requests.

Legal basis: contract and our legitimate interests in operating the Service.

Security and misuse

We use personal data to:

• monitor access and usage for security;
• detect, prevent, and investigate fraud, abuse, or rule-breaking;
• protect the rights, property, and safety of Fiive, our customers, and others.

Legal basis: our legitimate interests in security and fraud prevention, and legal obligations where applicable.

Improving the Service

We use usage data and feedback to understand how Fiive is used and to improve performance, features, and user experience. Where we can, we use aggregated or anonymised data.

Legal basis: our legitimate interests in developing and improving Fiive.

Communicating with you

We use contact details to:

• send service messages (for example, account notices, security alerts, subscription updates);
• respond to support requests;
• send product updates and important changes.

Legal basis: contract and our legitimate interests in keeping you informed.

Marketing (B2B)

We may send marketing emails about Fiive to business contacts where this is allowed by law (for example, existing or prospective customers who have shown interest in Fiive). You can opt out at any time using the unsubscribe link in the email or by contacting us.

Legal basis: our legitimate interests in promoting Fiive, or consent where required.

Legal and compliance

We may use personal data to:

• comply with laws, regulations, and valid legal requests;
• enforce our Terms of Service;
• handle disputes and legal claims.

Legal basis: legal obligations and our legitimate interests in protecting our rights.

We do not use Customer Data or your personal data from the Service to train AI models.

We do not rent or sell your personal data. We may share personal data with:

• Service providers: Companies that help us deliver Fiive (for example, hosting, databases, infrastructure, email, customer support tools, analytics, payment providers). They only process personal data under our instructions and must keep it secure.
• Within a customer account: User details and Customer Data may be visible to other users in the same account, depending on roles and permissions set by the customer.
• Professional advisers: Such as lawyers or accountants, where needed for our business.
• Business transfers: If we are involved in a merger, acquisition, or sale of all or part of our business, personal data may be transferred as part of that process, subject to appropriate safeguards.
• Law and safety: Where we must share data to comply with law, a court or regulator, or where we believe it is necessary to protect the rights, property, or safety of Fiive, our customers, or others.

We are based in the UK and may process personal data in the UK and European Economic Area (EEA). Some of our service providers may process personal data in other countries. If personal data is transferred outside the UK or EEA to a country that does not have the same level of data protection, we rely on legally recognised safeguards (for example, standard contractual clauses approved by regulators or equivalent protections) to protect your data. You can contact us for more information about these safeguards.

We keep personal data only for as long as we need it for the reasons described in this Privacy Policy, including to:

• run the Service;
• comply with legal, accounting, and tax rules;
• resolve disputes and enforce our agreements.

In general:

• account and profile data is kept while your account is active and for a reasonable period afterwards;
• billing and transaction data is kept for the period required by law;
• support and communication data is kept as long as needed to support you and improve Fiive.

When data is no longer needed, we delete or anonymise it. If full deletion is not possible immediately (for example, because of backups), we securely store it and isolate it from further use until it can be deleted.

We and our service providers use cookies and similar technologies to:

• keep you signed in;
• provide core functionality;
• keep Fiive secure;
• understand how the Service is used.

We do not use cookies for third-party advertising or behavioural ad tracking. Where required by law, we will ask for your consent before using non-essential cookies or analytics tools. You can manage cookies through your browser settings and, where available, through our cookie settings.

We use technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, change, or unauthorised access. No system is perfectly secure. We cannot guarantee absolute security of your data, but we work to keep it as safe as we reasonably can. If you believe your account or data has been compromised, contact us immediately at support@fiive.co.

If you are in the UK or EU, you have the following rights over your personal data, subject to some limits in the law:

• Access: Ask for a copy of your personal data.
• Rectification: Ask us to correct inaccurate or incomplete data.
• Erasure: Ask us to delete your data in certain circumstances.
• Restriction: Ask us to limit how we use your data in certain cases.
• Objection: Object to processing based on our legitimate interests, and object to direct marketing at any time.
• Data portability: Ask for your data in a structured, commonly used, machine-readable format and ask us to transfer it to another organisation where technically possible.
• Withdraw consent: Where we rely on consent, you can withdraw it at any time (this will not affect processing that has already happened).

To exercise these rights, contact us at support@fiive.co. We may need to verify your identity before we act on your request. You also have the right to complain to your local data protection authority. In the UK, this is the Information Commissioner's Office (ICO). If you live in certain US states (for example, California), you may have additional rights under local law. We do not sell personal information. We do not make decisions based solely on automated processing that have legal or significant effects on you. If you wish to exercise any rights under those laws, contact us at support@fiive.co.

Fiive is a business tool intended for professional use and is not designed for use by children. You must be at least 18 years old to use the Service. We do not knowingly collect personal data from children. If we become aware that such data has been collected, we will delete it where required.

Fiive may link to, or integrate with, third-party websites and services. We use trusted service providers such as hosting, infrastructure, email delivery, and payment processors to run Fiive. They only process personal data under our instructions. This Privacy Policy does not apply to those sites or services, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you use.

We may update this Privacy Policy from time to time, for example when we change how Fiive works or to reflect new legal requirements. If we make a material change, we will let you know (for example, by email or in-app notice) and update the "Last updated" date at the top of this page. If you continue to use Fiive after the updated Privacy Policy takes effect, you agree to the new version.

If you have any questions, concerns, or requests about this Privacy Policy or how we handle personal data, contact us at:

Email: support@fiive.co

Address: Fiive Ltd, 86-90 Paul Street, London, EC2A 4NE