How we handle your data
Financial data is sensitive. Here's exactly what we do with it - and what we don't.
Where your data lives
Fenova runs on Supabase infrastructure in the EU region. Uploaded bank statement data is stored and processed within that region so your records stay in a jurisdiction aligned with UK and EU privacy standards.
How it's protected
Data is encrypted in transit and at rest. Access controls are enforced at the database level, and each account is isolated so one customer's data cannot be queried from another account context.
Who can see it
Access is restricted to the minimum needed to operate the service. We do not expose customer data internally beyond operational requirements, and we do not provide broad employee access to financial records.
What we don't do
We do not sell your data. We do not share your data with marketing partners. We do not train AI models on your financial records. Our ICO registration is in progress ahead of public launch.
Your GDPR rights
You can request access, correction, export, or deletion of your data. We support these requests in line with UK GDPR and GDPR requirements, and we respond through our privacy contact channel.
Contact
For any privacy or security question, email privacy@fenova.co.uk and include the account email associated with your request.