Privacy Policy

Last Updated: August 10, 2020

This privacy policy ("Policy") explains how personal information is collected, used, and disclosed with respect to your use of our website located at (the "Site") and the software and services provided by FirmoBase Limited ("FirmoBase", "we" or "us") and accessed through the Site and your mobile device (the "FirmoBase Service") so you can make an informed decision about using the FirmoBase Service. Please read this Policy carefully to understand our policies and practices regarding your information gathered through your use of the Site and the FirmoBase Service and how we will treat it. If you do not agree with this Policy and our practices, do not use the Site or the FirmoBase Service. By using this Site and the FirmoBase Service, you represent that you are 16 years old or older.

We reserve the right to change the provisions of this Policy at any time. We will alert you that changes have been made by indicating on the top of the privacy policy the date it was last updated. If we make material changes to how we treat our users’ personal data, we will notify you by email to the email address specified in your account or through a notice on the Site home page. You are responsible for ensuing we have an up-to-date and deliverable email address for you, and for periodically visiting our Site and this Policy to check for any changes.

Your use of the Site following the posting of such changes or revised statement shall constitute your acceptance of any changes in our privacy practices, and you expressly waive any right to receiving notice of such changes except where your affirmative consent is required. We encourage you to periodically review this Policy whenever you visit our Site to make sure that you understand how any personal information you provide will be used.

We regularly review our compliance with this Privacy Policy. To our knowledge, we comply with the CAN SPAM Act of 2003. We take all of your concerns seriously and will review any written complaints received by us.

What Information does this Policy Apply to?

This Policy applies to personal data we process in connection with the Site and the FirmoBase Service. Personal data means information that can be directly or indirectly associated with you by reference to an identifier, such as a name, an email address, an identification number, or other information by which you can be identified using reasonable means.

Personal data includes information we receive:

  • From you when you create a user account for the FirmoBase Service;
  • Through your use of the FirmoBase Service and through contributions by the community of users;
  • In email, text, and other electronic messages between you and FirmoBase or the Site.
  • When you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this policy; and
  • Through any other site or application operated by FirmoBase or one of its affiliates that contains a link to this Policy.
Data Privacy Rights

If you are a resident of the European Economic Area, you have the following rights with respect to your personal data:

  • Right of Access – a right to understand the nature and extent of how your data is processed;
  • Right to be Rectification – a right to request correction of inaccurate data;
  • Right to Erasure – a right to request erasure of personal data in some circumstances, commonly referred to as the “Right to be Forgotten”;
  • Right to Restriction of Processing – a right to limit how your personal data is processed;
  • Right to Data Portability – a right to receive personal data and transfer information to another controller;
  • Right to Object – a right to object to processing of your personal data based on your circumstances and a right to object to direct marketing; and
  • Right to Freedom from Automated Decision-making – a right not to be subject to decision-making based solely on automated processing, including profiling, that produces legal or similarly significant effects.

To the extent possible, users will receive equal service and price regardless of whether they exercise their privacy rights under the GDPR. FirmoBase does not sell the personal data of its users.

You may contact us regarding these rights by writing to

How Do We Use the Information That You Provide to Us?

Broadly speaking, we use personal information for purposes of administering and expanding our business activities, providing customer service, making available other products and services to our users and prospective customers, to allow you to participate in interactive features on our Site, and to fulfill any other purpose for which you provide the personal information.

Specifically, we process your personal data for the following purposes:

  1. User Accounts. We use your information to provide a specific user account that allows you to access the resources available on the FirmoBase Service. Your user account also allows you to customize your experience and manage your personal data. If you download the FirmoBase application onto a smartphone, we will generate a unique identifier for your application and will pre-register you on our system, which allows us to customize your experience before you create a user account.
  2. Email Subscriptions. We use your email address and any stated subscription preferences to provide you with email content that we believe will be of interest to you. If you choose to sign up for an email newsletter, we will send the newsletter to the email address you register with us. If you wish to unsubscribe from the newsletter, you may do so by using the unsubscribe link in the newsletter.
  3. Customer Support. We use your information to provide support in the event you request assistance. This information includes emails, SMS messages, and other methods of communication you use to provide us with details about any issues you may be experiencing with the respect to the FirmoBase Service. We may also use information relating to your support request to improve the FirmoBase Service.
  4. Service Content. Users may post reviews, comments, and other content; send messages and other communications; and submit suggestions, ideas, comments, questions, or other information. All of these materials are referred to as Content. We may process your personal data in connection with your posting or sharing of Content. For example, comments or messages you send may include your name, photograph, or other personal data. We may also further process any Content to anonymize the Content to protect the privacy of our users and promote our business interests and services using the anonymized Content. We may edit Content to eliminate identifying information.
  5. Service Usage Statistics. We may use Google Analytics to help analyze how users use the FirmoBase Service. The tool uses cookies to collect standard Internet log information and visitor behavior information in an anonymous form. The information generated by the cookie about your use of the website (including IP Address) is transmitted to Google. This information is then used to evaluate visitors’ use of the FirmoBase Service and to compile statistical reports on website activity for us. We will never (and will not allow any third party to) use the statistical analytics tool to track or to collect any personally identifiable information of users of the FirmoBase Service. Google will not associate your IP address with any other data held by Google. Neither we nor Google will link, or seek to link, the information submitted to Google through your use of the FirmoBase Service with the identity of a computer user. We will not associate any data gathered from Google Analytics with any personally identifiable information from any source. We use the collected usage statistics to better understand our customers, measure the performance of the FirmoBase Service, and measure the effectiveness of our marketing efforts. The vast majority of service usage statistics cannot be reasonably used to directly or indirectly identify a particular individual. However, if any usage statistics can be used for such purpose, we will only use the information for aggregate statistical purposes rather than observing the behavior of specific users.
  6. Direct Marketing. Occasionally, we may use the information we collect to notify you about new services and special offers we think you will find valuable. You may notify us at any time if you do not wish to receive these offers by emailing us at Our goal is to only provide you with materials that are of interest to you.
  7. Profiling for Relevant Content. We may use the information we have collected from you to enable us to present content that we believe will be of interest to you. We profile customer interests based on information you provide to us directly and information developed based on your use of the FirmoBase Service. For example, we may use your searches on the FirmoBase Service to improve the quality of the results we provide to you.
  8. Detecting and Preventing Fraud. We use your information to monitor for potentially fraudulent activities committed using the FirmoBase Service.
  9. Legal Claims. We may disclose your personal data where such disclosure is necessary for the establishment, exercise or defense of legal claims on behalf of FirmoBase, whether in court proceedings or in an administrative or out-of-court procedure.
  10. Published Information. FirmoBase may use your personal data, including your name, photograph, profile, and likeness in connection with any other information provided or expressed by you using the FirmoBase Service to promote its business interests and services. If you do not wish for FirmoBase to use your personal data in connection with any other information provided or expressed by you using the FirmoBase Service, please email us at
  11. Third-Party Advertising. Our advertising processor places ads that they believe will be of interest to you. Users are identified solely using a hashed identifier and no other personal data is available to the advertising processor. If you do not wish for the advertisements you receive to be tailored to fit your interests, please email us at
  12. Legal Obligations. In addition to the specific bases for disclosure of personal data set forth in this section, we may process or disclose your personal data where such processing or disclosure is necessary for compliance with a legal obligation to which we are subject. To the extent we are legally required to disclose information to law enforcement, we will comply with such requests. We will not otherwise voluntarily disclose your information.
Lawful Bases for Processing

Legitimate Interests. For purposes 1 – 11, processing of your personal data is necessary for the legitimate interests pursued by FirmoBase. FirmoBase values your fundamental rights and freedoms and carefully evaluates protection of your personal data with respect to such processing. FirmoBase will not engage in processing pursuant to this lawful basis to the extent FirmoBase’s legitimate interest is overridden by your interests or fundamental rights and freedoms which require protection of your personal data.

Specifically, purposes 1 – 11 are necessary to enable FirmoBase to provide high quality services, tailor content to specific users, provide customer support, provide common online services such as messaging, and otherwise improve the products and services offered. Purpose 1 allows FirmoBase to provide customized experiences for each user. Purposes 2, 6, 7, and 10 are necessary to support FirmoBase’s legitimate interest in providing relevant content and promotions to users. Purposes 3 and 4 are used to provide, maintain, improve, and support users’ use of the FirmoBase Service. Purpose 4 also provides for promotion of FirmoBase’s business interests and services while protecting the privacy of our users. Purpose 10 why the FirmoBase Service exists - we have a legitimate interest in providing access to our business insights platform and information published on the platform. Purpose 8 is based on FirmoBase’s legitimate interest in protecting itself and its users from fraudulent activities. Purpose 9 reflects FirmoBase’s legitimate interest in putting forth valid legal defenses and claims.

With respect to profiling and third-party advertising, we have concluded the processing of user information is not likely to result in a high risk because i) each user profile includes a limited level of detail; ii) the profiles only extend to business areas that may be of interest to the user; iii) the targeting of marketing materials is unlikely to have a significant effect on the user; and iv) our internal processes are intended to promote accuracy, fairness, and non-discrimination. We value your fundamental rights and freedoms and therefore do not engage in uses of your information where our legitimate interests are outweighed by your fundamental rights and freedoms.

Legal Obligation; Vital Interests. In addition to the specific bases for disclosure of personal data set forth in this section, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, as in the case of purpose 12, or in order to protect your vital interests or the vital interests of another natural person.

How Do We Protect Your Information?

We take appropriate security measures to protect against unauthorized access to all of our data. This includes internal reviews of our data collection, storage and processing practices, as well as an assessment of our encryption and physical security measures to guard against unauthorized access to systems where we store personal data. We restrict access to personal information to a limited number of our employees, partners and agents. These individuals and entities are bound by confidentiality agreements and may be subject to discipline, including termination and criminal prosecution, if they fail to meet any obligations required under their agreement with us.

The safety and security of your information also depends on you. You must maintain the security of your email accounts used to access the Site, and any other credentials you may use to access the site. Any information you share in public areas of the Site may be viewed by any other user of the Site. Unfortunately, the transmission of information via the Internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our Site. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Site.

How Can You Access and Correct Your Information?

When you use our Site, we make every effort to provide you with access to your personal data and will correct this data if it is inaccurate or delete it at your request when you submit a support ticket, if it is not otherwise required to be retained by law or for legitimate business purposes. You can review and change portions of your personal data by logging onto the Site and visiting your "My Info" page on your account "Dashboard." We ask individual users to identify themselves and the information requested to be accessed, corrected or removed before processing such requests, and we may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, jeopardize the privacy of others, would be extremely impractical (for instance, requests concerning information residing on backup tapes), or for which access is not otherwise required. In any case where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort. Because of the way we maintain certain services, after you delete your information, residual copies may take a period of time before they are deleted from our active servers and may remain in our backup systems. If we are unable to comply with your request, you have the possibility of lodging a complaint with a supervisory authority and seeking a judicial remedy.

Data Retention

We retain the personal information you provide while your account is in existence or as needed to provide you services. We may retain your personal data even after you have closed your account if retention is reasonably necessary to comply with our legal obligations, meet regulatory requirements, resolve disputes between members, prevent fraud and abuse, or enforce this Policy and the Site’s Terms and Conditions. We may retain personal data, for a limited period of time, if requested by law enforcement. Our customer service department may retain information for as long as is necessary to provide support-related reporting and trend analysis only.

Children Under the Age of 16

Our Site is not intended for children under 16 years of age. No one under age 16 may provide any information to or on the Site. We do not knowingly collect information from or relating to children under 16. If you are under 16, do not use or provide any information on this Site or on or through any of its features. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us by submitting a support ticket.

Data Controller & Processors

FirmoBase, Inc. is the controller of the personal data processed in connection with the Site and the FirmoBase Service. FirmoBase, Inc. is located in the Hong Kong.

The following is a complete list of the processors we use to provide the FirmoBase Service:

  1. Amazon Web Services, Inc. (United States) provides server infrastructure;
  2. Sendgrid, Inc. (United States) provides email services;
  3. Google, LLC. (United States) provides advertising-related services;
Disclosure of Personal Data

We may disclose personal information that we collect or you provide as described in this Policy:

  1. To our subsidiaries and affiliates who are also subject to the terms of this Policy;
  2. To contractors, service providers, and other third parties we use to support our business and develop further the Site and FirmoBase Services, subject to sufficient guarantees of appropriate technical and organizational measures to protect your rights and privacy;
  3. To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some of all of FirmoBase's assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by FirmoBase about our Site users is among the assets transferred;
  4. To fulfill the purpose for which you provide it. For example, if you give us your email address and the email address of a colleague to subscribe the colleague to the Site’s features, we may transmit your email address to the colleague;
  5. For any other purpose disclosed by us and supported by a lawful basis for processing when you provide the information; and
  6. With your consent.
Transfers of Data

We process personal data on leased dedicated servers located in the United States of America and Hong Kong. Our processor that provides these leased servers is Amazon Web Services, Inc. This transfer is subject to appropriate contractual safeguards and Amazon Web Services, Inc. is certified under the EU-US Privacy Shield. Transfers to other processors are either subject to appropriate safeguards or on the basis of an adequacy decision.

In some cases, we may process personal information outside your own country. If you use the FirmoBase Service from outside Hong Kong and provide personal data to us, your personal data may be transferred to Hong Kong. If you use the FirmoBase Service from within Hong Kong and provide personal data to us, your personal data may be transferred out of Hong Kong.

What About Other Websites Linked to Our Site?

We are not responsible for the practices employed by websites linked to or from our Site nor the information or content contained therein. Often, links to other websites are provided solely as pointers to information on topics that may be useful to the users of our Site. Please remember that when you use a link to go from our Site to another website, our Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including websites which have a link on our Site, is subject to that website's own rules and policies. Please read over those rules and policies before proceeding.

Third-Party Marketing Consent

If at any time, you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers’ target-audience preferences, you can revoke your consent by sending us an email stating your request to For this revocation to function, you must have your browser set to accept browser cookies.

We do not control third parties' collection or use of your information to serve interest-based advertising.

However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI”) on the NAI’s website or the Digital Advertising Alliance (DAA) on the DAA's website.

What Are Cookies?

A cookie is a very small text document, which often includes an anonymous unique identifier. When you visit a Web site, that site’s computer asks your computer for permission to store this file in a part of your hard drive specifically designated for cookies. Each Web site can send its own cookie to your browser if your browser's preferences allow it, but (to protect your privacy) your browser only permits a Web site to access the cookies it has already sent to you, not the cookies sent to you by other sites. You can configure your browser to notify you whenever a cookie is being sent, or to refuse all cookies. Please note that some features for the FirmoBase Service may not function properly if cookies are disabled for your browser. Unless you have adjusted your browser settings so that it will refuse cookies, our system will issue cookies when you direct your browser to our Site.

Certain features of our Site may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Site. Flash cookies are not managed by the same browser settings as are used for browser cookies. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe’s website. Again, if you disable or refuse cookies, please note that some parts of the Site or the FirmoBase Service may then be inaccessible or not function properly.

How Do We Use Information We Collect from Cookies?

As you browse through our Site, the Site uses its cookies to differentiate you from other FirmoBase users. In some cases, we also use cookies to prevent you from seeing unnecessary advertisements or requiring you to log in more than is necessary for security. Cookies, in conjunction with our Web server's log files, allow us to calculate the aggregate number of people visiting our Web site and which parts of the site are most popular. This helps us gather feedback in order to constantly improve our Web site and better serve our customers. Cookies serve as an identifier with which your information may be associated, although we do not generally store any personal information that you provided to us in your cookies. Some content or applications, including advertisements, on the Site are served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our website and directly in emails/communications. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content. We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.