Come and Join Us at Expand North Star, Dubai Harbour 12-15 October 2025

Privacy Policy

Effective Date: 03 October 2025

This Privacy Policy describes how FEHA International Consulting B.V. (Netherlands) and FEHA Assurtech Pte. Ltd. (Singapore) (collectively, "FEHA," "we," "us," or "our") collect, use, and disclose personal data when you use the FEHA.io services ("Service").

1. Scope and Governing Data Controller

1.1. Applicability: This Policy applies to all users of our Service. The specific legal entity responsible for processing your personal data (the Data Controller/Organization) is determined by the entity with which your organization enters into a formal Agreement, as detailed below.  

1.2. Governing Law: The processing of your personal data will be governed primarily by the laws of the jurisdiction of your contracting entity.

Contracting Entity (Controller) Primary Jurisdiction Applicable Regulations
FEHA International Consulting B.V. The Netherlands / European Union General Data Protection Regulation (GDPR)
FEHA Assurtech Pte. Ltd. Singapore Personal Data Protection Act (PDPA)

2. Information Collection

We may collect personal data directly from you or through automated means:

2.1. Personal Information Provided by You: This includes identity and contact data such as your name, job title, and email address provided when you register for the Service, request a demo, or contact support.  

2.2. Service Usage Data (Log Data): When you access the Service, we automatically collect information sent by your browser, including your computer’s Internet Protocol ("IP") address, browser type and version, the pages of our Service that you visit, the time and date of your visit, and other statistics. 2.3. Cookies and Tracking Technologies: We utilize "cookies" to enhance and optimize the Service. You have the option to accept or refuse these cookies, although refusal may limit the functionality of certain service features.

3. Basis for Processing (Applicable by Jurisdiction)

We process your personal data under the following legal bases:

FEHA International Consulting B.V. (GDPR) FEHA Assurtech Pte. Ltd. (PDPA)
  • Contractual Necessity: To perform our Service obligations to you.
  • Legal Obligation: To comply with applicable legal requirements.
  • Legitimate Interest: For business improvement, security, fraud prevention, and direct marketing where consent is not required.
  • Consent: Your explicit consent to use the Service.
  • Legitimate Interest: For operational efficiency and security.
  • Contractual Necessity: To fulfill obligations under the contract.

4. Use of Data, AI Models, and Sub-Processors

4.1. Purpose of Use: The collected personal data is used exclusively for the following purposes: (i) To provide, operate, and maintain the Service and the Platform. (ii) To notify you about changes to our Service. (iii) To provide customer support and respond to inquiries. (iv) To improve the Service, including analysis of usage patterns. (v) To comply with legal obligations.

4.2. Commitment Regarding AI Model Training: Our Service utilizes proprietary AI models (derived from open-source LLMs hosted and managed by FEHA) and third-party AI models (including those based on Gemini technology). FEHA explicitly commits that it will not use Client data, including any Personal Data or Confidential Information, for the purpose of training or enhancing any external or internal artificial intelligence (AI) or machine learning models.

4.3. Third-Party AI Models and Sub-Processing: When we utilize third-party AI models (e.g., Gemini) to provide Service functionality, this necessitates the transmission of data to the third-party provider. The third-party provider acts as a sub-processor to FEHA. We commit to selecting sub-processors that maintain a high standard of data security and privacy. Further details regarding the security measures and privacy terms applicable to data processed by the Gemini model are available directly from the third-party provider's official documentation.

5. Disclosure and Sharing of Data

5.1. Service Providers and Sub-Processors: We engage third-party companies and individuals to facilitate our Service ("Service Providers"). These third parties are granted access to your personal data only to perform tasks on our behalf and are contractually obligated not to disclose or use the information for any other purpose.  

5.2. Legal Requirements: We may disclose your personal data in the good faith belief that such action is necessary to: Comply with a legal obligation (e.g., a court order). Protect and defend the rights or property of FEHA. Prevent or investigate possible wrongdoing in connection with the Service.

6. Data Security

We employ commercially acceptable technical and organizational measures to protect your personal data. However, as no method of transmission over the Internet or electronic storage is entirely secure, we cannot guarantee the absolute security of your data.

7. Data Subject Rights

Depending on your contracting entity (see Section 1), you may possess the following data protection rights:

FEHA International Consulting B.V. (GDPR) FEHA Assurtech Pte. Ltd. (PDPA)
  • Right of Access: To obtain copies of your data.
  • Right to Rectification: To correct inaccurate or incomplete data.
  • Right to Erasure ("Right to be Forgotten"): To request deletion of data under certain conditions.
  • Right to Restrict Processing: To limit how your data is processed.
  • Right to Data Portability: To transfer your data to another controller.
  • Right to Object: To object to processing based on legitimate interest or for direct marketing.
  • Right of Access: To access personal data records.
  • Right to Correction: To correct errors or omissions in data.
  • Right to Withdraw Consent: To withdraw consent to the collection, use, or disclosure of data.
  • Right to Access & Correction Fees: May be subject to reasonable administrative charges for fulfilling access/correction requests.

8. International Data Transfers

When transferring data across international borders (e.g., from the EU to Singapore, or vice versa), we ensure that appropriate safeguards are implemented, such as standard contractual clauses (SCCs) or other mechanisms recognized by the governing jurisdiction, to maintain the protection of your data.

9. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy periodically. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" date at the top of this Policy.

10. Contact Us

For any questions or suggestions concerning this Privacy Policy, please contact us:

  • Email: contact@feha.io

Book a Demo

FEHA is the first global company who provides AI-powered platform and experts guidance in one package. We help businesses to comply with various standards andregulations seamlessly. Our business focus is making sure your compliance is continuous both during and after certification
Schedule a call with our CEO
Company
HomeProductsFrameworksPlansBlogsAbout FEHA
LEGAL
Terms & ConditionsPrivacy PolicyAI Governance PolicyResponsible Disclosure
Company Address
HQ - Netherlands
FEHA International Consulting B.V.
Johan Huzingalaan 763A, 1066VH Amsterdam, Netherlands
APAC - Singapore
FEHA Assurtech Pte. Ltd.
133 New Bridge Road, #23-09, Chinatown Point, Singapore 05941
Copyright © 2025 FEHA