Privacy policy
This privacy policy explains how FixPoint collects, uses, stores and protects personal data when you use the FixPoint fault reporting service — the portal, the AI phone assistant, and related maintenance and escalation features. It covers who the data controller is, what we process and why, your rights under the GDPR, and how to reach us.
1. Data controller
The controller of your personal data is [FixPoint legal entity name], registered at [address, postcode, city, country], company registration number [registration no.], VAT ID [VAT ID]. You can contact us at [email protected] or by phone at +386 [phone].
2. What data we collect
We collect the data needed to run the fault reporting service: account details (name, business email, phone number), the content of fault reports (description, location, photos, and — where reporting is by phone — the call recording and its transcript), and technical data such as IP address, device and browser information, and usage logs. We may also process contact details of subcontractors and building managers involved in resolving a fault. We keep call recordings for a maximum of [X months].
3. Purposes of processing
We process personal data to receive and route fault reports, contact the appropriate subcontractor, run escalations (email, SMS and AI phone calls), measure time-to-fix and quality of work, maintain the knowledge base, provide support, and send service-related communications. Aggregated, non-identifying data may be used to improve the service.
4. Legal basis
We rely on the following legal bases under Article 6 of the GDPR: performance of a contract (to provide the service to your organisation), our legitimate interests (service security, fraud prevention, service improvement), your consent where required (e.g. certain cookies or marketing), and compliance with legal obligations (e.g. tax and accounting). Where processing is based on consent, you may withdraw it at any time.
5. Data retention
We keep personal data only as long as necessary for the purposes above or as required by law. Account data is retained for the duration of the contract and for [X months/years] afterwards; fault records and knowledge-base entries for [X years]; call recordings for [X months]; and accounting records for [X years] as required by law. After these periods, data is deleted or irreversibly anonymised.
6. Sharing with third parties (subcontractors)
To deliver the service we share data with processors acting on our behalf, including [cloud hosting provider], [SMS gateway provider], [AI voice / telephony provider] and [email delivery provider]. Fault details necessary to complete a repair are shared with the relevant subcontractor. Each processor is bound by a data processing agreement. Where data is transferred outside the EEA, we apply appropriate safeguards such as [Standard Contractual Clauses].
7. Your rights (GDPR)
You have the right to access your personal data, to rectify inaccurate data, to erasure, to restrict or object to processing, and to data portability. Where processing is based on consent, you may withdraw consent at any time. To exercise these rights, contact us at [email protected]. You also have the right to lodge a complaint with the supervisory authority, [Information Commissioner of the Republic of Slovenia].
8. Cookies
Our website uses strictly necessary cookies to operate the portal, and — with your consent — analytics cookies to understand usage. You can manage or refuse non-essential cookies through the cookie banner or your browser settings. A full list of cookies, their purpose and retention is available at [link to cookie table].
9. Contact of the data protection officer
For any questions about this policy or the processing of your personal data, you can contact our data protection officer at [DPO name], email [email protected], phone +386 [phone].
Last updated: [date]
Questions about your data or this policy? Contact us