Last updated: January 21, 2026 • Email: [email protected] • Website: finvoerp.com
FinvoERP is an ERP consultancy. We help businesses plan, build, integrate, and run the enterprise systems that hold their finance, supply chain, and operations together in one place. An ERP is a company’s system of record, which means the personal data we come near is unusually broad: it can cover employees, customers, and suppliers all at once, and much of it is financial. That breadth, and the laws that govern financial records, shape this policy from start to finish.
It applies to finvoerp.com and to every engagement we deliver, from a fit-gap assessment to fully managed support. Where a section deals with data inside a client’s ERP, the engagement contract governs first and this policy covers the rest.
Who Controls the Data, and When
Your rights turn on who decides how a given piece of data is used.
For visitors, prospects, and anyone who contacts us through the site, FinvoERP sets the purposes and is the controller. The website sections below apply to us directly.
For the data inside a client’s ERP, the client is the controller. When we configure modules, migrate records, or support the live system, we act as a processor on the client’s written instructions. If you are an employee, customer, or supplier of a client and you want your data corrected or removed, the client is the right first contact, and we support their response.
What We Collect Through Our Website
When you use the enquiry form, request an assessment, or email us, we receive your name, work email, phone number, company, role, and the details you share about your operations and goals, along with the record of our correspondence. Separately, the site logs ordinary technical data as you browse, such as IP address and rough location, device and browser type, pages viewed, and how you found us. We use this to operate and secure the site and to understand which content is useful, not to build a personal profile.
The Data Inside Your ERP
This is what makes an ERP engagement different from most consulting work, so it carries the most detail. Depending on the modules in scope, the system can hold personal data across several domains.
Employee and Payroll Data
ERP systems frequently run payroll and HR functions, so we may encounter employee names, identifiers, pay and tax details, bank details for salary, and working-time records. Some of this is sensitive, and we limit our exposure to it to what a task genuinely needs.
Customer and Order Data
Sales and order modules hold customer names, contact details, addresses, order histories, and credit terms. We process these to build and validate the workflows the client asked for.
Vendor and Supplier Data
Procurement modules carry supplier contacts, and where a supplier is a sole trader or individual, that information is personal data too. It is easy to overlook, so we treat vendor records with the same care as customer records.
Financial and Transaction Records
The heart of an ERP is its ledger: invoices, payments, postings, and the audit trail that ties them together. These records often identify individuals and almost always carry legal weight, which is why the next section deals with them on their own.
Banking and Payment Data
Where we connect an ERP to banking or payment systems, the data can include account details and payment instructions. We handle these under the heightened conditions described under payment data below.
Across every domain, this data belongs to the client. We access only what the work requires, under the roles the client grants, and we do not copy it into our own systems beyond project need, reuse it for other clients, or keep it past the contracted return or deletion date.
Financial Records and the Limits of Deletion
This point is specific to finance systems and worth stating plainly, because it surprises people. Posted financial transactions in an ERP are not meant to be deleted. Accounting and tax law in most countries requires businesses to keep financial records for a number of years, often six or more, and the audit trail inside an ERP is deliberately built to be tamper-evident so that a posted entry cannot quietly disappear.
What this means for the right to erasure: a request to delete personal data may be lawfully refused, in whole or in part, where the data sits in financial records the client must retain. The usual approach is not deletion but restriction, such as locking a record from further use while the retention period runs. Because the client controls these records, such requests go to the client, and we help them apply the correct treatment rather than an erasure that would break their books.
Payment Data and PCI DSS
When an engagement involves card payments, the Payment Card Industry Data Security Standard applies. We design integrations so that raw cardholder data is handled by the client’s payment processors and gateways rather than passing through systems we operate, using tokenisation and similar methods so that sensitive card numbers stay out of the ERP wherever possible. Where we must work near payment data, we follow PCI DSS requirements and the client’s own controls.
Master Data Migration and Cleansing
Moving a business onto a new ERP means migrating its master data, and that data is full of personal records: every customer, employee, and supplier. Part of our job is to clean it, removing duplicates and correcting errors before it lands in the new system. We do this on the client’s instruction and within the migration scope, we validate the results, and we destroy the temporary working copies once the migration is signed off. Cleaner master data also serves privacy, since accurate records are part of handling personal data properly.
Purposes and Lawful Bases
Each kind of data has a defined use and, where European law applies, a lawful basis. We use enquiry and contact data to respond and run projects, relying on consent or our legitimate interest in business communication. We process client ERP data to deliver the agreed service, acting on the client’s instructions and their lawful basis as controller. We process site data to run and secure the website. We also process data where a legal obligation requires it. A new purpose not listed here gets a fresh lawful basis or your agreement first.
AI and Automated Operations
Some features we deliver use AI: demand forecasting, automation of repetitive ERP tasks, predictive maintenance from equipment sensors, and order routing across warehouses and suppliers. Most of this analyses operational and financial data rather than making decisions about individuals, which is the honest distinction worth drawing.
Where an automated process does touch a person, such as approving or routing something tied to an individual, it operates as a tool for the client’s staff, who keep oversight of consequential decisions. We configure these systems so a person can review and override the outcome. We do not run them on our website visitors, and we do not use one client’s data to build models for another.
Sharing and Disclosure
We do not sell personal data. Beyond the subprocessors below, disclosure is limited to defined cases: when the law, a tax authority, or a court requires it, when we must defend our legal rights or protect people from harm, and in a sale or merger where records would pass to a buyer bound by protections no weaker than these, with notice to you. We do not share a client’s ERP data outside the engagement.
Platforms and Subprocessors
Our work runs on enterprise platforms and a few operational tools, and data may sit with or move through them:
- ERP platforms we implement, including SAP, Oracle NetSuite, Microsoft Dynamics 365, Odoo, and Acumatica
- Integration, banking, and logistics connectors used to link the ERP to other systems during an engagement
- Hosting, email, and scheduling tools we use to run FinvoERP and communicate with you
Each provider operates under its own privacy and security terms. We select vendors that meet established standards and bind them to use shared data only for the agreed task. For client engagements, the ERP environment is usually the client’s own, configured under their control.
Retention
Contact and enquiry records stay with us for up to two years after your last interaction, then we remove them, unless a legal need extends that. Client ERP data and any working copies follow the engagement contract and are returned or deleted at its end. Financial records inside the client’s ERP are governed by the client’s legal retention duties, which commonly run for several years, and are kept under the client’s rules rather than ours. De-identified statistics that point to no individual may be kept without a set end date.
Security and Segregation of Duties
We protect data with technical and organisational safeguards matched to its sensitivity. Connections are encrypted, and access to a client’s system is limited to the people on that account and revoked when the project ends. ERP work depends on segregation of duties, the financial-control principle that no single person should both create and approve a transaction, so we configure user roles and approval chains to enforce it, which protects both the client’s finances and the personal data the system holds. Migrations include validation and go-live checks.
No online system is completely secure, and we will not pretend ours is. Keep platform credentials strong and private, and tell us promptly if you suspect a problem on an environment we run with you.
Cookies
Our site uses a small set of cookies: necessary ones that run security and forms, analytics cookies that show in anonymised form how the pages perform, and preference cookies that remember simple settings. Your browser can block or delete them, and where consent is legally required for non-essential cookies, we ask first.
Your Rights
You can ask to access the data we hold on you, get a copy, correct it, delete it, restrict or object to its use, or withdraw consent. Email [email protected] to begin, and we verify identity before acting. Two reminders that fit our work: if your data sits inside a client’s ERP, the client controls it and the request runs through them; and as explained above, deletion of financial records may be limited by law, in which case restriction usually applies instead.
EEA, UK, and Switzerland
We process personal data on a lawful basis: consent, a contract, a legal obligation such as financial recordkeeping, or a legitimate interest weighed against your rights. Where we rely on consent, you can withdraw it at any time without affecting earlier processing. You may also complain to your national data protection authority.
California
Under the CCPA and CPRA you can request the categories and pieces of personal information we collected, ask for access, deletion, or correction, and opt out of any sale or sharing. We do not sell personal data, and using your rights will not get you treated differently. Financial-record retention may limit deletion as noted above.
International Transfers
FinvoERP and some providers operate across borders, the United States included, where privacy law may differ from your own. For international transfers we apply recognised safeguards such as Standard Contractual Clauses or rely on an adequacy decision. Using the site means you understand this can occur.
Children
This is a business service not directed to anyone under 16. We do not knowingly collect children’s data and will delete it if we find we have. A parent or guardian with a concern can write to [email protected].
Links to Other Sites
Our pages may link to platforms, articles, or resources we do not operate. This policy ends at our boundary. Once you follow a link, that site’s own policy applies, so review it before sharing anything.
Updates
We revise this policy as our services and the law change. The current version sits on this page with its date, and we make a reasonable effort to flag significant changes. Continuing to use the site after an update means the new version applies to you.
Contact
For any privacy question, request, or complaint, reach us directly.
Email: [email protected]
Website: finvoerp.com