Skip to content
Legal

Privacy policy

This privacy policy explains how FixPoint collects, uses, stores and protects personal data when you use the FixPoint fault reporting service — the portal, the AI phone assistant, and related maintenance and escalation features. It covers who the data controller is, what we process and why, your rights under the GDPR, and how to reach us.

Template — legal text must be reviewed and completed by a lawyer before publishing.

1. Data controller

The controller of your personal data is [FixPoint legal entity name], registered at [address, postcode, city, country], company registration number [registration no.], VAT ID [VAT ID]. You can contact us at info@fixpoint360.io or by phone at +386 [phone].

2. What data we collect

We collect the data needed to run the fault reporting service: account details (name, business email, phone number), the content of fault reports (description, location, photos, and — where reporting is by phone — the call recording and its transcript), and technical data such as IP address, device and browser information, and usage logs. We may also process contact details of subcontractors and building managers involved in resolving a fault. We keep call recordings for a maximum of [X months].

3. Purposes of processing

We process personal data to receive and route fault reports, contact the appropriate subcontractor, run escalations (email, SMS and AI phone calls), measure time-to-fix and quality of work, maintain the knowledge base, provide support, and send service-related communications. Aggregated, non-identifying data may be used to improve the service.

4. Legal basis

We rely on the following legal bases under Article 6 of the GDPR: performance of a contract (to provide the service to your organisation), our legitimate interests (service security, fraud prevention, service improvement), your consent where required (e.g. certain cookies or marketing), and compliance with legal obligations (e.g. tax and accounting). Where processing is based on consent, you may withdraw it at any time.

5. Data retention

We keep personal data only as long as necessary for the purposes above or as required by law. Account data is retained for the duration of the contract and for [X months/years] afterwards; fault records and knowledge-base entries for [X years]; call recordings for [X months]; and accounting records for [X years] as required by law. After these periods, data is deleted or irreversibly anonymised.

6. Sharing with third parties (subcontractors)

To deliver the service we share data with processors acting on our behalf, including [cloud hosting provider], [SMS gateway provider], [AI voice / telephony provider] and [email delivery provider]. Fault details necessary to complete a repair are shared with the relevant subcontractor. Each processor is bound by a data processing agreement. Where data is transferred outside the EEA, we apply appropriate safeguards such as [Standard Contractual Clauses].

7. Your rights (GDPR)

You have the right to access your personal data, to rectify inaccurate data, to erasure, to restrict or object to processing, and to data portability. Where processing is based on consent, you may withdraw consent at any time. To exercise these rights, contact us at info@fixpoint360.io. You also have the right to lodge a complaint with the supervisory authority, [Information Commissioner of the Republic of Slovenia].

8. Cookies

Our website uses strictly necessary cookies to operate the portal, and — with your consent — analytics cookies to understand usage. You can manage or refuse non-essential cookies through the cookie banner or your browser settings. A full list of cookies, their purpose and retention is available at [link to cookie table].

9. Contact of the data protection officer

For any questions about this policy or the processing of your personal data, you can contact our data protection officer at [DPO name], email info@fixpoint360.io, phone +386 [phone].

Last updated: [date]

Questions about your data or this policy? Contact us