Privacy Policy

1. Our Commitment to Protecting Your Privacy

FROMFOLIO Inc., a Delaware corporation, values your trust and is committed to protecting your privacy and ensuring transparency in the way we collect, use, and protect your personal information.

This Privacy Policy explains how we collect, use, share, and safeguard your information when you access and use our platform, including our website located at https://fromfolio.com/ and related online services (the "Services").

By using the Services, you acknowledge that this Privacy Policy applies to you and that it operates alongside our Terms and Conditions (the "Terms").

For purposes of data protection laws (including the GDPR and UK GDPR), FROMFOLIO Inc. is generally the "data controller" of the personal data we collect through the Services, except where we process data solely on behalf of a Client (for example, when a Client uses our recruitment tools and instructs us to process candidate data). In that case, the Client is the controller and our processing is governed by a separate data processing agreement.

2. Definitions and Key Terms

"Cookie" means a small amount of data generated by a website and saved by your web browser. It is used to identify your browser, provide analytics, remember information about you such as your language preference or login information.

"Company", "Fromfolio", "we", "us" or "our" means FROMFOLIO Inc., a Delaware corporation with its principal place of business in the United States, which, for the purposes of this Privacy Policy, determines how your data is used as described herein.

"Country" means, for choice-of-law purposes, the United States and the State of Delaware, without prejudice to any mandatory consumer protection or data protection rules of your country of residence (for example, in the EU/EEA or UK) that apply in addition to this Privacy Policy and any other non-derogable rights you may have under local law.

"Individual User" means any natural person who accesses or uses the Services in a personal or professional capacity, including, for example, candidates, designers, mentees, mentors or other individual users of the Marketplace or the AI-Driven Hiring System.

"Client" means any legal entity or other business customer (such as a company, studio, agency or organisation) that uses the Services for commercial, recruiting, mentoring or other organisational purposes, including to discover, evaluate or engage Individual Users.

"User" or "you" means, as applicable, any Individual User or Client that accesses or uses the Services or otherwise enters into a relationship with Fromfolio in connection with the Services, including any authorised representatives acting on their behalf. Where a provision applies only to Individual Users or only to Clients, this will be stated expressly.

"Device" means any internet-connected device such as a phone, tablet, computer or any other device that can be used to visit Fromfolio and use the Services.

"IP address" means the number assigned to a Device connected to the Internet, usually assigned in geographic blocks and which can often be used to identify the approximate location from which a Device is connecting to the Internet.

"Personnel" means those individuals who are employed by us or are under contract to perform a service on behalf of one of the parties.

"Personal Data" means any information that directly or indirectly, or in connection with other information, including a personal identification number, allows for the identification or identifiability of a natural person.

"Services" means all products, tools, content and functionalities provided by FROMFOLIO Inc. through our Website or by other means, including our AI-Driven Hiring System and the Marketplace.

"Marketplace" means the online marketplace operated by FROMFOLIO Inc. where Users and third-party providers can list, offer, discover, purchase, or otherwise transact for mentorship, professional services, or other offerings made available through the Services.

"AI-Driven Hiring System" means our proprietary AI-based systems and models designed to evaluate User portfolios and related signals in order to assess Users' skills and match them with suitable companies, Clients, mentors or other opportunities.

"Website" means the official site of FROMFOLIO Inc., accessible at https://fromfolio.com/.

"Third-Party Service" means advertisers, contest sponsors, promotional and marketing partners, infrastructure and analytics providers, payment processors, and other third parties who support the operation of the Services or whose products or services we think may interest you.

3. Who Is Responsible for Your Data

3.1. Data Controller

The entity responsible for your personal data is:

3.2. EU/EEA and UK Representative

To the extent required by Article 27 GDPR/UK GDPR, we have appointed a representative in the EU/EEA (and, where applicable, the UK). You may contact our representative for all issues related to the processing of personal data of individuals in the EU/EEA or UK and for exercising your rights under the GDPR/UK GDPR.

EU representative

UK representative (if different)

We will keep these details up to date; the latest version of this Privacy Policy will always reflect the current representatives and their contact information.

3.3. How to Contact Us

If you have any questions about this Privacy Policy, our data practices or your rights, you can contact us at:

4. Information We Collect

4.1. Information You Provide Directly

We collect personal data that you choose to share with us, for example when you create an account, complete your profile, upload your portfolio, apply for a role, book mentorship, or contact us. This may include:

• account details (name, email address, password, profile photo);
• professional and education information (employer, role, skills, university, degrees, certifications);
• portfolio and application materials (designs, projects, links, PDFs, CV/résumé, cover letters, answers to screening questions);
• Marketplace and mentorship information (bookings, session topics, feedback, communications between Users and mentors or other providers);
• billing and transaction data (such as billing address and limited payment details; full card data is typically handled directly by our payment processors);
• messages, support requests, comments and feedback you send to us;
• your preferences and consent choices (for example, marketing and cookie settings).

4.2. Information We Collect Automatically

When you use the Services, we automatically collect certain technical and usage information, such as:

• how you use the Services (pages viewed, features used, searches, time spent, opportunities or mentors viewed, interactions with the Marketplace and AI-Driven Hiring System);
• device and browser information (for example, browser type, operating system, IP address, language settings and device identifiers);
• approximate location derived from your IP address;
• cookie and similar technology data (see Section 11 "Cookies and Tracking Technologies").

4.3. Information from Third Parties and Public Sources

Where permitted by law, we may also receive information about you from:

• public sources (for example, professional networking sites like LinkedIn, online portfolios or websites where you publish your work);
• Clients, employers or business partners who invite you to the platform or share candidate data with us as part of recruitment or collaboration;
• service providers (for example, analytics, security, fraud-prevention, marketing or payment providers that integrate with our Services).

We take reasonable steps to ensure that such third parties are allowed to share data with us and that you have been given any required information at the time of collection.

5. How and Why We Use Your Information

5.1. How We Use Your Information

We use your personal data to operate, improve and protect the Services, for example to:

• create, manage and personalise your account and profile;
• enable portfolio uploads, job applications, mentoring and Marketplace transactions;
• facilitate communication (messages, notifications, updates on applications, bookings and system changes);
• provide recommendations (for example, relevant roles, mentors or content) where allowed by law;
• perform analytics and troubleshooting to maintain and improve performance and user experience;
• process payments and handle billing;
• protect the security and integrity of the platform and investigate fraud, abuse or security incidents; and
• comply with legal and regulatory obligations.

We also use your portfolio and related usage data to operate, maintain and improve our AI-Driven Hiring System and Marketplace, including assessing skills and matching Users with suitable opportunities and mentors. We use User Content for this limited purpose and do not use it to train general-purpose image generation models or other AI tools that are unrelated to evaluating Users' abilities and matching them with opportunities.

5.2. Why We Collect Your Data

We collect and process Personal Data for several reasons, including to:

1. provide and enhance the Services you use;
2. understand how Users and Clients interact with the platform and improve features, security and usability;
3. communicate with you about your account, activity and (where permitted) relevant news, updates and promotions; and
4. personalise certain content and experiences based on your preferences and usage, where allowed by law.

Where required (for example, for certain marketing communications in the EU/EEA or UK), we will only send you such communications with your consent or based on our legitimate interests, and you can opt out at any time.

6. Legal Bases for Processing (EU/EEA and UK Users)

Where the GDPR or UK GDPR applies, we rely on one or more of the following legal bases when processing your Personal Data:

1. Performance of a contract -- to provide the Services, manage your account and portfolio, give access to the Marketplace and mentorship, and match you with opportunities.
2. Legitimate interests -- for example, to operate and improve the Website, Services, AI-Driven Hiring System and Marketplace, prevent fraud and abuse, ensure security, and promote our Services to existing Users in a proportionate way. When we rely on legitimate interests, we balance our interests against your rights and freedoms.
3. Consent -- for certain activities (for example, some marketing, non-essential cookies or specific profiling) where we ask for your clear consent, which you may withdraw at any time.
4. Legal obligations -- to comply with duties under tax, accounting, regulatory or data-protection laws, or to respond to lawful requests from public authorities.
5. Vital interests or public interest -- in rare cases, to help protect someone's vital interests or for reasons of important public interest recognised by law.

7. Sharing Your Information

We share your Personal Data only when necessary and with appropriate safeguards, including:

1. Service providers -- with trusted providers that help us host the platform, provide infrastructure, analytics, customer support, payment processing, security and fraud-prevention. They process data only on our instructions and under confidentiality and security obligations.
2. Other Users -- for example, elements of your profile or portfolio may be visible to other Users. When you apply for a role, collaborate with a Client, or book mentorship, we share relevant information (such as your profile, portfolio and application details) with the parties involved.
3. Legal and compliance -- where required to comply with laws, court orders, lawful government requests or to protect our rights, Users or the public.
4. Business transactions -- in connection with a merger, acquisition, reorganisation or sale of assets, your information may be transferred to a successor entity subject to this Privacy Policy or a similar policy.
5. Corporate affiliates -- with entities that control, are controlled by, or are under common control with FROMFOLIO Inc., which must handle your information in accordance with this Privacy Policy or comparable protections.

We do not sell your Personal Data.

8. Provision of Information to Users

We aim to handle privacy-related requests in a way that is clear, fair and compliant with applicable law. When you contact us to exercise your rights (see Section 9), we may ask you to verify your identity, we will generally respond within the time limits set by law, and we usually do not charge a fee unless a request is manifestly unfounded or excessive. If we cannot act on your request, we will explain why and inform you of your right to complain to a supervisory authority.

9. Your Rights

Depending on your location and applicable law (for example, GDPR, UK GDPR or CCPA-style laws), you may have some or all of the following rights over your Personal Data:

• Access -- to request a copy of the personal information we hold about you;
• Correction -- to ask us to correct or update inaccurate or incomplete data;
• Deletion -- to request that we delete your personal data, subject to legal or operational requirements;
• Portability -- to receive certain data in a structured, commonly-used and machine-readable format and, where technically feasible, ask us to transmit it to another controller;
• Restriction -- to request that we limit the processing of your data in certain circumstances;
• Objection -- to object to processing based on our legitimate interests and to processing for direct marketing (including related profiling);
• Opt-out -- where local law uses concepts such as "sale" or "sharing" for targeted advertising, you may have the right to opt out of such activities;
• Withdrawal of consent -- where we rely on your consent, you can withdraw it at any time without affecting processing that took place before withdrawal.

To exercise your rights, please contact us at the contact details listed above. We may request additional information to verify your identity before responding. If we process your Personal Data as a processor on behalf of a Client (for example, an employer using our recruitment tools), we may need to direct your request to that Client.

You also have the right to lodge a complaint with your local data-protection supervisory authority if you believe that our processing of your Personal Data violates applicable law (see also Section 22).

10. Data Security and Retention

10.1. Security

We use technical and organisational measures designed to protect your Personal Data, such as access controls, encryption in transit and at rest (where appropriate), secure development practices, regular security testing, staff training and procedures for managing and responding to personal-data breaches. No system is completely secure, but we aim to maintain a level of security appropriate to the risks involved.

10.2. Retention Periods

We retain Personal Data only for as long as reasonably necessary for the purposes described in this Privacy Policy and to meet legal, accounting or reporting requirements. We apply the storage-limitation principle by using defined retention periods, including (unless a different period is required by law):

• Account and profile data (including portfolio information):
  while your account is active and for 24 months after your last login or interaction with the Services. If your account is inactive for 24 consecutive months, we may delete or irreversibly anonymise your account data, unless we need to keep it longer to comply with legal obligations or resolve disputes.
• Recruitment and application data (e.g., CVs, applications, interview notes):
  generally retained for up to 24 months after the relevant recruitment process or opportunity has closed, unless you agree to a longer retention period (for example, to be considered for future roles) or a longer period is required by law.
• Marketplace and mentorship records (bookings, session details, related communications):
  kept for 24 months after the last relevant interaction (for example, last session or transaction), unless needed longer for legal or accounting reasons.
• Billing, transaction and invoicing data:
  retained for up to 7 years from the end of the financial year in which the transaction occurred, or longer if required by applicable tax or accounting laws.
• Customer support communications:
  retained for up to 3 years after the matter has been closed, to help us handle follow-up issues, prevent abuse and improve our Services.
• Technical logs (security, access and system logs):
  generally retained for up to 12 months, unless a longer period is needed for security investigations, incident response or legal purposes.
• Backups:
  backup copies containing Personal Data are usually overwritten and fully deleted within 30–90 days as part of our standard backup cycle.

When a retention period expires, we will either delete the relevant Personal Data or irreversibly anonymise it so that it can no longer be linked to an identifiable individual. If deletion is not immediately possible (for example, because the data is stored in backup archives), we will securely store the data and isolate it from any further processing until deletion is possible.

11. Cookies and Tracking Technologies

We use cookies, pixels, local storage and similar technologies ("Cookies") on the Services. Cookies are small text files that are stored on your Device when you visit or use the Services. They help us recognise your browser or Device, remember your preferences, understand how you use the platform and, where allowed by law, tailor certain content and communications.

We use the following broad categories of Cookies:

• Strictly necessary Cookies -- Cookies that are essential for the operation of the Services (for example, to keep you logged in, enable secure login, remember your privacy preferences, or facilitate basic navigation).
• Functional Cookies -- Cookies that allow us to remember your settings and preferences (such as language, time zone, display preferences) and provide enhanced, more personalised features.
• Analytics and performance Cookies -- Cookies that help us understand how Users interact with the Services (for example, which pages are visited most frequently, how Users move around the Website, and which features are used). We use this information to improve performance, usability and overall user experience. Analytics may be provided by us or by third parties acting on our behalf.
• Advertising and marketing Cookies (where applicable) -- Cookies that help us or our partners deliver more relevant advertising and measure the effectiveness of campaigns (for example, through tools such as Facebook Pixel or similar technologies). These Cookies may track your activity across different websites and services, in line with applicable law.

Some Cookies are set directly by Fromfolio ("first-party Cookies") and others may be set by third parties providing services to us, such as analytics or advertising providers ("third-party Cookies"). Third-party Cookies are subject to those third parties' own privacy policies in addition to this Privacy Policy.

11.1. Cookie Consent and Banner

In some jurisdictions (for example, the EU/EEA or UK), we are required to obtain your consent before using certain types of Cookies (such as non-essential analytics or advertising Cookies).

Where such rules apply, we implement a cookie banner and preference tool that:

• appears on your first visit (and periodically thereafter),
• explains the categories of Cookies we use, and
• provides clear options such as "Accept all", "Reject non-essential" and/or "Manage preferences".

You can use this tool to grant or withhold consent for non-essential Cookies. You may change or withdraw your Cookie choices at any time by re-opening the banner or using the tools provided on the Services (where available), or by adjusting your browser settings.

If you choose not to allow non-essential Cookies, the core functions of the Services will still work, but some features (such as personalised recommendations or certain analytics-based improvements) may be limited.

Fromfolio does not place personally identifiable information directly in Cookies.

11.2. Blocking and Disabling Cookies and Similar Technologies

You may set your browser to block Cookies and similar technologies, but this may block essential Cookies and prevent the Website from functioning properly, and you may not be able to fully use all features and services. You may also lose some saved information (e.g. saved login details, site preferences) if you block Cookies in your browser.

Disabling a Cookie or category of Cookie does not delete the Cookie from your browser; you will need to do this yourself from within your browser settings.

12. International Data Transfers

If you are accessing the Services from outside the European Economic Area (EEA) or UK, or where we transfer Personal Data to countries outside the EEA/UK (for example, to the United States where some of our systems or providers are located), your data may be processed in countries with different privacy laws.

Any such cross-border transfer shall be carried out in accordance with Articles 44–50 of the GDPR (and equivalent UK provisions) and only when sufficient safeguards for the protection of Personal Data are in place. These safeguards may include:

• transfer to a country for which the European Commission (or UK authorities) has adopted an adequacy decision;
• use of Standard Contractual Clauses (SCCs) approved by the European Commission or UK equivalents;
• Binding Corporate Rules (BCRs) approved by a supervisory authority;
• your explicit consent to the cross-border transfer after being informed of the possible risks;
• necessity for the performance of a contract between you and Fromfolio, or for the implementation of pre-contractual measures; or
• performance of important public interest tasks or protection of legal claims.

We take reasonable legal, organisational and technical measures to ensure that the level of protection of Personal Data transferred outside the EEA/UK is not lower than that provided by the GDPR/UK GDPR, including concluding agreements with data recipients containing confidentiality and security provisions, carrying out data protection impact assessments where necessary and ensuring compliance with data minimisation, purpose limitation and storage limitation principles.

By using the Services, you acknowledge that such transfers may occur and, where required by law, you consent to such transfers subject to these safeguards.

13. Children's Privacy

The Services are generally intended for Users who are at least sixteen (16) years old, as described in our Terms. We do not knowingly collect Personal Data from children under 16 without appropriate consent where required by law.

Where local law allows a lower age for certain online services (not below thirteen (13)), we will only enable Users below sixteen (16) to use the Services where a parent or legal guardian has provided valid consent or authorisation and we have taken reasonable steps to verify that consent.

If we become aware that we have collected Personal Data from a child in a way that violates this Privacy Policy or applicable law, we will take appropriate steps to delete such data or obtain the necessary consent.

14. Processing of Special Categories of Personal Data

We do not require you to provide "special categories" of Personal Data (such as information about racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, biometric identifiers, health data, or information concerning sex life or sexual orientation) to use the core Services.

If we ever offer the option to provide such information (for example, for voluntary diversity monitoring, accessibility or accommodation requests), we will clearly indicate that this is optional and explain the purposes for which the data will be used. We will only process such data where permitted by law, typically on the basis of your explicit consent or another clearly applicable legal ground.

Declining to provide special-category data will not adversely affect your access to the core Services. Where we rely on your explicit consent, you may withdraw it at any time, and we will stop processing that data unless another legal ground applies.

15. Processing of Criminal Convictions and Offences

We do not routinely process Personal Data relating to criminal convictions and offences. Such processing will only occur where it is strictly necessary and permitted under applicable law (for example, for specific positions requiring background checks, and only in compliance with legal requirements and safeguards).

Where such data is processed, it will typically be under the control of or in close coordination with an appropriate authority or in accordance with Union/Member State or other applicable national law, and subject to enhanced security and access controls.

16. Processing Without Identification

In some contexts, we may process Personal Data in a way that does not require us to identify you (for example, aggregated statistics, anonymised analytics or certain pseudonymised datasets). In these cases, we will not keep or collect additional data solely to attempt to identify you unless required by law.

Where we genuinely cannot identify you (for example, because data has been irreversibly anonymised), certain rights under data-protection laws may not apply. If you later provide additional information enabling us to identify you again, we will treat your data in accordance with this Privacy Policy and applicable law.

17. Automated Individual Decision-Making, Including Profiling

Under GDPR Article 22, Users have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them, unless:

• necessary for entering into or performing a contract,
• authorised by law; or
• based on explicit consent;

and in all cases subject to appropriate safeguards, such as human intervention.

Where our AI-Driven Hiring System or other AI-based features involve automated decision-making or profiling that produces legal or similarly significant effects for you (for example, regarding access to certain job opportunities), we will ensure that such processing is either necessary for entering into or performing a contract with you, based on your explicit consent, or authorised by law. In such cases, you have the right to obtain human intervention, to express your point of view, and to contest the decision.

We design our AI-Driven Hiring System with fairness and non-discrimination in mind. We do not intentionally use legally protected characteristics (such as race, religion, health or sexual orientation) as negative decision factors, except where strictly required or expressly permitted by law (for example, lawful diversity initiatives). We take reasonable steps to monitor and mitigate unfair bias, including through data minimisation, human review and periodic assessments of AI-generated outcomes.

18. Records of Processing Activities and Security of Processing

We maintain a record of processing activities as required by the GDPR/UK GDPR. This record includes:

• the name and contact details of the data controller and, if applicable, the representative and the Data Protection Officer (if appointed);
• the purposes of processing;
• a description of the categories of data subjects and Personal Data;
• the categories of recipients of Personal Data, including recipients in third countries or international organisations;
• the envisaged time limits for erasure of data; and
• the technical and organisational security measures in place.

We will make this record available to the relevant supervisory authority upon request.

We are committed to ensuring the security of your Personal Data and have implemented appropriate technical and organisational measures as described in Section 10.

19. Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. Any changes will be communicated to the relevant individuals, and the revised policy will be available on our Website. Material changes will be communicated via email or prominent notices on our platform.

Unless otherwise required by law, we will notify you before we make material changes to this Privacy Policy and give you an opportunity to review them before they go into effect. If you continue to use the Services after those changes become effective, you will be bound by the updated Privacy Policy. If you do not want to agree to this or any updated Privacy Policy, you should stop using the Services and, where applicable, request account deletion.

20. AI Profile and Design Analysis

Fromfolio offers an AI-powered feature designed to enhance the job application process by evaluating user profiles and uploaded designs. This feature aims to identify and sort the most relevant applications based on users' design skills and professional profiles.

20.1. How the AI Feature Works

Data processed may include:

• user profile information (e.g., education, certifications, skills and professional experience);
• uploaded portfolio files and projects in profiles, including PDFs and other design submissions;
• interaction data with job postings, Clients and the Marketplace (for example, which opportunities you apply to and how Clients interact with your profile).

Purposes include:

• matching Individual Users with the most suitable job opportunities based on their skills and experience;
• assisting Clients in evaluating applications by providing AI-generated rankings or recommendations.

20.2. User Rights and Transparency

• Consent: by uploading designs or submitting job applications, you agree to the processing of your data by our AI system for evaluation and matching purposes, as described in this Privacy Policy, to the extent permitted by applicable law.
• Accuracy and fairness: while we strive to ensure our AI evaluations are accurate and unbiased, Users are encouraged to review their profiles and uploads for completeness and clarity.
• Review and objection: Users have the right to request human review of AI-generated evaluations, challenge decisions made by the AI system, or, where permitted by law, object to certain AI-based processing for their applications. To exercise these rights, please contact us at support@fromfolio.com.

20.3. Data Security

All data processed by the AI system is encrypted and handled securely. Design files and User information are not shared with third parties for unrelated purposes.

20.4. Automated Decision-Making Compliance

Our AI feature is designed in compliance with applicable data-protection laws, including GDPR Article 22 and similar regulations. Users can request information about how the AI processes their data and the main logic behind its evaluations, to the extent required by law and compatible with our trade secrets and intellectual property rights.

Fromfolio does not use User Content processed by the AI-Driven Hiring System to train or improve general-purpose image generation models or other AI tools unrelated to evaluating Users' abilities and matching them with opportunities.

By using the platform's job application and AI-powered features, you acknowledge and accept the use of AI in the application process as described in this Privacy Policy.

These safeguards are in addition to your rights described in Section 17 ("Automated Individual Decision-Making, Including Profiling").

21. Third-Party Services

We may display, include or make available third-party content (including data, information, applications and other products or services) or provide links to third-party websites or services ("Third-Party Services").

You acknowledge and agree that Fromfolio shall not be responsible for any Third-Party Services, including their accuracy, completeness, timeliness, validity, copyright compliance, legality, decency, quality or any other aspect thereof. Fromfolio does not assume and shall not have any liability or responsibility to you or any other person or entity for any Third-Party Services.

Third-Party Services and links thereto are provided solely as a convenience to you and you access and use them entirely at your own risk and subject to such third parties' terms and conditions and privacy policies.

22. Right to File a Complaint

In accordance with Article 77 of the GDPR and similar provisions, you have the right to file a complaint with a data-protection supervisory authority if you believe that the processing of your Personal Data violates applicable data-protection laws. If you wish to file a complaint, please contact the relevant supervisory authority in your jurisdiction, as outlined on the official data-protection authority website.

You may also contact us first using the details in this Privacy Policy; we will use our best efforts to address your concerns before you approach a supervisory authority.

23. Personnel

If you are a Fromfolio worker or applicant, we collect information you voluntarily provide to us. We use the information collected for human-resources purposes in order to administer benefits to workers, screen applicants and comply with labour, tax and other applicable laws.

You may contact us to (1) update or correct your information, (2) change your preferences with respect to communications and other information you receive from us, or (3) receive a record of the information we have relating to you. Such updates, corrections, changes and deletions will have no effect on other information that we maintain, or information that we have provided to third parties in accordance with this Privacy Policy prior to such update, correction, change or deletion.

24. Sale of Business

We reserve the right to transfer information to a third party in the event of a sale, merger or other transfer of all or substantially all of the assets of FROMFOLIO Inc. or any of its Corporate Affiliates, or that portion of FROMFOLIO Inc. or any of its Corporate Affiliates to which the Service relates, or in the event that we discontinue our business or file a petition or have filed against us a petition in bankruptcy, reorganisation or similar proceeding, provided that the third party agrees to adhere to the terms of this Privacy Policy or a substantially similar policy.

25. Affiliates

We may disclose information (including Personal Data) about you to our Corporate Affiliates. For purposes of this Privacy Policy, "Corporate Affiliate" means any person or entity which directly or indirectly controls, is controlled by or is under common control with FROMFOLIO Inc., whether by ownership or otherwise. Any information relating to you that we provide to our Corporate Affiliates will be treated by those Corporate Affiliates in accordance with the terms of this Privacy Policy.

26. Governing Law

If you are located in the EU/EEA, UK or another country with mandatory consumer or data-protection rules, those mandatory rules remain unaffected and will apply in addition to this Privacy Policy and the Terms. In particular, nothing in this Privacy Policy is intended to limit your rights under applicable EU/EEA or UK consumer-protection or data-protection law, including (where applicable) your right to bring proceedings in the courts of your country of habitual residence.

By using Fromfolio or contacting us directly, you signify your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, you should not engage with our Website or use our Services. Continued use of the Website, direct engagement with us, or following the posting of changes to this Privacy Policy that do not significantly affect the use or disclosure of your personal information will mean that you accept those changes.

27. Your Consent

By using the Services, creating an account, or otherwise providing Personal Data to us, you acknowledge that you have read this Privacy Policy and, where legally required, you consent to the collection, use and processing of your information as described here. In other cases, we rely on the additional legal grounds described in Section 6.

Where we rely specifically on your consent (for example, for certain cookies, marketing communications or special-category data), you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing prior to withdrawal.

28. Links to Other Websites

This Privacy Policy applies only to the Services. The Services may contain links to other websites not operated or controlled by Fromfolio. We are not responsible for the content, accuracy or opinions expressed in such websites, and such websites are not investigated, monitored or checked for accuracy or completeness by us.

When you use a link to go from the Services to another website, our Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including those that have a link on our platform, is subject to that website's own rules and policies. Such third parties may use their own cookies or other methods to collect information about you.

29. Facebook Pixel

Facebook Pixel is an analytics tool that allows you to measure the effectiveness of your advertising by understanding the actions people take on your website. You can use the pixel to help ensure your ads are shown to the right people. Facebook Pixel may collect information from your device when you use the Service. Facebook Pixel collects and processes information in accordance with its own privacy policy. Where required by law (for example, in the EU/EEA or UK), Facebook Pixel and similar marketing tools will only be used with your prior consent, which you can manage at any time via our cookie banner or preferences tool.

30. Tracking Technologies – Google Maps API and Location-Based Features

If we integrate Google Maps API or similar location-based tools into the Services, these tools may collect technical and location-related information (such as IP address, search queries, or approximate location) necessary to provide mapping and geolocation features.

Any Personal Data collected via such tools may be processed by the provider (for example, Google) in accordance with its own privacy policy, in addition to this Privacy Policy. We use such tools only for legitimate purposes such as visualising locations, enabling search or improving user experience, and not for unrelated tracking without a legal basis.