top of page
Firnal Logo_edited.png

PRIVACY POLICY

I. Overview and Scope

Firnal Inc. (“Firnal”, “we”, “our”, or “us”) is committed to protecting the privacy and personal data of individuals who interact with us, including clients, website visitors, vendors, job applicants, and platform users. This Privacy Policy explains how we collect, use, share, store, and protect personal data across all of Firnal’s business activities.
 

This policy applies to:

  • Visitors to www.firnal.com or affiliated websites (e.g., dvrint.com, hikmahedu.com, moonbrush.org)

  • Users of Firnal platforms or digital tools (e.g., Moonbrush)

  • Clients, prospective clients, and business partners

  • Individuals who attend Firnal events or receive our content

  • Job applicants and professional contacts
     

This policy applies globally, regardless of jurisdiction. However, where specific data protection laws apply (e.g., GDPR, CCPA, NDPR), we comply with those laws and provide jurisdiction-specific rights and disclosures.

II. What Data We Collect

We may collect the following categories of personal data, depending on the context of your interaction with Firnal:
 

1. Identification and Contact Data
 

  • Name, email address, phone number, company name, job title, address

  • LinkedIn profiles or professional bios (when submitted or publicly available)
     

2. Business and Engagement Data
 

  • Client account history, project correspondence, meeting records

  • Communication preferences and event participation
     

3. Technical and Website Usage Data
 

  • IP address, browser type, device ID, operating system

  • Page views, time spent, referral URL, cookies, and analytics

  • Location information (approximate, derived from IP)
     

4. Platform and Tool Usage (e.g., Moonbrush)

  • Login credentials, usage logs, behavioral analytics

  • Uploaded documents or datasets (when applicable)

  • Access history and permissions
     

5. Recruitment and Applicant Data
 

  • Resume/CV, work history, education, references

  • Interview notes, assessments, offer or rejection status

  • Background check results (where legally permitted)
     

We do not collect:
 

  • Biometric data

  • Sensitive health data (unless voluntarily disclosed during hiring or events)

  • Payment card data directly (unless explicitly required for billing purposes)

IV. Legal Bases for Processing (GDPR and Equivalent Jurisdictions)

Where GDPR or similar frameworks apply, we process personal data on the following lawful bases:
 

  • Contractual necessity (e.g., service delivery)

  • Legitimate interests (e.g., analytics, marketing with safeguards)

  • Legal obligations (e.g., recordkeeping, fraud prevention)

  • Consent, where required (e.g., cookie placement, email marketing)
     

You may withdraw consent at any time without affecting prior processing.

V. Data Sharing and Third-Party Disclosures

We do not sell personal data collected from this website under any circumstances.
 

We may share data with trusted third parties only for the purposes outlined above, including:
 

  • Cloud service providers (e.g., Google Workspace, Microsoft, AWS)

  • Analytics platforms (e.g., Google Analytics, Mixpanel)

  • CRM, marketing, and email service providers

  • Law firms, auditors, or regulators (when legally required)

  • Third-party investigators in the event of a compliance incident
     

We require all vendors to sign Data Processing Agreements (DPAs) and adhere to equivalent security and confidentiality standards.

VI. International Data Transfers

Firnal operates globally. If we transfer personal data outside of your country (e.g., from the EU to the U.S. or vice versa), we implement appropriate safeguards including:

  • Standard Contractual Clauses (SCCs)

  • Data Transfer Agreements

  • Additional technical or contractual protections
     

We regularly assess international transfer risks and adapt our practices to comply with evolving global standards (e.g., Schrems II).

VII. Data Retention and Storage

Firnal retains personal data only for as long as necessary to fulfill the purpose for which it was collected, including:
 

  • Legal, regulatory, and tax recordkeeping

  • Contract enforcement or defense of legal claims

  • Ongoing client relationships
     

We use secure cloud environments with:
 

  • Encryption at rest and in transit

  • Access controls, role-based permissions, and audit trails

  • Regular vulnerability assessments and intrusion monitoring
     

When data is no longer needed, it is securely deleted or anonymized.

VIII. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights:
 

Under GDPR (EU/UK/EEA):
 

  • Right to access, correct, or delete your personal data

  • Right to restrict or object to processing

  • Right to data portability

  • Right to lodge a complaint with your supervisory authority
     

Under CCPA/CPRA (California):
 

  • Right to know what personal data we collect and how we use it

  • Right to request deletion of personal data

  • Right to opt out of “sale” or “sharing” of data (Firnal does neither)

  • Right to non-discrimination for exercising privacy rights
     

Other Jurisdictions (e.g., Japan, Ghana, UAE, Nigeria, Canada, Brazil):
 

We honor rights under applicable national data protection laws and provide similar access, correction, or deletion options.
 

To submit a request, email: privacy@firnal.com
To opt out of marketing communications, use the unsubscribe link or email: unsubscribe@firnal.com

IX. Cookies and Tracking Technologies

Firnal uses cookies, pixels, and analytics tools to:
 

  • Understand website traffic and usage

  • Improve site performance and user experience

  • Personalize content and marketing
     

You may manage cookie preferences through our Cookie Settings Tool or browser settings.

X. Children’s Privacy

Firnal does not knowingly collect or process personal data from individuals under the age of 18. If we become aware that data from a minor has been collected without parental consent, we will delete it immediately.

XI. Changes to This Policy

This policy is reviewed at least annually and updated to reflect:

  • Legal or regulatory changes

  • Operational changes in our data use

  • Evolving best practices
     

We will notify users of material updates via banner, email, or pop-up notification, as appropriate.

XII. Contact Us

For any questions, requests, or concerns regarding this Privacy Policy or Firnal’s data practices, contact:

Firnal Inc.
Attn: Director of Data Protection
8 The Green, Suite A
Dover, DE 19901, USA
Email: privacy@firnal.com
Subject line: Privacy Inquiry

III. How and Why We Use Your Data

Firnal collects and processes personal data only for legitimate business purposes, in accordance with applicable data protection laws.
 

1. Business Purposes
 

  • Responding to inquiries and communications

  • Executing contracts and delivering services

  • Managing client accounts and performance reporting

  • Hosting meetings, events, or webinars
     

2. Marketing and Communications

  • Sending newsletters, insights, event invites, or whitepapers

  • Delivering customized content and engagement based on interests

  • Providing opt-out links in every promotional communication
     

3. Platform and Tool Operation
 

  • Authenticating users and managing permissions

  • Monitoring usage, performance, and access security

  • Troubleshooting and product development
     

4. Legal and Compliance

  • Enforcing our Terms of Use and contracts

  • Preventing fraud, misuse, and security incidents

  • Complying with laws, regulations, and lawful government requests

Firnal Incorporated

8 The Green, Suite A

Dover DE 19901

Effective Date: July 1, 2019

Last Reviewed: July 1, 2025

bottom of page