Last updated: June 2026
The customer is the data controller; Fenna is the processor for personal data processed through the service.
Fenna processes personal data only on the customer's instructions and to provide the service.
Appropriate technical and organisational measures: encryption in transit, access control, EU/EEA hosting and per-customer RLS data isolation.
Telephony, speech, email and hosting providers, under equivalent obligations. List available on request.
Personal data is processed in the EU/EEA (hosting in Ireland). Any transfer outside the EEA happens only with appropriate safeguards (e.g. SCCs).
Fenna notifies the customer of data breaches without undue delay.
On termination, personal data is deleted or anonymised; recordings and transcripts after 90 days regardless, unless the law requires otherwise.