Terms of Use

Last updated: 2025-11-13

These Terms of Use (“Terms”) govern your access to and use of the Find My Factory platform and related services.

By creating an account, creating or joining a workspace, using the Enrich function, or otherwise accessing or using our platform, you agree to be bound by these Terms.

If you do not agree to these Terms, do not use the platform.

1. Company Information & Contact Details

Controller / Service Provider

• Name: Find My Factory AB (“Find My Factory”, “we”, “us”, “our”)
• Organization number: 559355-9585
• Address: Hästholmsvägen 32, 131 30 Nacka, Sweden
• General email: info@findmyfactory.eu
• Data protection contact (DPO): dpo@findmyfactory.eu
• Support: support@findmyfactory.eu
• Security: security@findmyfactory.eu 
• Website: findmyfactory.eu
  
  

2. Definitions

• “Account”: A user account created with a full name, email, and password, or via a third-party identity provider (e.g. Google/Microsoft Account), used to access the platform.
  
  
• “Workspace” / “Company Profile”: A digital workspace associated with a company, which can have multiple users. It may contain uploaded product data, internal supplier lists, and other information.
  
  
• “User”: Any natural person using the platform, with or without an Account, who has accepted these Terms. Where applicable, “User” includes the company or organization the person represents.
  
  
• “Information” / “Customer Data”: Any data that you or your organization provide, upload, or ingest into the platform, including products, internal supplier lists, notes, messages, and files.
  
  
• “Enrich Data”: Customer Data uploaded via the “Enrich” function or similar features used specifically to enrich your own supplier data (e.g. your own supplier lists).
  
  
• “Global Supplier Database”: Find My Factory’s own database built from our web crawling, data purchasing, and other sources independent of a specific customer’s Enrich Data.
  
  
• “Related Services”: All additional services and functionalities provided by Find My Factory, including integrations, APIs, and collaborations with third parties.
  
  
• “Website”: www.findmyfactory.eu and any other domains or online pages controlled by Find My Factory.
  
  

3. Scope of Services

Find My Factory provides an AI-driven sourcing platform that allows buyers and suppliers to:

• manage supplier information and relationships,
• discover and evaluate potential suppliers,
• interact and collaborate with suppliers,
• enrich and analyze supplier data using AI-based tools.

We may update and improve the platform over time, including adding or removing features. We may also run data crawling and data purchasing activities to build and maintain our Global Supplier Database.

4. Eligibility & Account Registration

• You must be at least 18 years old and have legal capacity to enter into a binding contract.
• If you use the platform on behalf of a company, you represent that you are authorized to bind that company to these Terms. In that case, references to “you” or “User” include that company.
• You must provide accurate and complete registration information and keep it up to date.
• You are responsible for maintaining the confidentiality of your login credentials and for all activities under your Account.
  
  

Account sharing is not allowed. Each user must have their own Account. Unauthorized sharing of credentials may result in suspension or termination.

5. Use of the Platform – User Responsibilities

You agree to:

1. Provide accurate information
   
   
   
   • Ensure that company profiles, contact details, and any supplier-related data you provide are accurate to the best of your knowledge.
   • Keep your information reasonably up to date.
     
     
2. Respect content standards
   You may not upload or transmit content that is:
   
   
   
   • illegal, infringing, or fraudulent;
   • pornographic, racist, discriminatory, harassing, or otherwise offensive;
   • malicious code, malware, or content intended to disrupt or damage systems.
     
     
3. Protect your access
   
   
   
   • Use reasonable security on your devices.
   • Notify us promptly if you suspect unauthorized access to your Account.
     
     
4. Not misuse the platform
   You may not:
   
   
   
   • scrape, copy, or systematically harvest data from the platform (including our Global Supplier Database) to build or enhance a competing service or database;
   • resell, redistribute, or publicly publish data obtained via the platform without our explicit written permission;
   • use data obtained via the platform for bulk unsolicited marketing, spam or other abusive contact;
   • attempt to bypass or interfere with security or access controls;
   • reverse engineer or attempt to derive source code from any part of the platform, except where permitted by applicable law.
     
     

Permitted use (important clarification):
You may use data obtained via the platform internally within your organization for legitimate business purposes such as supplier discovery, evaluation, qualification and sourcing decisions. This is a core intended use and is not considered a prohibited “commercial use” under these Terms.

6. Platform Availability & Disclaimer

• We strive to provide a secure and reliable platform, but we do not guarantee that the platform will be error-free, uninterrupted, or free of security vulnerabilities.
• We use commercially reasonable efforts to maintain and improve the platform but may perform maintenance or updates that temporarily affect availability.
• While we use advanced methods to gather and validate data, we do not warrant that any data (including supplier details, capabilities, locations, or certifications) is complete, accurate, or up to date.
  You remain responsible for independently verifying any information before making business decisions.
  
  

7. Intellectual Property

• All software, algorithms, content, designs, and data that we provide (including our Global Supplier Database and AI models) are and remain the intellectual property of Find My Factory or its licensors.
• Subject to these Terms and any applicable subscription agreement, we grant you a limited, non-exclusive, non-transferable, revocable license to access and use the platform and our provided data solely for your internal business purposes.
• You retain all rights to your own Customer Data. By uploading or providing Customer Data, you grant us and our subprocessors a worldwide, limited license to host, process, analyze, and use that data only as necessary to:
  
  
  
  • provide and improve the platform and Related Services as described in these Terms, and
  • fulfill obligations under any applicable customer agreement.
    
    

8. Data Protection & GDPR

8.1 Roles

Depending on the data and use case:

• For platform usage data, account data, and our Global Supplier Database, Find My Factory generally acts as an independent data controller.
• For Customer Data that you upload or manage within your Workspace (especially Enrich Data), we typically act as a processor on behalf of your organization, to the extent we process that data only on your documented instructions.

Where required, additional data processing terms or a Data Processing Agreement (“DPA”) may apply between us and your organization.

8.2 Categories of Personal Data

We may process:

• Account & user data: name, email, role, company, login data.
• Usage & analytics data: IP address, device and browser information, timestamps, pages visited, search queries, actions taken, and related logs.
• Supplier-related data: contact names, emails, phone numbers, and other business contact details where these identify individuals.
• Support & communications: messages you send to us (support tickets, emails, chat).
  
  

8.3 Special Categories (GDPR Article 9)

The platform is not intended for processing special categories of personal data as defined in GDPR Article 9 (e.g. health data, political opinions, religious beliefs, trade union membership, biometric data for identification, etc.).

You agree not to upload such data. If we become aware that such data has been uploaded, we may delete or anonymise it where reasonably practicable.

8.4 Purposes & Legal Bases

We process personal data for the following purposes and legal bases (GDPR):

• To provide the services and fulfill our contract with you
  (Art. 6(1)(b)): operating the platform, authenticating users, processing Customer Data, providing support.
• To maintain and improve the platform and security
  (Art. 6(1)(f): legitimate interests): monitoring usage, detecting abuse or security incidents, improving performance, developing new features.
• To conduct analytics and product improvement
  (Art. 6(1)(f)): aggregated analytics, usage statistics, and AI model training as described in Section 9.
• To send service-related communications
  (Art. 6(1)(b) or 6(1)(f)): updates about changes, incidents, or needed information.
• Marketing communications (e.g. newsletters), where applicable:
  
  • Based on consent (Art. 6(1)(a)) or, where permitted, legitimate interests (Art. 6(1)(f)).
    You may unsubscribe at any time.
    
    

8.5 Data Retention

Unless a longer retention period is required by law or necessary to establish or defend legal claims:

• Active data: We retain Customer Data for as long as your Account and/or Workspace is active.
  
  
• Deletion after termination:
  
  
  
  • When you request deletion of specific Customer Data or terminate your customer relationship, we delete or anonymise the relevant data from active systems within 90 days.
    
    
• Backups:
  
  
  
  • Encrypted backups may persist for up to 3 years for disaster recovery and legal purposes.
  • Access to backups is strictly limited. Data in backups is not used for any other purpose and is deleted on rotation.
    
    
• Logs and analytics:
  
  
  
  • Operational logs and usage analytics containing personal data are retained only for as long as necessary for security, troubleshooting, and analytics, after which they are either deleted or anonymised and used only in aggregated form.
    
    
• Models and aggregated statistics:
  
  
  
  • Aggregated statistics and trained models derived from personal data may be retained beyond the above periods, but they no longer contain personal data in a form that identifies you or your organization.
    
    

Where your data has been used to train models, we generally do not retrain historical models solely to remove that influence, but we ensure that future training data no longer includes your information once you exercise an applicable opt-out or deletion right.

8.6 Your Rights

Under GDPR, you (or your organization, where applicable) may have the right to:

• access your personal data;
• rectify inaccurate or incomplete data;
• erase personal data (right to be forgotten);
• restrict processing;
• object to certain processing (especially where based on legitimate interests);
• data portability (receive personal data in a structured, commonly used, machine-readable format).

To exercise these rights or opt out of certain data uses (e.g., analytics / model training where applicable), contact us at dpo@findmyfactory.eu. We may need to verify your identity and/or authority before acting on your request.

You also have the right to lodge a complaint with a supervisory authority, in particular the Swedish Authority for Privacy Protection (IMY) or the authority in your country of residence.

9. AI, Logs, and Use of Customer Data

9.1 Customer-specific models

We may, at your request or as part of the service, train or fine-tune customer-specific AI models using your Customer Data, including Enrich Data, to provide you with tailored functionality.

• These models are not shared with other customers.
• The underlying infrastructure and base models may be shared, but your training data and customer-specific model artifacts are access-controlled and logically separated.
  
  

9.2 Global models & product improvement

We may also use non-Enrich Customer Data, logs, and usage information to improve our general models and services, subject to:

• Removal or masking of personal data and direct identifiers before training to the extent practicable.
  
  
• No use of your Enrich Data (your own uploaded supplier lists and similar) for global model training or to augment our Global Supplier Database, unless:
  
  
  
  • those suppliers already existed in our Global Supplier Database or were otherwise independently obtained by us before your upload.
    
    

Typical examples of data used for product improvement include:

• search queries and filters,
• click patterns and interaction logs,
• performance metrics of AI results,
• non-Enrich content you input into AI features.
  
  

You may request to opt out of the use of your data for product improvement (where we act as controller and such an opt-out is technically and legally feasible) by contacting dpo@findmyfactory.eu. Opting out may limit certain advanced functionalities.

As stated above:

Where your data has been used to train models, we generally do not retrain historical models solely to remove that influence, but we ensure that future training data no longer includes your information once the opt-out or deletion has been applied.

9.3 Queries and prompts

Queries, prompts, and other inputs you submit to AI features on the platform may be:

• logged for security and abuse detection,
• used (after de-identification and aggregation where possible) to evaluate and improve our models, relevance-ranking, and user experience.
  
  

9.4 Enrich Data – strict separation

Enrich Data (your own supplier lists and internal supplier information uploaded via Enrich or similar features):

• is stored in a logically separate database from our Global Supplier Database;
• is not visible or searchable by other customers;
• is not added to our Global Supplier Database or used to infer that a supplier is associated with your company;
• is not used for global model training or product improvement, unless the supplier information was already present in our Global Supplier Database from independent sources.
  
  

We may process Enrich Data solely to:

• provide and improve AI-based functionality inside your Workspace,
• cross-reference it internally to return better results only for your searches and related features,
• maintain security and integrity of the service.
  
  

9.5 Temporary files

Some parts of the platform may create temporary files or intermediate data (for example, during file uploads, parsing, or batch processing).

• These temporary files are stored only for a short period necessary to complete the operation and ensure reliability and security.
• Temporary files are not used for model training or any other purpose and are deleted or overwritten as part of regular housekeeping.
  
  

10. Subprocessors, Cloud Providers & International Transfers

We use third-party service providers (“Subprocessors”) to host and process data on our behalf, such as:

• Cloud infrastructure providers (e.g., AWS, Google Cloud Platform)
• Database and storage providers,
• Selected AI infrastructure providers (e.g., model hosting or inference APIs),
• Monitoring, logging and analytics tools.
  
  

We primarily use data centers located in the EU/EEA wherever possible. Where data may be transferred or accessed from outside the EU/EEA (for example due to provider operations), we implement appropriate safeguards, including:

• reliance on an adequacy decision, where applicable, and/or
• Standard Contractual Clauses approved by the European Commission.
  
  

Our Subprocessors:

• act only on our documented instructions,
• are bound by confidentiality obligations,
• are contractually prohibited from using your data for their own purposes, including training their own models, except where you have a separate direct agreement with such provider.
  
  

We maintain an up-to-date list of key Subprocessor categories and can provide more information upon request.

11. Security

We implement appropriate technical and organizational measures to protect personal data and Customer Data, including:

• encryption of data in transit and at rest, where applicable;
• firewalls and access controls;
• role-based access control and least-privilege principles;
• logging and monitoring of access to critical systems;
• regular backups and disaster recovery planning.
  
  

Despite these measures, no system can be guaranteed to be 100% secure. You are responsible for applying reasonable security controls on your own devices and networks.

In case of a personal-data breach that is likely to result in a risk to your rights and freedoms, we will notify affected customers and, where required, the relevant supervisory authority in accordance with GDPR.

12. Third-Party Services & Links

The platform may integrate with or link to third-party services (e.g. identity providers, collaboration tools, analytics tools).

• Your use of such third-party services is governed by their own terms and privacy policies.
• We are not responsible for third-party services that we do not control.
  
  

13. Prohibited Uses & Enforcement

In addition to other restrictions in these Terms, you must not:

• attempt to access data or areas of the platform you are not authorized to access;
• use the platform to violate applicable laws, export controls, or sanctions;
• use the platform to harm or harass others or interfere with their use.
  
  

We may, at our discretion and without liability, suspend or terminate your Account or access to the platform if:

• you materially breach these Terms,
• you misuse data or the platform,
• we reasonably believe such actions are necessary to protect other users, our infrastructure, or our legal interests.
  
  

14. Warranties & Liability

To the maximum extent permitted by law:

• The platform and all data and services are provided on an “as is” and “as available” basis.
• We disclaim all warranties, whether express or implied, including fitness for a particular purpose, non-infringement, and accuracy or completeness of data.
  
  

We are not liable for:

• indirect, incidental, special or consequential damages,
• loss of profits, revenue, business opportunities, or data,
  arising out of or in connection with your use of the platform.
  
  

Our total aggregate liability arising out of or related to these Terms or the platform (whether in contract, tort, or otherwise) shall not exceed the amounts paid by you to us for the services in the 12 months preceding the event giving rise to the claim (or, if you use a free version, €100).

Nothing in these Terms limits liability that cannot be limited under applicable law (e.g. for intentional misconduct).

You agree to indemnify and hold harmless Find My Factory from any claims, damages, or liabilities arising out of your misuse of the platform, your breach of these Terms, or your violation of applicable law.

15. Changes to These Terms

We may update these Terms from time to time to reflect:

• changes in our services,
• legal or regulatory developments,
• security or operational needs.
  
  

We will notify you of material changes through the platform, by email, or other reasonable means. If you continue to use the platform after the updated Terms become effective, you are deemed to have accepted them.

If you do not agree with the updated Terms, you must stop using the platform and, if applicable, cancel your subscription or close your Account.

16. Governing Law & Dispute Resolution

These Terms are governed by the laws of Sweden, without regard to conflict-of-law principles.

Any dispute arising out of or in connection with these Terms, the platform, or our services shall be subject to the exclusive jurisdiction of the courts of Sweden, with Stockholm as the first instance venue, unless mandatory law provides otherwise.

17. Contact

If you have questions, concerns, or requests regarding these Terms or our data processing, you can contact us at:

• Email (general): info@findmyfactory.eu
• Data protection / privacy: dpo@findmyfactory.eu

Address: Find My Factory AB, Hästholmsvägen 32, 131 30 Nacka, Sweden