Privacy Policy

🚫 Your Data is NEVER Used for AI Training

We want to be crystal clear: your documents, invoices, and extracted data are never, under any circumstances, used to train our AI models or any third-party AI systems.

• Our AI processes your documents in real-time and immediately discards processing data
• No document content is stored for model improvement purposes
• Your data remains exclusively yours - we treat it as confidential business information
• AI model updates use only publicly available datasets and synthetic data

All your data is protected with military-grade encryption standards:

• AES-256 encryption at rest: Your stored documents and data are encrypted with the same security used by banks and governments
• TLS 1.3 in transit: All data transfers are encrypted end-to-end
• Encrypted backups: Daily backups are also fully encrypted
• Zero-knowledge architecture: Even we cannot decrypt your data without your credentials

Only YOU can access your data. Not even our team members can view your documents.

• Role-based access control ensures only authorized users in your organization can access specific data
• Multi-factor authentication (MFA) available for enhanced security
• Comprehensive audit logs track all data access
• You can delete your data permanently at any time

Account Information:

• Email address and username
• Encrypted password (we never store plain text passwords)
• Profile settings and preferences

Document Data:

• Uploaded invoices and documents (encrypted)
• Extracted OCR data (encrypted and only accessible to you)
• Processing metadata (timestamps, file types)

Usage Analytics:

• Aggregated, anonymized usage statistics for service improvement
• Error logs (without document content)
• Performance metrics

We DO NOT sell, rent, or share your personal data or document content with third parties.

The only exceptions are:

• Service providers: Trusted infrastructure partners (cloud hosting, payment processing) who are contractually bound to protect your data
• Legal requirements: When required by law or to protect our legal rights
• With your consent: Integrations you explicitly enable (e.g., exporting to QuickBooks)

• Your documents and data are retained as long as your account is active
• You can delete individual documents or your entire account at any time
• Upon account deletion, all your data is permanently removed within 30 days
• Backups are also purged after the retention period

We comply with major data protection regulations:

• GDPR: EU General Data Protection Regulation
• CCPA: California Consumer Privacy Act
• SOC 2 Type II: Security, availability, and confidentiality standards
• ISO 27001: Information security management certification

You have the right to:

• Access all your personal data we store
• Request corrections to your data
• Delete your account and all associated data
• Export your data in a machine-readable format
• Object to data processing
• Opt-out of marketing communications