Privacy Policy

1. INTRODUCTION

Post Invoice ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Post Invoice application and related services (the "Service").

By using our Service, you consent to the data practices described in this Privacy Policy. If you do not agree with the practices described in this policy, please do not use our Service.

2. INFORMATION WE COLLECT

2.1 Information You Provide to Us

We collect information you provide directly to us, including:

• Account Information: Email address, name, company information, and password
• Payment Information: Billing address and payment method details (processed securely through Stripe)
• Invoice Data: PDF invoices and extracted data that you upload for processing
• QuickBooks Data: Information from your QuickBooks account necessary for integration
• Communication Data: Messages you send to our support team
• Profile Information: Any additional information you choose to provide in your profile

2.2 Information We Collect Automatically

When you use our Service, we automatically collect certain information:

• Usage Data: Information about how you use our Service, including features accessed and time spent
• Device Information: Information about your device, browser type, operating system, and IP address
• Log Data: Server logs including error reports and performance metrics
• Cookies and Tracking: We use cookies and similar technologies to enhance your experience

2.3 Information from Third Parties

We may receive information from third-party services you connect to our platform, such as QuickBooks Online, including customer lists, vendor information, and accounting data necessary to provide our services.

3. HOW WE USE YOUR INFORMATION

We use the information we collect to:

• Provide, maintain, and improve our Service
• Process and manage your invoices and integrate with QuickBooks
• Authenticate your identity and manage your account
• Process payments and billing
• Provide customer support and respond to your inquiries
• Send you technical notices, security alerts, and administrative messages
• Analyze usage patterns to improve our Service
• Comply with legal obligations and enforce our terms
• Detect and prevent fraud, security breaches, and other harmful activities
• Personalize your experience and provide relevant features

4. INFORMATION SHARING AND DISCLOSURE

4.1 Third-Party Service Providers

We may share your information with trusted third-party service providers who assist us in:

• Payment Processing: Stripe for secure payment processing
• Cloud Infrastructure: Vercel, Supabase for hosting and database services
• AI Processing: Google Gemini for document processing and data extraction
• Analytics: Vercel Analytics for performance monitoring
• Integration Services: QuickBooks API for accounting software integration

4.2 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information is transferred and becomes subject to a different privacy policy.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities, such as a court or government agency.

4.4 Protection of Rights

We may disclose information to protect our rights, property, or safety, or that of our users or others, including exchanging information for fraud protection and security purposes.

5. DATA SECURITY

We implement appropriate technical and organizational security measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and monitoring
• Access controls and authentication mechanisms
• Secure hosting infrastructure with industry-standard protections
• Regular backups and disaster recovery procedures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

6. DATA RETENTION

We retain your information for as long as necessary to provide our services and fulfill the purposes outlined in this Privacy Policy. Specifically:

• Account Data: Retained while your account is active and for 90 days after closure
• Invoice Data: Retained for 7 years for accounting and legal compliance purposes
• Usage Logs: Retained for 2 years for security and analytics purposes
• Payment Records: Retained according to financial regulations (typically 7 years)

You may request deletion of your data at any time, subject to our legal obligations to retain certain information for compliance purposes.

7. YOUR PRIVACY RIGHTS

7.1 Access and Portability

You have the right to access and receive a copy of the personal information we hold about you. You can export your data at any time through your account settings.

7.2 Correction and Updates

You can update your account information and preferences at any time through your account settings. You may also contact us to correct any inaccurate information.

7.3 Deletion

You may request deletion of your account and associated data. Note that some information may be retained for legal compliance or legitimate business purposes.

7.4 Objection and Restriction

You may object to certain processing of your information or request that we restrict processing in certain circumstances.

8. COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar tracking technologies to collect and use personal information about you. These technologies help us:

• Remember your preferences and settings
• Authenticate your identity and maintain your session
• Analyze how our Service is used and improve performance
• Provide security features and fraud protection

You can control cookies through your browser settings, but disabling certain cookies may limit the functionality of our Service.

9. INTERNATIONAL DATA TRANSFERS

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country. When we transfer your information internationally, we implement appropriate safeguards to protect your data.

10. CHILDREN'S PRIVACY

Our Service is not intended for children under the age of 13 (or 16 in the European Union). We do not knowingly collect personal information from children under these ages. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

11. CALIFORNIA PRIVACY RIGHTS

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected and how it is used
• Right to delete personal information
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising privacy rights

To exercise these rights, please contact us using the information provided below.

12. EUROPEAN PRIVACY RIGHTS

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including:

• Right of access to your personal data
• Right to rectification of inaccurate data
• Right to erasure of your data
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to lodge a complaint with a supervisory authority

13. UPDATES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on our website and updating the "Last updated" date.

Your continued use of our Service after the effective date of the updated Privacy Policy constitutes your acceptance of the changes.

14. CONTACT INFORMATION

If you have any questions about this Privacy Policy or our privacy practices, please contact us: