Data processing terms

Parties and roles

These terms apply where an account user, acting as controller for its invoice customers, uses the app and instructs [CONTROLLER LEGAL NAME] to process customer and invoice personal data. In that case, the account user is the controller and [CONTROLLER LEGAL NAME] is the processor for that customer and invoice data.

[CONTROLLER LEGAL NAME] remains controller for account administration, service security, billing, support, provider management, legal compliance, and its own business records.

Processing instructions

The account user's documented instructions are to host, store, retrieve, display, calculate, email, export, delete, and otherwise process customer and invoice data only as needed to provide the app, maintain security, provide support, comply with law, and follow the account user's settings and actions in the app.

Processing details

Subject matter: invoice creation, invoice delivery, public invoice access, PDF generation, payment status tracking, account export, account deletion, and support.

Duration: while the account uses the app and for the retention periods in the privacy notice, unless earlier deletion is requested and no legal or dispute-related retention reason applies.

Data subjects: account users, customer contacts, invoice recipients, payer contacts, and people named in invoice or support content.

Data categories: names, email addresses, phone numbers, billing and job addresses, business details, invoice descriptions, line items, amounts, due dates, notes, payment references, payment status, IP-derived security or access logs, and support content.

Sub-processors and providers

The account user authorises [CONTROLLER LEGAL NAME] to use these providers where needed: Supabase for authentication and database hosting, Stripe for connected account onboarding and card payments, Brevo for transactional email delivery, and [HOSTING PROVIDER] for application hosting, security, and logs.

Stripe may also act as an independent or joint controller for regulated payment, identity verification, fraud prevention, sanctions, tax, compliance, and support purposes. Each provider's own legal terms and privacy documents also apply where they act as controller.

Security

The app uses authenticated dashboard routes, database row-level security, server-side secrets, Stripe webhook signature checks, HTTPS in production, account data export, account data deletion, and limited public invoice access through hard-to-guess tokens. Account users remain responsible for device security, user access, accurate customer data, and careful sharing of public invoice links.

Assistance and rights requests

[CONTROLLER LEGAL NAME] will provide reasonable assistance, taking account of the nature of the app, to help account users respond to UK GDPR requests for access, correction, deletion, restriction, portability, or objection. Account users can use Business settings to export account data or request account deletion.

Send support and data protection requests to [SUPPORT EMAIL]. Include the account email address, invoice number, public invoice link, and a clear description of the request.

Deletion, return, and retention

On request or account closure, [CONTROLLER LEGAL NAME] will delete or return customer and invoice data unless it must be retained for legal, tax, accounting, security, backup, dispute, or provider compliance reasons. Invoices, payment records, and related customer records are normally retained for 6 years. Backup copies may persist for a limited period before routine overwrite.

International transfers

Where a provider processes personal data outside the UK, [CONTROLLER LEGAL NAME] will rely on appropriate transfer safeguards offered by that provider, such as an adequacy regulation, UK International Data Transfer Agreement, UK Addendum to EU Standard Contractual Clauses, or the UK Extension to the EU-US Data Privacy Framework where applicable.

Incidents and audits

[CONTROLLER LEGAL NAME] will notify affected account users without undue delay after becoming aware of a personal data breach involving their customer data where notification is required. Audit and compliance information will be provided through reasonable written requests, security summaries, provider documentation, and support responses rather than direct access to production systems.