Privacy notice

Controller details

The operator of this service is [CONTROLLER LEGAL NAME], [COMPANY NUMBER OR SOLE TRADER NAME], of [POSTAL ADDRESS]. For privacy questions, requests, and complaints, email [PRIVACY EMAIL] or write to the postal address above.

Controller registration number: [ICO REGISTRATION NUMBER, IF APPLICABLE]. Support contact: [SUPPORT EMAIL]. Security contact: [SECURITY EMAIL].

Roles

For account registration, business profile data, support requests, service security, and platform administration, [CONTROLLER LEGAL NAME] acts as controller. When a tradesperson or business uses the app to store customer details and issue invoices, that account user is normally the controller for the customer and invoice data they enter, and [CONTROLLER LEGAL NAME] processes that data to provide the app.

Invoice customers should contact the business named on the invoice first about the job, payment dispute, or invoice content. They can also contact [SUPPORT EMAIL] if they need help with a public invoice link, a privacy request, or a security concern.

Personal data we process

The app processes account names, email addresses, authentication identifiers, business profile details, contact details, trading address, website, VAT or company numbers, bank transfer details entered by the account user, customer names, customer email addresses, phone numbers, billing and job addresses, invoice descriptions, line items, notes, due dates, payment status, public invoice tokens, email delivery records, device-stored offline drafts, service logs, and support messages.

Account users should avoid adding unnecessary personal data, special category data, or confidential customer information to invoice notes, job descriptions, or support messages.

Why we use it

We use personal data to create accounts, authenticate users, save business settings, create and send invoices, provide public invoice pages, generate PDFs, send payment reminders, track invoice status, record card or bank payment status, provide account export and deletion tools, support users, prevent misuse, keep the service secure, and meet legal, tax, accounting, and dispute-handling obligations.

The usual lawful bases are contract, legitimate interests, and legal obligation. Consent is only used where a feature specifically asks for it, such as future optional analytics or marketing. Account users remain responsible for selecting and documenting the lawful basis for customer data they add to invoices.

Payments and providers

Card details are not stored in this app. If card payments are enabled, customers pay through Stripe Checkout. Stripe receives payment, fraud prevention, identity, compliance, and transaction data and may act as a processor and as an independent or joint controller where payment law, fraud prevention, or financial regulation requires it. The app stores Stripe account IDs, checkout session or payment references, payment status, amount paid, and timestamps so invoices can be reconciled.

Personal data may also be processed by Supabase for authentication and database hosting, Brevo for transactional emails, [HOSTING PROVIDER] for hosting and server logs, Stripe for payment processing and connected account onboarding, and professional advisers or authorities where required by law. Public invoice links show the invoice connected to that secure token, so account users should share them only with intended recipients.

International transfers

Some providers may process data outside the UK. Where this happens, [CONTROLLER LEGAL NAME] relies on the provider's UK GDPR transfer safeguards, such as an adequacy regulation, the UK International Data Transfer Agreement, the UK Addendum to EU Standard Contractual Clauses, or the UK Extension to the EU-US Data Privacy Framework where available.

How long data is kept

Account profile data is kept while the account is active and for up to 12 months after closure unless a longer period is needed for tax, accounting, security, dispute, or legal reasons. Invoices, payment records, invoice emails, and related customer records are normally kept for 6 years from the invoice date or end of the relevant accounting period. VAT One Stop Shop or other specialist records may need to be kept for longer where those rules apply.

Public invoice tokens remain available while the invoice is retained unless the account user deletes the invoice or asks support to disable access. Offline drafts are kept on the device until they sync, are submitted, or are cleared by the user. Security logs are normally kept for up to 12 months. Support messages are normally kept for up to 24 months after the issue is closed.

Your rights

UK GDPR rights can include access, rectification, erasure, restriction, portability, objection, and the right to complain to the Information Commissioner's Office. These rights are not absolute and may depend on the data, the lawful basis, and legal retention duties.

Account users can export account data or request deletion from Business settings. To make a privacy request, email [PRIVACY EMAIL] with the account email address, invoice number or public invoice link if relevant, and enough detail to identify the data. We aim to respond within one month unless the request is complex.

Security

Dashboard routes require authentication. Database row-level security limits each account user to their own data. Payment webhooks are signature-verified. Secrets and payment keys are stored server-side. No system can be made perfectly secure, so suspected unauthorised access, misdirected invoice links, or lost devices should be reported promptly to [SECURITY EMAIL].