Privacy Policy

Last updated: April 2026. Plain English summary where possible.

What We Collect

  • Account information: Email address, name (optional), restaurant name (optional), hashed password. Never your plaintext password.
  • Invoice data: Text content extracted from your PDF invoices - specifically item names, quantities, units, and prices. We do NOT store your PDF files.
  • Usage data: Invoice counts, subscription status.
  • Session data: A session cookie that keeps you logged in (httpOnly, secure, expires in 30 days).
  • Payment data: We use Stripe for payments. We do not store your credit card information. Stripe processes payments directly and provides us only with subscription status and a customer ID.

What We Do NOT Collect

  • Your PDF files (deleted immediately after text extraction)
  • Your vendor account numbers or login credentials
  • Any data beyond what's listed above
  • Tracking cookies or advertising pixels

How We Use Your Data

  • To provide the Service: Comparing current invoice prices against your price history to detect overcharges.
  • To maintain your account: Authentication, session management, subscription status.
  • To send service emails: Account-related notifications only. No marketing emails unless you opt in.

Data Retention

  • PDF files: Deleted immediately after text extraction (within seconds of upload).
  • Invoice data (free plan): Retained for 90 days.
  • Invoice data (Pro plan): Retained indefinitely while your account is active.
  • Deleted accounts: All data permanently removed within 30 days of account deletion.

Data Sharing

We do not sell, rent, or share your data with third parties, except:

  • Stripe: Payment processing only. They receive your email for receipts and their privacy policy governs their handling.
  • Hetzner (hosting): Our API server runs on Hetzner's infrastructure in Germany (GDPR-compliant EU data center). They host the server but cannot access your application data.
  • Legal requirements: If required by law or to protect rights and safety.

Your Rights

  • Access: Contact us for a copy of your stored data.
  • Correction: Update your profile information in account settings.
  • Deletion: Delete your account anytime in settings. All data removed within 30 days.
  • Portability: Contact us to export your data in a machine-readable format.
  • GDPR (EU users): All of the above rights apply. Contact us at privacy@invoiceguard.app.

Security

  • All data transmitted over HTTPS/TLS
  • Passwords hashed with bcrypt (cost factor 12)
  • Session cookies: httpOnly, secure, sameSite
  • Database access restricted to application server only
  • Regular security updates

Contact

Privacy questions or requests: privacy@invoiceguard.app

We aim to respond within 48 business hours.