Privacy Policy

1. Introduction

Welcome to Finful ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our invoicing application and related services.

2. Information We Collect

2.1 Personal Information

We collect the following personal information:

• Account Information: Name, email address, password, and business details when you create an account
• Business Information: Company name, address, tax identification numbers, banking details, and business registration information
• Client Information: Names, email addresses, addresses, and payment details of your clients (which you input into our system)
• Invoice Data: Invoice details, line items, amounts, payment terms, and related financial information
• Payment Information: Payment method details, transaction history, and billing information (processed securely through Stripe)
• Usage Data: How you interact with our application, features used, and performance metrics

2.2 Technical Information

We automatically collect:

• Device information (IP address, browser type, operating system)
• Usage analytics and performance data
• Cookies and similar tracking technologies
• Error logs and crash reports

3. How We Use Your Information

We use your information for the following purposes:

• Service Provision: To provide and maintain our invoicing services
• Account Management: To manage your account, process payments, and provide customer support
• AI Tax Assistance: To provide AI-powered tax assistance and recommendations (with your consent)
• Payment Processing: To process payments through Stripe and manage subscriptions
• Communication: To send important updates, security notifications, and customer support messages
• Improvement: To improve our services, develop new features, and enhance user experience
• Compliance: To comply with legal obligations and enforce our terms of service

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

4.1 Service Providers

• Firebase (Google): For hosting, database, authentication, and analytics services
• Stripe: For payment processing and subscription management
• Resend: For email delivery services
• AI Service Providers: For AI tax assistance features (with appropriate safeguards)

4.2 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights, property, or safety.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction.

5. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Encryption of data in transit and at rest
• Secure authentication and access controls
• Regular security assessments and updates
• Employee training on data protection
• Compliance with industry security standards

6. Data Retention

We retain your information for as long as necessary to:

• Provide our services to you
• Comply with legal obligations
• Resolve disputes and enforce agreements
• Maintain business records

You may request deletion of your account and associated data at any time.

7. Your Rights (GDPR Compliance)

Under the General Data Protection Regulation (GDPR), you have the following rights:

• Access: Request a copy of your personal information
• Rectification: Request correction of inaccurate information
• Erasure: Request deletion of your personal information
• Portability: Request transfer of your data to another service
• Restriction: Request limitation of processing
• Objection: Object to processing of your data
• Withdrawal: Withdraw consent for data processing

8. International Data Transfers

Your data may be processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place through:

• Standard Contractual Clauses (SCCs)
• Adequacy decisions
• Other appropriate safeguards as required by GDPR

9. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Maintain your session and preferences
• Analyze usage patterns and improve our service
• Provide personalized content and features

You can control cookie settings through your browser preferences.

10. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16.

11. Third-Party Services

Our service integrates with third-party services:

• Stripe: Payment processing (subject to Stripe's privacy policy)
• Firebase: Infrastructure and analytics (subject to Google's privacy policy)
• Social Media Platforms: For social media discount features

These services have their own privacy policies, and we encourage you to review them.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending email notifications to registered users
• Displaying in-app notifications

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

14. Data Protection Officer

For GDPR-related inquiries, you may contact our Data Protection Officer at hello@finful.app.

15. Complaints

If you believe we have not addressed your privacy concerns adequately, you have the right to lodge a complaint with your local data protection authority.