Privacy Policy

1. Introduction

Simple Invoice Hub ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our invoice management platform ("Service").

By using the Service, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide to Us

We collect information that you voluntarily provide when using the Service:

• Account Information: Email address, name, password (encrypted)
• Company Profile: Business name, address, tax ID, logo, contact details
• Client Information: Client names, addresses, contact information
• Invoice Data: Line items, amounts, dates, payment terms, notes
• Payment Information: Processed securely through Stripe (we do not store credit card details)
• Communications: Emails, support requests, feedback

2.2 Automatically Collected Information

When you access the Service, we automatically collect:

• Usage Data: Pages visited, features used, time spent, click patterns
• Device Information: IP address, browser type, device type, operating system
• Cookies and Tracking: Session cookies, preference cookies, analytics cookies
• Log Data: Access times, error logs, performance metrics

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Provision

• Create, manage, and store your invoices
• Generate PDF exports
• Maintain your account and authenticate access
• Process subscription payments

3.2 Service Improvement

• Analyze usage patterns to improve features
• Debug and fix technical issues
• Develop new features and functionality
• Optimize user experience and performance

3.3 Communication

• Send service updates and notifications
• Respond to support requests
• Provide important account information
• Send marketing communications (with opt-out option)

3.4 Security and Compliance

• Detect and prevent fraud or abuse
• Ensure compliance with legal obligations
• Protect the rights and safety of users

4. Third-Party Services

We use the following third-party services that may collect and process your data:

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

5.1 Essential Cookies

Required for the Service to function properly (authentication, session management).

5.2 Analytics Cookies

Help us understand how users interact with the Service (Google Analytics, Microsoft Clarity).

5.3 Preference Cookies

Remember your settings and preferences (language, currency, theme).

You can control cookies through your browser settings. Note that disabling essential cookies may affect Service functionality.

6. Data Security

We implement industry-standard security measures to protect your data:

• Encryption in transit (HTTPS/TLS) and at rest
• Secure password hashing
• Regular security audits and updates
• Access controls and authentication
• Automated backups
• Account-level data isolation

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Data Retention

We retain your data for different periods depending on the type:

• Active Accounts: Data retained while your account is active
• Cancelled Accounts: 30 days retention period for reactivation
• Legal Requirements: Some data retained longer to comply with laws (e.g., tax records)
• Analytics Data: Anonymized data may be retained indefinitely

8. Your Privacy Rights

Depending on your location, you may have the following rights:

8.1 Access and Portability

Request a copy of your personal data in a structured, machine-readable format.

8.2 Correction

Update or correct inaccurate personal data through your account settings.

8.3 Deletion

Request deletion of your personal data (subject to legal retention requirements).

8.4 Opt-Out

Unsubscribe from marketing emails or opt-out of analytics tracking.

8.5 Restriction

Request restriction of processing in certain circumstances.

To exercise these rights, contact us at hellovibecoder@proton.me.

9. GDPR Compliance (EU Users)

If you are located in the European Economic Area (EEA), we process your data based on the following legal grounds:

• Contract: Processing necessary to provide the Service
• Consent: You have given explicit consent (e.g., marketing emails)
• Legitimate Interest: Processing necessary for our business operations
• Legal Obligation: Processing required by law

You have the right to lodge a complaint with a supervisory authority in your jurisdiction.

10. CCPA Compliance (California Users)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal data we collect
• Right to know if we sell or disclose personal data
• Right to opt-out of sale of personal data (we do not sell data)
• Right to deletion
• Right to non-discrimination for exercising CCPA rights

11. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Encryption and security measures
• Compliance with data protection laws

12. Children's Privacy

The Service is not intended for users under the age of 18. We do not knowingly collect personal information from children. If we discover that we have collected data from a child, we will promptly delete it.

13. Changes to Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via:

• Email notification
• Notice on the Service
• Update to the "Last updated" date

Your continued use after changes indicates acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

15. Data Protection Officer

For GDPR-related inquiries, you may contact our Data Protection Officer at the email address above with "DPO" in the subject line.