Privacy Policy

1. Introduction

Welcome to FinSheet AI ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our bank statement conversion service at www.finsheetai.com.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, and password when you create an account
• Payment Information: Processed securely through Stripe; we do not store credit card numbers
• Uploaded Documents: PDF bank statements you upload for conversion

2.2 Information Collected Automatically

• Usage Data: Pages visited, features used, conversion history
• Device Information: IP address, browser type, operating system
• Cookies: Session cookies for authentication and preferences

3. How We Use Your Information

We use your information to:

• Provide and maintain our conversion service
• Process your transactions and payments
• Send you service-related communications
• Improve our service and develop new features
• Detect and prevent fraud and abuse
• Comply with legal obligations

4. Data Retention

4.1 Uploaded Files

• Temporary Storage: Uploaded PDF files are automatically deleted within 24 hours
• Converted Files: Output files (Excel/CSV) are available for download for 1 hour, then deleted
• No Permanent Storage: We do not permanently store your bank statement files

4.2 Account Data

• Account information is retained while your account is active
• You may request deletion of your account and associated data at any time

4.3 Usage Logs

• Anonymized usage logs may be retained for up to 90 days for service improvement

5. Data Security

We implement appropriate security measures including:

• Encryption: All data transmitted using TLS/HTTPS
• Password Security: Passwords are hashed using bcrypt
• Access Controls: Role-based access to systems and data
• Regular Audits: Periodic security assessments

6. Data Sharing

We do NOT sell your personal information. We may share data with:

• Service Providers: Payment processors (Stripe), hosting providers
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger or acquisition

7. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data ("right to be forgotten")
• Portability: Request your data in a portable format
• Opt-out: Opt out of marketing communications

7.1 GDPR Rights (EU Users)

If you are in the European Union, you have additional rights under GDPR including:

• Right to restrict processing
• Right to object to processing
• Right to lodge a complaint with a supervisory authority

7.2 CCPA Rights (California Users)

If you are a California resident, you have rights under CCPA including:

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of the sale of personal information
• Right to non-discrimination for exercising your rights

8. International Data Transfers

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers.

9. Children's Privacy

Our service is not intended for users under 18 years of age. We do not knowingly collect data from children.

10. Third-Party Services

Our service integrates with:

• Stripe: For payment processing (Stripe Privacy Policy)

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or service notification.

12. Contact Us

For privacy-related questions or to exercise your rights, contact us at:

• Email: [email protected]
• Website: www.finsheetai.com/support

13. Data Protection Officer

If required by applicable law, our Data Protection Officer can be contacted at:

• Email: [email protected]