Privacy Policy

Effective Date: August 22, 2025

Introduction

Book-Keep.ai ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered bookkeeping service.

Information We Collect

Personal Information

  • Account Information: Name, email address, phone number, business name, and billing information
  • Authentication Data: Login credentials and multi-factor authentication settings
  • Communication Records: Support tickets, emails, and chat messages

Financial Data

  • QuickBooks Integration: Transaction data, account balances, chart of accounts, and reports
  • Bank Information: Transaction history, account details, and reconciliation data (read-only access)
  • Receipt Data: Images and extracted information from uploaded receipts
  • Business Records: Invoices, expenses, and financial reports

Technical Information

  • Usage Data: Feature usage, login times, and system interactions
  • Device Information: Browser type, IP address, and device identifiers
  • Performance Data: Error logs and system performance metrics

How We Use Your Information

Core Service Delivery

  • Process and categorize financial transactions using AI
  • Generate financial reports and insights
  • Perform automated bank and loan reconciliation
  • Provide receipt processing and expense tracking

Service Improvement

  • Enhance AI categorization accuracy through machine learning
  • Develop new features and improve existing functionality
  • Analyze usage patterns to optimize user experience
  • Conduct security monitoring and fraud prevention

Communication

  • Send service notifications and account updates
  • Provide customer support and technical assistance
  • Share important security alerts and system maintenance notices

Information Sharing and Disclosure

Third-Party Integrations

  • QuickBooks: Secure API connection for data synchronization
  • Banking Partners: Read-only access through secure banking APIs
  • Payment Processors: Billing and subscription management
  • Cloud Infrastructure: AWS/Google Cloud for secure data hosting

Legal Requirements

We may disclose your information when required by law, court order, or to:

  • Comply with legal obligations
  • Protect our rights and property
  • Prevent fraud or security threats
  • Respond to emergency situations

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity with the same privacy protections.

Data Security

Encryption and Protection

  • Data in Transit: TLS 1.3 encryption for all data transmission
  • Data at Rest: AES-256 encryption for stored data
  • Access Controls: Role-based permissions and multi-factor authentication
  • Network Security: Firewall protection and intrusion detection

Compliance Standards

  • SOC 2 Type II compliance (in progress)
  • GDPR and CCPA compliance
  • Financial industry security standards
  • Regular security audits and penetration testing

Data Retention

Active Accounts

  • Financial data retained for the duration of your subscription
  • Transaction history maintained for tax and compliance purposes
  • Account information stored while your account is active

Account Closure

  • Data deletion within 30 days of account termination (unless legally required to retain)
  • Backup data removed within 90 days
  • Anonymized usage data may be retained for service improvement

Your Rights and Choices

Access and Control

  • Data Access: Request copies of your personal information
  • Data Correction: Update or correct inaccurate information
  • Data Deletion: Request deletion of your personal data
  • Data Portability: Export your data in standard formats

Privacy Settings

  • Email Preferences: Opt-out of marketing communications
  • Data Sharing: Control which integrations can access your data
  • Account Permissions: Manage team member access levels

If you're located outside the United States, you may have additional rights under local privacy laws, including the GDPR.

Cookies and Tracking

Essential Cookies

  • Authentication and session management
  • Security and fraud prevention
  • Core functionality and user preferences

Analytics

  • Google Analytics for usage statistics (anonymized)
  • Performance monitoring and error tracking
  • Feature usage analysis for product improvement

You can control cookie settings through your browser preferences. Disabling essential cookies may impact service functionality.

Children's Privacy

Our service is not intended for users under 18. We do not knowingly collect personal information from children. If we discover we have collected information from a child, we will delete it immediately.

International Data Transfers

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place, including:

  • Standard contractual clauses
  • Adequacy decisions from relevant authorities
  • Certification schemes and codes of conduct

Changes to This Policy

We may update this Privacy Policy periodically. We will:

  • Notify you of material changes via email or service notification
  • Post the updated policy on our website with the effective date
  • Provide 30 days notice for significant changes

Contact Us

For privacy-related questions or concerns:

Email: privacy@book-keep.ai

Mail: Book-Keep.ai Privacy Office, [Address to be added]

Phone: [Phone number to be added]

Data Protection Officer

For GDPR-related inquiries: dpo@book-keep.ai

Last Updated: August 22, 2025