← Back to Invoice Parser

Privacy Policy

Last updated: June 2026

Data We Collect

When you upload an invoice, we process the file to extract structured data. The extracted text and parsed data are stored in our database. The original file bytes are discarded after processing — only the text, parsed JSON, and a file hash are retained.

When you register an account, we store your email address and a bcrypt-hashed password. We never store plaintext passwords.

How We Use Your Data

Your invoice data is used solely to provide the parsing service. We do not sell, share, or use your invoice data for training AI models.

Data Retention

Uploaded invoice records are automatically deleted 90 days after upload. You can manually delete individual invoices or delete your account to remove all data immediately.

Security

Passwords are hashed with bcrypt. Session tokens are stored as SHA-256 hashes. TOTP secrets are encrypted at rest with Fernet (AES-128-CBC). All communication should use HTTPS in production.

Third-Party Services

We send invoice text to a third-party AI provider for data extraction. The provider receives only the extracted text, not your identity. You can configure which provider to use.

Contact

For privacy questions, please open an issue on our project repository.