Privacy Policy

1. Introduction

HandyInvoice ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service at handyinvoice.biz.

By using HandyInvoice, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, do not use the Service.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when using the Service:

• Account Information: Name, business name, email address, phone number
• Payment Information: Billing address, payment method details (processed securely by Paddle and Stripe)
• Customer Data: Customer names, email addresses, phone numbers, and other information you include in invoices
• Invoice Content: Hours worked, services provided, materials used, amounts charged
• Voice Recordings: Audio recordings when you use our phone service to create invoices
• Messages: SMS and WhatsApp messages sent to and from our Service
• Photos: Images you attach to invoices via MMS or WhatsApp

2.2 Information Automatically Collected

When you use the Service, we automatically collect:

• Usage Data: Pages visited, features used, actions taken, time spent
• Device Information: IP address, browser type, operating system, device identifiers
• Location Data: Approximate location based on IP address
• Cookies: We use cookies and similar technologies to recognize you and track your usage
• Call Metadata: Call duration, time, phone numbers (for voice service)
• API Logs: API requests, timestamps, response codes

2.3 Information from Third Parties

We receive information from our service partners:

• Clerk: Authentication and user identity verification
• Paddle: Subscription billing and payment status
• Stripe: Payment processing for your customers
• Twilio: Phone call and message delivery status
• Deepgram: Voice transcription data

3. How We Use Your Information

We use the information we collect to:

3.1 Provide the Service

• Create and manage your account
• Process voice recordings into invoices using AI
• Generate and send PDF invoices to your customers
• Track invoice payments and send reminders
• Process customer payments through Stripe
• Respond to SMS and WhatsApp commands
• Display your data in the web dashboard
• Provide customer support

3.2 Billing and Payments

• Process subscription payments through Paddle
• Track usage and calculate overage charges
• Send billing notifications and receipts
• Detect and prevent fraud

3.3 Communications

• Send transactional messages (invoice confirmations, payment notifications)
• Send service updates and announcements
• Respond to your inquiries and support requests
• Send marketing communications (with your consent, opt-out available)

3.4 Improve the Service

• Analyze usage patterns to improve features
• Train AI models to better extract invoice data from voice
• Monitor performance and fix bugs
• Conduct research and development

3.5 Legal and Security

• Comply with legal obligations
• Enforce our Terms of Service
• Detect and prevent fraud, abuse, and security threats
• Protect the rights and safety of HandyInvoice and our users

4. How We Share Your Information

We do not sell your personal information. We share your information only in the following circumstances:

4.1 Service Providers

We share information with trusted third-party service providers who help us operate the Service:

• Cloudflare: Hosting, database, and content delivery
• Twilio: Voice calls, SMS, and WhatsApp messaging
• Deepgram: Voice transcription
• Anthropic (Claude): AI-powered invoice data extraction
• Clerk: Authentication and user management
• Paddle: Subscription billing
• Stripe: Payment processing
• Resend: Transactional email delivery
• Sentry: Error tracking and monitoring

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Your Customers

When you send an invoice, we share the invoice content (your business name, services, amounts) with your customer via email, SMS, or WhatsApp as you direct.

4.3 Legal Requirements

We may disclose your information if required by law or in response to:

• Valid legal process (subpoena, court order, warrant)
• Government or regulatory requests
• Protection of our rights, property, or safety
• Detection and prevention of fraud or security issues

4.4 Business Transfers

If HandyInvoice is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information is transferred and becomes subject to a different privacy policy.

4.5 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

5. Data Retention

We retain your information for as long as necessary to provide the Service and comply with legal obligations:

• Active Accounts: We retain your data while your account is active
• Canceled Accounts: Data is retained for 30 days after cancellation, then permanently deleted
• Voice Recordings: Deleted after successful transcription (typically within 24 hours)
• Invoices: Retained for 7 years for tax and legal purposes (unless you request deletion)
• Payment Records: Retained for 7 years as required by law
• Support Communications: Retained for 3 years
• Logs: Retained for 90 days for security and debugging

6. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: All data is encrypted in transit (TLS/SSL) and at rest
• Access Controls: Strict access controls limit who can view your data
• Authentication: Multi-factor authentication available for your account
• Monitoring: Continuous monitoring for security threats and anomalies
• Regular Audits: Periodic security assessments and penetration testing
• Vendor Security: All third-party providers meet high security standards

However, no system is 100% secure. We cannot guarantee absolute security of your information.

7. Your Rights and Choices

7.1 Access and Update

You can access and update your account information through the web dashboard or by contacting support@handyinvoice.biz.

7.2 Data Portability

You can export your data (invoices, customers) in CSV format from the dashboard at any time.

7.3 Deletion

You can request deletion of your account and data by:

• Canceling your subscription from the dashboard
• Contacting support@handyinvoice.biz

Note: We may retain certain information as required by law (e.g., payment records for tax purposes).

7.4 Marketing Opt-Out

You can opt out of marketing emails by clicking "unsubscribe" in any marketing email or by adjusting your preferences in the dashboard. You cannot opt out of transactional emails necessary for the Service.

7.5 SMS/WhatsApp Opt-Out

You can stop receiving SMS messages by replying STOP. You can stop WhatsApp messages by blocking the number. Note: This will prevent you from using those channels to create invoices.

7.6 Cookies

You can control cookies through your browser settings. Disabling cookies may limit some features of the Service.

8. European Users (GDPR)

If you are in the European Economic Area (EEA), you have additional rights under GDPR:

8.1 Legal Basis for Processing

We process your data based on:

• Contract: To provide the Service you subscribed to
• Consent: When you provide explicit consent (e.g., marketing)
• Legitimate Interest: To improve the Service and prevent fraud
• Legal Obligation: To comply with applicable laws

8.2 Your GDPR Rights

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate data
• Right to Erasure: Request deletion of your data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interest
• Right to Withdraw Consent: Withdraw consent at any time
• Right to Lodge a Complaint: File a complaint with your data protection authority

To exercise these rights, contact privacy@handyinvoice.biz.

8.3 Data Transfers

Your data may be transferred to and processed in the United States and other countries. We ensure appropriate safeguards are in place for international transfers.

9. California Users (CCPA)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request details about the personal information we collect
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of the "sale" of your information (we do not sell data)
• Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise these rights, contact privacy@handyinvoice.biz or call 1-XXX-XXX-XXXX.

10. Children's Privacy

HandyInvoice is not intended for users under 18 years old. We do not knowingly collect information from children. If we discover we have collected information from a child, we will delete it immediately.

11. Voice and Message Recording

Important: When you call our phone service or send voice messages via WhatsApp:

• Calls may be recorded for transcription purposes
• Recordings are processed by Deepgram for speech-to-text conversion
• Recordings are automatically deleted after successful transcription (within 24 hours)
• Transcripts are retained as part of your invoice records

By using the voice service, you consent to this recording and processing.

12. AI and Machine Learning

We use AI (Claude by Anthropic) to extract structured data from your voice transcripts and text messages. This processing:

• Happens in real-time when you create an invoice
• May involve sending your transcript to Anthropic's API
• Is used solely to populate invoice fields (customer, hours, materials, etc.)
• May be used in aggregate (anonymized) to improve our AI models

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the new policy on this page
• Updating the "Last updated" date
• Sending you an email notification
• Displaying a notice in the dashboard

Your continued use of the Service after changes constitutes acceptance of the updated policy.

14. International Users

HandyInvoice is based in the United States. If you access the Service from outside the U.S., your information will be transferred to and processed in the U.S., which may have different data protection laws than your country.

15. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

• Email: privacy@handyinvoice.biz
• Support: support@handyinvoice.biz
• Website: https://handyinvoice.biz
• Mail: [Your Business Address]

16. Data Protection Officer

For EU residents, you can contact our Data Protection Officer at dpo@handyinvoice.biz for any GDPR-related inquiries.