Privacy Policy

Last updated: January 29, 2025

1. Introduction

Invoicent respects your privacy. This Privacy Policy explains how we collect, use, process, and disclose personal data when you use our invoicing SaaS application (the “Service”). It also describes your rights under the General Data Protection Regulation (GDPR) and other relevant laws in Poland and the EU.

By using the Service, you agree to the terms of this Privacy Policy. If you do not agree with the practices described in this policy, please do not use our Service.

2. Data Controller

Invoicent, with its registered address at [Your Address] in Poland, is the “data controller” of your personal data for the purposes of GDPR. This means we determine the purposes and means of processing your personal data when you use our Service.

3. Data We Collect

We collect different types of information about you and your customers (if applicable), including:

  • Account Information: When you register or update your account, we collect details such as your name, email address, company name, billing information, and other relevant contact details.
  • Invoice Details: Information you input into the Service about your customers, including names, addresses, email addresses, payment information, and other invoice-related details.
  • Payment Information: We use Stripe as a third-party payment processor. Stripe may collect certain financial information, such as credit card numbers, billing addresses, and transaction amounts. We do not store credit card numbers on our servers.
  • Usage Data: We may collect data about how you use our Service, such as the pages you visit, the features you access, and any actions taken (e.g., invoice creation).
  • Cookies and Similar Technologies: We use cookies or similar technologies to recognize you when you visit our website, remember your preferences, and enhance your user experience. For more information, see Section 8: Cookies and Tracking Technologies.

4. Legal Basis for Processing

Under GDPR, we process your personal data under the following legal bases:

  • Contractual Necessity: We process data necessary to provide the Service you have requested (e.g., to manage your account, generate invoices, process payments).
  • Legitimate Interests: We may process data for our legitimate interests, such as improving and securing our Service, fraud prevention, or internal analytics.
  • Legal Obligations: We may need to process data to comply with legal or regulatory requirements, such as financial reporting or tax obligations.
  • Consent: We will seek your consent for certain types of data processing where legally required (e.g., certain marketing communications, certain cookies).

5. How We Use Your Data

We use the collected data for the following purposes:

  • To Provide and Maintain the Service: Creating and managing user accounts, generating and sending invoices, facilitating payments via Stripe, and delivering customer support.
  • To Improve the Service: Diagnosing technical issues, optimizing performance, and personalizing user experiences.
  • To Communicate with You: Sending service-related emails (e.g., confirmations, updates, security alerts). With your consent, we may send you marketing communications, which you can opt out of at any time.
  • To Comply with Laws: Meeting our legal obligations in Poland and the EU, for example, in accounting or taxation.

6. Data Sharing and Transfers

We may share your personal data under the following circumstances:

  • Third-Party Processors: We use trusted third parties (e.g., hosting providers, analytics services, and payment processors like Stripe) to process data on our behalf. These parties are contractually obligated to protect your data and use it only as instructed by us.
  • Legal Compliance: We may disclose data if required by law, court order, or if necessary to protect our rights, property, or safety (or that of others).
  • Business Transfers: If we are involved in a merger, acquisition, or sale of all or a portion of our assets, personal data may be transferred as part of that transaction.

If any transfer of data outside the European Economic Area (EEA) occurs, we ensure such transfers comply with GDPR, using mechanisms like the Standard Contractual Clauses or other lawful transfer methods.

7. Data Retention

We keep your data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal, tax, or accounting obligations. After this period, we securely delete or anonymize your data.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Remember user preferences (e.g., language settings)
  • Authenticate users to ensure secure access to the Service
  • Analyze user behavior to improve our Service

You can control cookies through your browser settings. Disabling cookies may limit your ability to use certain features of our Service.

9. Your Rights Under GDPR

Under GDPR and other applicable laws, you have the right to:

  • Access: Request a copy of your personal data and information on how we process it.
  • Rectification: Have inaccurate or incomplete data corrected.
  • Erasure: Request the deletion of your personal data under certain conditions.
  • Restriction of Processing: Ask us to restrict the processing of your personal data under certain circumstances.
  • Data Portability: Receive your personal data in a structured, commonly used, and machine-readable format.
  • Object: Object to the processing of your personal data, including for direct marketing.
  • Withdraw Consent: Where processing is based on consent, you can withdraw it at any time.

To exercise these rights, please contact us at support@invoicent.com. We will respond to your request in accordance with GDPR timelines.

10. Security Measures

We implement technical and organizational measures to protect your data from unauthorized access, loss, or destruction. Despite our efforts, no security system is impenetrable. We urge you to keep your login credentials confidential and to notify us immediately if you suspect any unauthorized access to your account.

11. Children’s Privacy

Our Service is not directed to individuals under the age of 16 (or other minimum age in your jurisdiction). We do not knowingly collect personal data from children. If you become aware of a child providing us with personal data, please contact us so we can take steps to delete such data.

12. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. When we do, we will revise the “Last Updated” date at the top. We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us at:
support@invoicent.com

If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.

We use cookies

We use cookies to ensure you get the best experience on our website. For more information on how we use cookies, please see our cookie policy.

By clicking "Accept", you agree to our use of cookies.
Learn more.