Privacy Policy
This is a draft placeholder, not reviewed legal text. Replace it with counsel-reviewed language before relying on it publicly.
What we collect
Account information you provide (name, email, a hashed password, and your timestamped acceptance of these terms); session records (IP address, browser); the financial records you enter (invoices, bills, payments, ledger entries, customer and vendor names/emails, company profile and tax identifiers); and basic usage data needed to operate the product. We run no advertising or cross-site tracking and never sell or rent your data.
Bank data via Plaid
If you connect a bank account (a forthcoming feature), we receive account details and transactions from your financial institution through Plaid Inc. — how Plaid handles your data is described in the Plaid End User Privacy Policy. We store the resulting records solely to power bank feeds and reconciliation — never for marketing — and we encrypt Plaid access credentials at the application layer on top of disk-level encryption. Connecting a bank requires two-factor authentication on your account.
How we use it
To run the product you signed up for — your books, your reports, documents you choose to send, and, if you connect one, the AI assistant you authorized. Plus what security requires: authentication, an append-only audit trail, and abuse prevention.
Who processes it for us
Vercel (hosting), a managed Postgres provider (database, encrypted at rest), Resend (transactional email), Sentry (error monitoring, scrubbed of personal data), and — once bank feeds launch — Plaid Inc. (bank connectivity).
AI assistants
If you connect Claude, ChatGPT, or another MCP-compatible assistant, it can access the parts of your books your role permits — see the Security section for exactly how that's scoped, logged, and revocable.
Retention & deletion
We keep your data for the life of your account or company. Deleting a company (Settings → Company) permanently removes all of its books via cascading deletion; deleting your account (Settings → Security) removes your profile, sessions, and connected-app tokens. Both are immediate and irreversible. Expired connector tokens are purged daily; provider backups age out on the provider's point-in-time-recovery schedule.
Your rights
Depending on where you live, you may have rights to access, correct, export, or restrict processing of your personal data. For any request — including disconnecting a linked bank account — email info@albearoti.com. We respond within 30 days.
Questions
Email info@albearoti.com. Material changes to this policy will be posted here.