Privacy Policy

1. Information We Collect

Invoice-Gen.Net collects only the information necessary to provide and secure our invoicing, client ledger, and transaction record services.

• Account Credentials: Name, business name, and email address collected during account creation via Supabase Auth.
• Workspace & Invoicing Data: Client contact cards, client billing addresses, hourly rates, taxes, discounts, and historical ledger entries.
• Technical Logs: Device type, IP addresses, browser version, and session data processed for cybersecurity monitoring and service performance.

2. How We Secure and Isolate Data

We take data isolation seriously. We enforce database-level PostgreSQL Row-Level Security (RLS) policies. Every query sent to our databases is automatically checked for session authorization, ensuring that one business owner can never query or view another user's invoice ledger or client database under any circumstances.

Data is encrypted in transit using TLS 1.3 and at rest using AES-256 standard encryption algorithms.

3. Third-Party Services and Payments

We partner with Stripe Inc. for online credit card and ACH payment processing. When you upgrade your account or use checkout options, your billing credentials, card numbers, and bank account pins are processed directly by Stripe. Invoice-Gen.Net never accesses, processes, or stores your raw financial security keys.

4. Data Ownership & Portability

You retain 100% ownership of all business registers, client contact catalogs, and billing ledgers compiled in your workspace. You have the right to download your entire directory database in standard JSON or CSV formats at any time. We do not charge fees or place artificial barriers on data exports.

5. GDPR & Compliance Disclosures

For users residing in the European Economic Area (EEA), we act as both data controller for account metrics and data processor for client records. You retain the right to:

• Request access to your stored files.
• Correct any inaccurate contact sheets.
• Request deletion of your entire account directory ("Right to be Forgotten").

6. Changes to This Policy

We may update this privacy statement as our software features expand. Active users will be notified of major policy adjustments via email or visible announcement indicators inside the workspace.