Introduction
Flowbooks ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered invoice processing platform. By using the Service, you agree to the collection and use of information as described here.
Information We Collect
Information You Provide
- Account Information: Name, email address, company name, industry
- Invoice Data: Vendor names, amounts, line items, PO numbers, dates, and other invoice content you upload
- Payment Information: Processed securely through Stripe โ we never store credit card details
- Communications: Support requests, feedback, and correspondence
Information Collected Automatically
- Usage Data: Pages viewed, features used, time spent, actions taken
- Device Information: Browser type, IP address, operating system
- Cookies: Session cookies for authentication and core functionality
How We Use Your Information
We use your information to:
- Provide the Service: Process invoices, extract data, enable integrations
- Improve the Platform: Analyze usage patterns and develop new features
- Communicate: Send transactional notifications, support responses, and service updates
- Security: Detect fraud, prevent abuse, and maintain platform security
- Legal Compliance: Meet regulatory obligations and respond to lawful requests
AI Processing
๐ค How AI is used: Your invoice data is processed by Claude AI (Anthropic) solely to extract structured data fields. AI models do not retain your data after processing, and we do not use your data to train AI models.
- Extraction is performed for your benefit โ to reduce manual data entry
- All extracted data is encrypted in transit and at rest
- You remain responsible for reviewing and approving all extracted data
Data Storage & Retention
- Invoice data stored securely in Supabase (AWS-hosted infrastructure)
- Files stored encrypted in Supabase Storage
- Active accounts: data retained indefinitely while account is active
- Cancelled accounts: data available for export for 30 days, then permanently deleted
- Database backups retained for disaster recovery purposes
Data Sharing
We do not sell your data. We share data only with the following service providers necessary to operate the platform:
- Anthropic (Claude AI): Invoice data extraction
- Supabase: Database and file storage
- Postmark: Transactional email delivery
- Stripe: Payment processing
- Render: Application hosting
We may also disclose information if required by law, court order, or to protect the rights, property, or safety of Flowbooks, our users, or others.
Your Rights
Access and Control
- Access: Request a copy of your data
- Correction: Update inaccurate information via your account settings
- Deletion: Request account and data deletion by contacting us
- Export: Download your invoice data in CSV format at any time
- Opt-Out: Unsubscribe from marketing emails via the unsubscribe link
To exercise any of these rights, contact us at support@flowbooks.ai.
Data Security
- Encryption: TLS for data in transit, AES-256 for data at rest
- Authentication: Secure password hashing and session tokens
- Access Controls: Role-based permissions and least-privilege access
- Monitoring: Activity logs and anomaly detection
No system is perfectly secure. While we use industry-standard measures to protect your data, we cannot guarantee absolute security. You use the Service at your own risk.
Cookies
We use essential cookies required for authentication and functionality. We may use anonymous analytics cookies to understand usage patterns. You can disable cookies in your browser, but this may limit some functionality.
International Transfers
Your data may be processed in countries outside your own, including the United States. By using the Service, you consent to this transfer. We ensure appropriate safeguards are in place through data processing agreements with our service providers.
California Residents (CCPA)
California residents have the right to know what personal information is collected, request deletion, and opt out of the sale of personal information. We do not sell personal information. To exercise your rights, contact support@flowbooks.ai.
European Residents (GDPR)
If you are located in the European Economic Area, you have rights including access, rectification, erasure, data portability, and the right to object to processing. Our legal basis for processing is the performance of our contract with you and our legitimate interests. Contact support@flowbooks.ai to exercise your rights.
Children's Privacy
Flowbooks is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, contact us immediately.
Changes to This Policy
We may update this Privacy Policy periodically. Material changes will be communicated via email or in-app notice with an updated effective date. Continued use of the Service after changes constitutes your acceptance.
Contact
For privacy questions or to exercise your rights, contact us at support@flowbooks.ai or visit flowbooks.ai.