Privacy Policy

Last updated: October 26, 2025

At InvoiceAI, we take your privacy seriously. This Privacy Policy explains how we handle your information when you use our mobile application.

Key Point: InvoiceAI is designed with privacy at its core. Your business data (invoices, clients, products) is stored securely. We use trusted third-party services for authentication, analytics, and app functionality as detailed below.

1. Information We Collect

1.1 Account Information

When you create an account or sign in, we collect:

  • Email address: For account authentication and communication
  • Display name: If you sign in with Google
  • Profile picture: If you sign in with Google (optional)
  • User ID: A unique identifier for your account

1.2 Business Data

InvoiceAI stores your business data securely, including:

  • Invoice and estimate information
  • Client details (names, addresses, contact information)
  • Product catalog and pricing
  • Business profile information (company name, logo, address)
  • Payment tracking records
  • App settings and preferences
  • AI Assistant conversation history (optional feature)

Your business data is stored both locally on your device and securely synchronized to the cloud (if you have an account) for backup and cross-device access.

1.3 Analytics and Usage Data

We collect anonymous usage statistics to improve the app's performance and user experience:

  • Device information (type, model, Android version)
  • App version and build number
  • Feature usage patterns (which features you use most)
  • App performance metrics (loading times, errors)
  • Session duration and frequency
  • In-app interactions and navigation patterns

1.4 AI-Generated Content Reports

If you use our AI Assistant feature, you can report AI-generated responses that may be inappropriate or inaccurate. When you submit a report, we collect:

  • The AI-generated message text
  • Report category (e.g., inappropriate, inaccurate)
  • Optional user comments
  • Timestamp of the report
  • Anonymous device information

This data is used solely to improve AI response quality and content moderation. Reports are reviewed by our team to enhance the AI Assistant's accuracy and appropriateness.

1.5 Crash Reports and Diagnostics

We automatically collect crash reports and diagnostic data when the app encounters errors:

  • Stack traces and error logs
  • Device state at time of crash
  • App state and navigation history
  • Memory and performance metrics

This data helps us identify and fix bugs to improve app stability.

2. How We Use Your Information

We use the collected information for the following purposes:

2.1 Service Delivery

  • Account Management: Create and maintain your account
  • Data Synchronization: Sync your data across multiple devices
  • Authentication: Verify your identity and secure your account
  • Backup & Recovery: Provide cloud backup for your business data

2.2 App Improvement

  • Analytics: Understand how users interact with the app
  • Bug Fixes: Identify and resolve technical issues
  • Feature Development: Prioritize new features based on usage
  • Performance Optimization: Improve app speed and reliability

2.3 Communication

  • Send important updates about the app
  • Notify you about new features
  • Respond to your support requests
  • Send promotional content (only with your consent)

2.4 Legal Compliance

  • Comply with applicable laws and regulations
  • Enforce our Terms of Service
  • Protect our rights and prevent fraud

What We Don't Do:

  • We do not sell your personal or business data to third parties
  • We do not track your physical location
  • We do not access your device contacts, photos, or other apps
  • We do not share your business data with advertisers

3. Data Security

We take data security seriously and implement industry-standard measures to protect your information:

3.1 Encryption

  • In Transit: All data transmitted between your device and our servers is encrypted using TLS/SSL
  • At Rest: Your data stored in the cloud is encrypted at rest
  • Authentication: Passwords are securely hashed using industry-standard algorithms

3.2 Access Controls

  • User authentication required for all data access
  • Advanced security rules prevent unauthorized access
  • Each user can only access their own data
  • Industry-standard authentication protocols (OAuth 2.0)

3.3 Infrastructure Security

  • Data hosted on enterprise-grade secure cloud infrastructure
  • Regular security updates and patches
  • Automated backups to prevent data loss
  • DDoS protection and threat monitoring

3.4 Device Security

  • Local data protected by Android's security features
  • App uses Android Keystore for sensitive data
  • Your device's lock screen protects app access
Important: While we implement strong security measures, no system is 100% secure. We recommend using a strong password and enabling two-factor authentication when available.

4. Third-Party Services

InvoiceAI uses trusted third-party services to provide app functionality. Each service has its own privacy policy:

4.1 Google Services

We use Google's cloud infrastructure for core app functionality:

  • Authentication: User account management and secure sign-in
  • Cloud Storage: Secure data storage and synchronization
  • Analytics: Anonymous usage analytics and insights
  • Crash Reporting: Error diagnostics to improve app stability
  • Configuration: App settings and feature management

Privacy Policy: Google Privacy Policy

4.2 Google Sign-In

Users can sign in with their Google account using Google's OAuth 2.0 authentication. We only receive your email, name, and profile picture (if provided). We never have access to your Google account password.

Privacy Policy: Google Privacy Policy

4.3 Analytics Services

We use third-party analytics services to understand app usage and improve your experience:

  • Session tracking and user engagement metrics
  • Feature usage patterns and preferences
  • Performance monitoring and optimization
  • Error detection and crash reporting

These services collect anonymous data that helps us continuously improve the app.

4.4 Push Notifications

We use third-party notification services to send you:

  • Important app updates and announcements
  • Notifications about new features
  • Promotional messages (only with your consent)

You can disable push notifications at any time in your device settings.

4.5 Advertising Services

We display advertisements through third-party advertising networks:

  • Ads may be personalized based on your interests
  • Advertising identifiers (e.g., Google Advertising ID) are used
  • Ad impressions and interactions are tracked
  • Data may be shared with advertising partners

You can opt out of personalized ads in your device settings (Settings → Google → Ads → Opt out of Ads Personalization).

4.6 Google Play Billing

In-app purchases are processed through Google Play Billing:

  • We do not collect or store your payment information
  • All transactions are processed securely by Google
  • We only receive confirmation of successful purchases

Privacy Policy: Google Privacy Policy

4.7 Google Play Services

The app uses Google Play Services for core functionality:

  • App Updates: Automatic updates and version management
  • App Reviews: Collecting user ratings and feedback
  • Distribution: App delivery and updates via Google Play Store

Privacy Policy: Google Privacy Policy

4.8 PDF Sharing & Export

When you share invoices or estimates as PDFs, you may use third-party apps (email, WhatsApp, Google Drive, etc.). These services have their own privacy policies and terms of service.

4.9 AI Assistant (Optional Feature)

InvoiceAI includes an optional AI Assistant to help manage your business:

  • What it does: Answers questions about your invoices, revenue, clients, and helps create documents
  • Data processed: Your business data (invoices, clients, products) and conversation messages
  • How it works: Uses secure AI technology to analyze your data and provide intelligent responses
  • Privacy: Your data is processed securely and never shared with third parties for training or other purposes
  • User control: You can report inappropriate AI responses, and conversations can be cleared anytime

Important: The AI Assistant only accesses data you've entered into InvoiceAI. It does not access other apps, files, or personal information on your device.

4.10 Image Processing

We use industry-standard libraries to load and display images (e.g., business logos). These libraries operate entirely on your device and do not collect or transmit any data.

5. Data Sharing and Disclosure

We may share your information in the following circumstances:

5.1 Service Providers

We share data with trusted third-party service providers who help us operate the app:

  • Cloud hosting and database services
  • Authentication and security services
  • Analytics and performance monitoring
  • Push notification services
  • Advertising networks

These providers are contractually obligated to protect your data and use it only for the services they provide to us.

5.2 Legal Requirements

We may disclose your information if required by law or in response to:

  • Legal process (court orders, subpoenas)
  • Government requests
  • Protection of our rights and safety
  • Prevention of fraud or illegal activities

5.3 Business Transfers

If InvoiceAI is acquired or merged with another company, your information may be transferred to the new owners. We will notify you before your data is transferred and becomes subject to a different privacy policy.

5.4 With Your Consent

We may share your information for other purposes with your explicit consent.

5.5 Anonymous Data

We may share aggregated, anonymous data that cannot identify you personally for:

  • Industry research and reports
  • Marketing and promotional purposes
  • Partnerships and collaborations

6. Children's Privacy

InvoiceAI is intended for business use and is not designed for children under 13 (or the applicable age in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will delete it.

7. Your Privacy Rights and Choices

You have complete control over your data. Here are your rights:

7.1 Access and Portability

  • Access: View all your data within the app at any time
  • Export: Export your invoices and estimates as PDF files
  • Download: Request a copy of your data by contacting support

7.2 Correction and Updates

  • Edit: Update your account information, business profile, and data
  • Correct: Fix any inaccurate information in your account

7.3 Deletion

  • Delete Individual Items: Remove specific invoices, clients, or products
  • Delete Account: Permanently delete your account and all associated data
  • Right to be Forgotten: Request complete deletion of your data from our systems

See our Account Deletion Guide for instructions.

7.4 Marketing Communications

  • Opt-Out: Unsubscribe from promotional emails and notifications
  • Manage Preferences: Control what types of communications you receive

7.5 Analytics and Tracking

  • Disable Analytics: Opt out of usage analytics (contact support)
  • Limit Ad Tracking: Disable personalized ads in your device settings
  • Reset Advertising ID: Reset your Google Advertising ID in device settings

7.6 Push Notifications

  • Disable push notifications in your device settings
  • Manage notification preferences in app settings

8. Data Retention

We retain your data for the following periods:

8.1 Active Accounts

  • Business Data: Retained as long as your account is active
  • Account Information: Retained until you delete your account

8.2 Deleted Accounts

  • Immediate Deletion: Your business data is immediately deleted when you delete your account
  • Backup Systems: Data may persist in backup systems for up to 30 days
  • Legal Requirements: Some data may be retained longer if required by law

8.3 Analytics Data

  • Anonymous Analytics: Retained for up to 14 months
  • Crash Reports: Retained for up to 90 days

8.4 Inactive Accounts

If your account remains inactive for 24 months or longer, we may delete your account and associated data after notifying you via email.

8. Account Deletion

You have the right to delete your account and all associated data at any time. When you delete your account through the app settings, all your data is immediately and permanently removed. For detailed instructions, please visit our Account Deletion Guide.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last updated" date
  • Notifying you through the app if changes are significant

10. International Data Transfers

Your data may be transferred to and stored on servers located in different countries:

  • Primary Storage: Data is stored on secure cloud servers, which may be located in various regions
  • Data Protection: We ensure appropriate safeguards are in place for international transfers
  • Compliance: We comply with applicable data protection laws, including GDPR and CCPA

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request information about data we collect and how it's used
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt out of the sale of personal information (we do not sell your data)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise these rights, contact us at support@elfarabey.com.

12. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

  • Right of Access: Access your personal data
  • Right to Rectification: Correct inaccurate data
  • Right to Erasure: Request deletion of your data (right to be forgotten)
  • Right to Restrict Processing: Limit how we process your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing of your data
  • Right to Lodge a Complaint: File a complaint with your local data protection authority

Legal basis for processing: We process your data based on consent, contractual necessity, and legitimate interests.

13. AI Content Moderation

We take AI-generated content seriously and provide user controls to maintain quality and appropriateness:

13.1 User Reporting

  • Report Feature: You can report any AI-generated response you find inappropriate or inaccurate
  • Easy Access: Every AI message includes a "Report" button for quick feedback
  • No Exit Required: Reporting is handled entirely within the app for your convenience

13.2 How Reports are Used

  • Content Review: All reports are reviewed by our team to identify issues
  • AI Improvement: Reports help us continuously improve AI response quality
  • Pattern Detection: Multiple reports on similar issues trigger priority review
  • Content Filtering: We use reports to refine content moderation and prevent future issues

13.3 Your Safety

If you encounter any offensive, inappropriate, or concerning AI-generated content, please report it immediately. We are committed to providing a safe and professional experience for all users.

14. App Permissions

InvoiceAI may request the following Android permissions to function properly:

  • Internet: Required for cloud sync, authentication, AI Assistant, and app functionality
  • Network State: To check internet connectivity status
  • Storage: To save and share PDF invoices and documents
  • Notifications: To receive app updates and important reminders

All permissions are used solely for their stated purpose. You can manage or revoke permissions at any time in your device settings (Settings → Apps → InvoiceAI → Permissions).

15. Account Deletion

You have the right to delete your account and all associated data at any time. To learn how to delete your account:

16. Tracking Technologies

InvoiceAI uses the following technologies to provide app functionality:

  • Session Tokens: To maintain your logged-in state securely
  • Analytics SDKs: To track app usage and performance
  • Advertising IDs: For personalized ad delivery (Google Advertising ID)
  • Device Identifiers: To identify your device for sync and analytics

These technologies only collect data necessary for app functionality and do not access your personal files or information.

17. Security Incidents

In the event of a data breach or security incident:

  • We will investigate and assess the impact
  • Affected users will be notified within 72 hours
  • We will report the incident to relevant authorities as required by law
  • We will take steps to prevent future incidents

18. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us:

We typically respond to privacy inquiries within 30 days.

Summary: InvoiceAI uses trusted third-party services to provide authentication, cloud sync, analytics, notifications, advertising, and AI assistance. Your business data is encrypted and securely stored. We do not sell your data to third parties. You have full control to access, export, and delete your data at any time. The optional AI Assistant feature helps you manage your business more efficiently while maintaining your privacy.
arrow_back Back to Home