Privacy Policy

Privacy at a Glance

We keep things simple:

• We collect only the information we need to run the service (like your account details and financial data).
• We use it to provide bookkeeping, keep your account secure, and improve the product.
• We don’t sell your data, ever.
• We only share it when required (like to process your payment or legal compliance).
• You stay in control — you can request access, correction, or deletion of your data anytime.

1. Introduction

Devi AI LLC ("we", "us", or "our"), the developer of Bookeeping.ai, is committed to protecting the privacy of our users ("you" or "your"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered bookkeeping service.

Please note that this Privacy Policy applies specifically to Bookeeping.ai. Devi AI LLC may produce other products or services that are governed by separate privacy policies.

2. Information We Collect and Why

Information You Provide

• Account information (name, email, business details)
  Why: To create and manage your account, verify your identity, and provide access to business-specific features.

• Financial data (transactions, invoices, receipts)
  Why: To generate your books, reports, and tax-related outputs; to reconcile accounts; and to ensure compliance with accounting standards.

• Communication data (emails, support inquiries)
  Why: To respond to your requests, resolve issues, and improve customer support quality.

Information Automatically Collected

• Usage data (features used, interaction with the service)
  Why: To understand which features are most useful, improve product design, and detect potential misuse.

• Device information (IP address, browser type, device type)
  Why: To keep your account secure (fraud detection, access control) and optimize performance across devices.

• Cookies and similar tracking technologies
  Why: To keep you signed in securely, remember your preferences, and personalize services such as dashboards and reports.

---

3. How We Use Your Information and Why

• Providing and maintaining our service
  Why: Core functionality depends on processing your data so you can access automated bookkeeping and reporting.

• Improving and personalizing user experience
  Why: To make the service more intuitive and relevant based on how you use it.

• Processing transactions and sending related information
  Why: To complete payments, generate receipts, and notify you about billing and account activity.

• Responding to your requests and inquiries
  Why: To provide effective support and maintain accurate records of interactions.

• Sending administrative and marketing communications
  Why: To notify you of policy changes, service updates, or special offers you might benefit from.

• Detecting and preventing fraudulent or illegal activities
  Why: To protect you, your data, and our platform from unauthorized access or misuse.

What We Don’t Do With Your Data

• We do not sell your data to advertisers or other third parties.

• We do not share your personal or financial information without your consent, except where required by law or necessary to provide our services (e.g., payment processing, compliance).

• We do not use your data to train unrelated third-party AI models. Your prompts goes to AI with safeguards or anonymization.

• We do not access your data unless required for support, security, or regulatory reasons.

4. Data Storage and Security

4.1. Data Storage

We store user data in secure SOC2 Certified MongoDB servers, with data residency options:

• United States – Data stored in the US for US-based users by default unless choosen else
• European Union – Data stored in Belgium for the EU users by default unless choosen else
• Canada – Data stored in Canada for Canadians by default unless choosen else
• Global users – Can select any location.

User Choice: Regardless of region, users may select their preferred data residency (US, Belgium, or Canada) when they are signing up for our services. Enterprise customers may request custom storage locations subject to availability.

4.2. Data Security:

We employ robust 5 advanced security measures to protect your data. For full details of our security practices, please visit https://bookeeping.ai/en/security.

4.3. Data Breach Notification:

In the event of a data breach that affects personal data, we will notify affected users and relevant authorities within 72 hours, as required by applicable laws.

5. Data Sharing and Disclosure

We only share your information when it’s necessary and with strong safeguards in place. This includes:

• With your consent — for example, if you connect a third-party app or ask us to share data.
• With service providers — trusted partners who help us run the service (like hosting, payments, or bank integrations via Plaid). They only use your data to perform their specific role and are bound by confidentiality.
• For legal reasons — if we’re required to comply with laws, regulations, or valid legal requests.
• To protect rights and safety — when needed to prevent fraud, security threats, or misuse.
• If our business changes hands — such as a merger, acquisition, or asset sale, in which case your information remains protected under this policy.

What We Don’t Do

• We do not sell or rent your data to advertisers or marketers.
• We do not share your personal or financial data with unrelated third parties unless you ask us to or it’s required to deliver the service.

6. Your Data Protection Rights

Depending on your location, you may have rights regarding your personal data, including:

• Access to your personal data
• Correction of inaccurate or incomplete data
• Erasure of your personal data
• Restriction of processing of your personal data
• Data portability (ability to obtain a machine-readable copy of your data)
• Objection to processing of your personal data
• Withdrawal of consent (where processing is based on consent)

To exercise these rights, please contact us using the information provided at the end of this policy.

7. Data Retention and Deletion

Delete all your data anytime you want, we retain personal data as follows:

• Account Activity
  Retained as long as the account remains active.

• Financial Data (transactions, receipts, invoices)
  Users may DELETE their financial data ANYTIME from Settings → Company Settings. If no deletion request is made and the account becomes inactive, we may retain financial data for up to 7 years to comply with financial record-keeping laws and to allow users to return and continue bookkeeping from where they left off.

• Documents, Files, and Emails (files you upload, drive storage, or emails sent through our system)
  Users can delete stored content at any time from Settings → Company Settings. Retained until deleted.

• Deletion Requests
  When you delete your data or request deletion, the data is placed in a 7-day recovery window before being permanently erased. After this period, the data cannot be recovered.

8. AI Usage and Automated Decision-Making

Our service utilizes AI for various tasks. While we continually work to improve our AI systems, we cannot guarantee 100% accuracy. Users should use AI-generated results with caution and verify important information.

If an automated decision made by our AI affects financial reporting or bookkeeping results:

• Users have the right to request human intervention and review.
• AI-generated outputs are not legally binding and should not be treated as official accounting or legal advice.

9. Third-Party Services

Our service uses third-party APIs and services to offer features and functionality. We encourage you to read the privacy policies of any third-party services you use.

MongoDB

• We use SOC 2 Certified MongoDB Atlas for secure data storage.
• Your data is stored in the region corresponding to your selected data residency option during signup (US, Belgium, or Canada).
• Users outside of the USA, Canada and the EU are default to Belgium data storage but may choose an alternative during signup
• MongoDB implements various security measures, including encryption at rest and in transit.
• See MongoDB Privacy Policy.

Plaid API for Bank Connections

• We use SOC2 Certified Plaid API to enable secure bank account connections.
• Plaid is only available for users in the United States and Canada.
• We obtain transaction data through Plaid with read-only access only.
• We cannot make changes to your bank accounts or initiate transactions.
• Any issues with transactions should be addressed directly with your bank.
• See Plaid Privacy Policy.

AI-Powered Text Analysis

• We use OpenAI and Claude AI models to analyze text data.
• No user-identifying information is sent to these services.
• The data sent for analysis is limited to bookkeeping-related content.
• We do not store any user data with OpenAI.
• For more information, refer to OpenAI’s and Claude’s privacy policies.
• The files you upload are sent to process the content.

Google OCR for Receipt Processing

• We utilize Google’s Optical Character Recognition (OCR) technology to process receipt data.
• Receipt, invoices images with information are sent to Google OCR for processing temporarily.
• Extracted text is used solely for bookkeeping purposes.
• For more information, refer to Google’s privacy policy.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies for authentication, personalization, and analytics.

Users can manage or disable cookies in their browser settings. Certain features may not function properly if cookies are disabled.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

• Devi AI LLC
• 1309 Coffeen Avenue, STE 1200, Sheridan, WY 82801
• Email: [email protected]
• Live Chat: Available 24/7 on our (Contact Page)[https://bookeeping.ai/en/contact]

By using Bookeeping.ai, you confirm that you have read and understood this Privacy Policy and agree to its terms.