Privacy Policy

1. Introduction

This Privacy Policy describes how ScribeosAI LLC ("ScribeosAI," "we," "our," or "us") collects, uses, and shares information in connection with your use of our websites, services, and applications (collectively, the "Services"). This Privacy Policy applies to all users of our Services, including those using our document processing, data extraction, and accounting platform integration features.

2. Data Collection

We collect only necessary information to deliver our Services:

a. Information You Provide

• Documents and files you upload for processing
• Account information (name, email, password) for authentication
• Business information (business type, industry, size)
• Integration credentials (securely stored using industry-standard encryption)
• Payment information (processed securely through our payment processor)
• Support communications and feedback

b. Information Collected Automatically

• Usage data (features used, processing time, document types)
• Log data (IP address, browser type, pages visited, time spent)
• Device information (operating system, hardware model, mobile network)
• Performance data to improve our services

c. QuickBooks and Accounting Platform Data

• Account connection tokens (obtained through secure OAuth processes)
• Accounting master data (chart of accounts, vendors, customers)
• Transaction data as needed for document matching and processing
• We access this data only when you explicitly connect your accounting platform and only to perform the functions you request

3. Data Use

We use collected information for the following purposes:

• Providing and maintaining the Services
• Processing and analyzing your documents
• Facilitating integration with accounting platforms
• Improving and personalizing user experience
• Communicating with you about our Services
• Ensuring security and preventing fraud
• Complying with legal obligations

4. Data Storage & Security

All data is encrypted both in transit (using TLS 1.2+) and at rest (using AES-256 encryption). We leverage Google Cloud Platform's enterprise-grade security infrastructure located in the United States, which includes:

• TLS-secured connections for all data transfers
• Role-based access control (RBAC) for tenant data separation
• OAuth 2.0 authentication for secure third-party integrations
• Advanced network security controls and monitoring
• Continuous security updates and patching

Data Center Location

All data is processed and stored in U.S. data centers unless otherwise required by law or customer agreement. Our primary infrastructure is hosted in Google Cloud Platform's U.S. regions, providing high availability and compliance with U.S. data regulations.

5. Data Retention

You control how long your data is retained:

• Account information is retained until you delete your account
• Documents are retained according to your configuration settings
• QuickBooks and accounting data is cached only as necessary for functionality
• We do not impose arbitrary retention limits
• You may request deletion of your data at any time by contacting us
• Certain information may be retained as required by law or for legitimate business purposes

6. Third-Party Sharing

We never sell your data to third parties. Data is only shared in the following limited circumstances:

• With third-party services when necessary to provide functionality you explicitly request (such as syncing with QuickBooks or other accounting platforms)
• With service providers who assist in providing the Services (who are bound by confidentiality obligations)
• When required by law or to protect rights and safety
• In connection with a business transaction such as a merger or acquisition

7. QuickBooks Data Handling

When you connect our Services with QuickBooks:

• We access only the data necessary to perform the functions you request
• All QuickBooks credentials are secured using OAuth 2.0 (we never see or store your QuickBooks password)
• QuickBooks data is processed according to Intuit's developer guidelines
• We maintain audit logs of all QuickBooks data access
• We only store QuickBooks data as needed to provide the services you request
• We do not use QuickBooks data for training AI models or for any purposes beyond the direct services provided to you

8. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your experience. You can manage your cookie preferences through your browser settings.

9. Your Data Rights

As our customer, you can:

• Access your personal data stored in our system
• Request corrections to inaccurate personal information
• Request deletion of your account and associated data
• Download your data in standard formats
• Withdraw consent for optional data processing
• Control your communication preferences

10. Advanced Data Protection Architecture

ScribeosAI's platform is built on Google Cloud's enterprise-grade security architecture:

• Financial Data Protection: Bank-level security measures for handling sensitive accounting data with secure multi-tenant architecture and logical data isolation between customers
• Document Security and Management: Military-grade encryption (AES-256) for document storage with granular access controls and comprehensive audit logging

Data Processing Role

We are not a "data controller" for any financial or accounting data processed; we act as a "data processor" on your behalf under applicable data-protection laws. This means that while we process your data according to your instructions, you maintain control over and responsibility for the data you provide to us.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.