Privacy Policy

1. Introduction

This Privacy Policy describes how ScribeosAI LLC ("ScribeosAI," "we," "our," or "us") collects, uses, and shares information in connection with your use of our websites, services, and applications (collectively, the "Services"). This Privacy Policy applies to all users of our Services, including those using our document processing, data extraction, and accounting platform integration features.

2. Data Collection

We collect only necessary information to deliver our Services:

a. Information You Provide

• Documents and files you upload for processing
• Account information (name, email, password) for authentication
• Business information (business type, industry, size)
• Integration credentials (securely stored using industry-standard encryption)
• Payment information (processed securely through our payment processor)
• Support communications and feedback

b. Information Collected Automatically

• Usage data (features used, processing time, document types)
• Log data (IP address, browser type, pages visited, time spent)
• Device information (operating system, hardware model, mobile network)
• Performance data to improve our services

c. QuickBooks and Accounting Platform Data

• Account connection tokens (obtained through secure OAuth processes)
• Accounting master data (chart of accounts, vendors, customers)
• Transaction data as needed for document matching and processing
• We access this data only when you explicitly connect your accounting platform and only to perform the functions you request

3. Data Use

We use collected information for the following purposes:

• Providing and maintaining the Services
• Processing and analyzing your documents
• Facilitating integration with accounting platforms
• Improving and personalizing user experience
• Communicating with you about our Services
• Ensuring security and preventing fraud
• Complying with legal obligations

We will never use your document content to train AI models without your explicit permission.

4. Data Storage & Security

All data is encrypted both in transit (using TLS 1.2+) and at rest (using AES-256 encryption). We leverage Google Cloud Platform's enterprise-grade security infrastructure located in the United States, which includes:

• TLS-secured connections for all data transfers
• Role-based access control (RBAC) for tenant data separation
• OAuth 2.0 authentication for secure third-party integrations
• Advanced network security controls and monitoring
• Continuous security updates and patching

Our security practices are consistent with GLBA requirements for protecting nonpublic personal financial information.

Data Center Location

All data is processed and stored in U.S. data centers unless otherwise required by law or customer agreement. Our primary infrastructure is hosted in Google Cloud Platform's U.S. regions, providing high availability and compliance with U.S. data regulations.

5. Data Retention

Data retention varies by account type (see our Terms of Service for full details):

• Paid subscriptions: Documents and processed data are retained as long as your account is active and in good standing
• Free / Trial accounts: Documents are retained for 90 days; upgrade to retain indefinitely
• Cancelled accounts: Data is retained for 90 days for export or reactivation, after which you will lose access and the data may be deleted
• QuickBooks and accounting data is cached only as necessary for functionality
• You may request deletion of your data at any time by contacting privacy@scribeosai.com
• Certain information may be retained as required by law

6. Third-Party Sharing

We never sell your data to third parties. Data is only shared in the following limited circumstances:

• With third-party services when necessary to provide functionality you explicitly request (such as syncing with QuickBooks or other accounting platforms)
• With service providers who assist in providing the Services (who are bound by confidentiality obligations)
• When required by law or to protect rights and safety
• In connection with a business transaction such as a merger or acquisition

7. QuickBooks Data Handling

When you connect our Services with QuickBooks:

• We access only the data necessary to perform the functions you request
• All QuickBooks credentials are secured using OAuth 2.0 (we never see or store your QuickBooks password)
• QuickBooks data is processed according to Intuit's developer guidelines
• We maintain audit logs of all QuickBooks data access
• We only store QuickBooks data as needed to provide the services you request
• We do not use QuickBooks data for training AI models or for any purposes beyond the direct services provided to you

8. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your experience. You can manage your cookie preferences through your browser settings.

9. Your Data Rights

As our customer, you can:

• Access your personal data stored in our system
• Request corrections to inaccurate personal information
• Request deletion of your account and associated data
• Request a copy of your data by contacting support
• Withdraw consent for optional data processing
• Control your communication preferences

10. Advanced Data Protection Architecture

ScribeosAI's platform is built on Google Cloud's enterprise-grade security architecture:

• Financial Data Protection: Bank-level security measures for handling sensitive accounting data with secure multi-tenant architecture and logical data isolation between customers
• Document Security and Management: Military-grade encryption (AES-256) for document storage with granular access controls and comprehensive audit logging

Data Processing Role

For financial and accounting data you upload, ScribeosAI acts as a service provider processing data on your behalf according to your instructions. You maintain control over and responsibility for the data you provide to us.

11. Data Breach Notification

In the event of a data breach affecting your information, we will notify you in accordance with our Terms of Service.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.