Privacy Policy

Effective date: June 1, 2026

InvoiceToTable processes invoices and receipts for finance and support workflows. These files can contain sensitive supplier, customer, tax, and payment data, so the product is built around temporary processing rather than permanent document archiving.

Privacy-first defaults

  • Uploaded files are not used to train AI models.
  • Invoice batches are short-lived by default: free batches auto-delete after 24 hours; paid batches default to 7 days.
  • You can delete a batch anytime. Deletion removes source files, extracted fields, issues, export records, and credit reservations tied to that batch.
  • We do not sell uploaded document data.

1. Information we collect

We collect only what is needed to run the account, process documents, and maintain billing and security records.

  • Account data such as email, name, authentication sessions, and profile settings.
  • Uploaded invoice or receipt files, extracted fields, review decisions, issue status, export metadata, and batch status.
  • Credit ledger, payment status, subscription status, and transaction references.
  • Operational logs such as request timing, errors, abuse prevention signals, and security events.

2. How document data is used

Document data is used to estimate pages, extract fields, show review tables, generate exports, and help you correct or approve records.

  • We send document content to configured AI providers only for extraction.
  • We keep review traces inside the batch so you can understand why a row was approved, corrected, or ignored.
  • We do not use uploaded documents for advertising profiles or model training.

3. Retention and deletion

InvoiceToTable is not intended to be a long-term document vault. Retention windows are deliberately short.

  • Free batches: source files and batch data are scheduled for deletion after 24 hours.
  • Paid batches: source files and batch data are scheduled for deletion after 7 days by default.
  • Export records expire after 24 hours.
  • Account, payment, credit, fraud-prevention, and legal records may be kept longer where required for accounting, security, dispute handling, or law.

4. Service providers

We use service providers only to operate the product. They process data on our behalf and do not own your uploaded documents.

  • Hosting and serverless infrastructure, including Vercel.
  • PostgreSQL database infrastructure.
  • Object storage when configured for uploaded source files.
  • AI extraction providers configured for invoice and receipt parsing.
  • Payment and email providers for checkout, receipts, notifications, and account messages.

5. Security

We use account-scoped access checks, HTTPS transport, restricted server-side environment variables, and explicit batch deletion flows. No system can guarantee absolute security, but we design around data minimization and short retention.

6. Your choices

  • Delete a batch from the batch detail page when you no longer need it.
  • Export your reviewed CSV or XLSX before deletion if you need an external copy.
  • Contact us to request account-level deletion or access to personal data.
  • Use browser settings to manage cookies and tracking preferences.

7. Changes

If retention behavior, AI provider use, or deletion controls materially change, we will update this page and surface the change in the product.

8. Contact

For privacy requests, use the contact page and include the account email involved. Do not send invoice files in support messages unless we explicitly ask for a sample.