1. Scope of This Policy

This Privacy Policy applies to:

• Web and mobile applications
• APIs, integrations, and related services
• Users operating globally, including those in the United Arab Emirates (UAE)

This Policy should be read together with our Terms & Conditions.

2. Information We Collect

2.1 Information You Provide

We may collect the following information directly from you:

• Business name, address, trade license details
• Contact details (name, email, phone number)
• Login credentials (encrypted)
• Accounting data, including:
• Invoices, payments, journal entries
• Customer and vendor records
• Tax and VAT-related data
• Support requests and communications

2.2 Information Collected Automatically

When you use the Service, we may collect:

• IP address
• Device and browser information
• Log files and usage activity
• Date, time, and feature usage metrics

This data is used for security, performance monitoring, and service improvement.

3. Customer Data Ownership

• You retain full ownership of all accounting and financial data you upload or generate ("Customer Data").
• We process Customer Data only to provide and improve the Service.
• We do not sell or monetize Customer Data.

4. How We Use Information

We use collected information to:

• Provide, operate, and maintain the Service
• Generate accounting reports and financial records
• Process subscriptions and billing
• Communicate service updates and security notices
• Respond to support requests
• Improve system performance and reliability
• Comply with legal and regulatory obligations

5. Legal Basis for Processing (UAE PDPL)

For users subject to UAE Federal Decree-Law No. 45 of 2021 (PDPL), we process personal data based on:

• Performance of a contract
• Legal and regulatory obligations
• Legitimate business interests
• User consent, where required

6. VAT & Regulatory Data

Where applicable, the Service may process VAT-related data for reporting purposes.

• We do not submit VAT returns on your behalf unless explicitly agreed
• VAT reports are generated based solely on User-provided inputs
• Users remain responsible for VAT accuracy and compliance with the Federal Tax Authority (FTA)

7. Data Sharing & Disclosure

We may share data only in the following circumstances:

7.1 Service Providers

With trusted third parties who assist us in:

• Cloud hosting
• Payment processing
• Analytics and monitoring
• Customer support

All such providers are bound by confidentiality and data protection obligations.

7.2 Legal Requirements

We may disclose information where required by:

• UAE courts or regulatory authorities
• Applicable laws, regulations, or legal processes
• Law enforcement agencies

7.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, Customer Data may be transferred subject to confidentiality safeguards.

8. Data Hosting & Cross-Border Transfers

• Customer Data may be stored on secure cloud servers located inside or outside the UAE.
• Where data is transferred outside the UAE, we ensure:
• Adequate protection measures
• Compliance with UAE PDPL cross-border transfer requirements
• Encryption and access controls
• If your business requires UAE-only data residency, this must be confirmed under your selected subscription plan.

9. Data Security

We implement reasonable administrative, technical, and physical safeguards, including:

• Encryption of data in transit and at rest
• Role-based access control
• Secure authentication mechanisms
• Regular security monitoring

However, no system is completely secure, and we cannot guarantee absolute security.

10. Data Retention

• Customer Data is retained for the duration of your account.
• Upon account termination, data may be retained for a limited period to comply with:
• Legal obligations
• Backup and recovery requirements
• Users are responsible for exporting their data prior to account deletion.

11. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access your personal data
• Request correction or updates
• Request deletion, subject to legal obligations
• Object to or restrict processing
• Withdraw consent, where applicable

Requests can be made via the contact details below.

12. Cookies & Tracking

We may use cookies or similar technologies to:

• Maintain session security
• Improve user experience
• Analyze usage trends

You may control cookies through your browser settings.

13. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Updates will be posted within the Service or on our website. Continued use of the Service constitutes acceptance of the updated Policy.