Privacy Policy

Effective: January 1, 2023

Last Updated: May 15, 2023

1. Introduction

This Privacy Policy explains how Jeno-Tech Solutions ("we", "us", or "our") collects, uses, and protects your personal data when you use IziInvoice ("Service"). We comply with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

By using our Service, you consent to the data practices described in this policy. For questions, contact us at privacy@iziinvoice.com.

2. Data We Collect

2.1 Personal Data

When you register and use our Service, we collect:

  • Account Information: Name, email, business details, VAT number
  • Payment Data: Billing address, payment method (processed by Paystack)
  • Invoicing Data: Client details, transaction records, invoice content
  • Technical Data: IP address, device information, usage patterns

2.2 Legal Basis for Processing

We process your data based on:

  • Contractual necessity (Article 6(1)(b) GDPR)
  • Legal obligations (Article 6(1)(c) GDPR)
  • Legitimate interests (Article 6(1)(f) GDPR)

3. How We Use Your Data

  • To provide and maintain our Service
  • To process invoices and payments
  • To ensure tax compliance (VAT, PEPPOL requirements)
  • To improve and personalize user experience
  • To communicate service updates
  • To prevent fraud and ensure security

4. Data Sharing & Transfers

4.1 Third Parties

We only share data with:

  • Payment Processors: Paystack (for payment transactions)
  • PEPPOL Network: When transmitting e-invoices (if enabled)
  • Service Providers: Hosting, analytics, customer support

4.2 International Transfers

Data is primarily processed in the EU (AWS Frankfurt). Any transfers outside the EEA use GDPR-approved safeguards like Standard Contractual Clauses.

5. Data Security & Retention

5.1 Security Measures

  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Regular security audits and penetration testing
  • Role-based access controls
  • Two-factor authentication for admin access

5.2 Data Retention

We retain data:

  • Active accounts: Until deletion request
  • Invoices: 10 years (for tax compliance)
  • Payment records: 7 years (financial regulations)

6. Your Rights Under GDPR

As an EU/EEA resident, you have:

  • Right to Access: Request copies of your data (Article 15)
  • Right to Rectification: Correct inaccurate data (Article 16)
  • Right to Erasure: Request deletion under certain conditions (Article 17)
  • Right to Restriction: Limit processing (Article 18)
  • Right to Data Portability: Receive your data in machine-readable format (Article 20)
  • Right to Object: Object to certain processing (Article 21)

To exercise these rights, contact us at privacy@iziinvoice.com. We respond within 30 days.

7. Cookies & Tracking

We use:

  • Essential Cookies: For core functionality (always active)
  • Analytics Cookies: Google Analytics (with IP anonymization)
  • Preference Cookies: Remember user settings

You can manage preferences via our Cookie Settings.

8. Contact Information

For privacy-related inquiries:

  • 📧privacy@iziinvoice.com
  • 📞+254 700 123456 (Data Protection Officer)
  • 🏢Jeno-Tech Solutions, Attn: Privacy Team, P.O. Box 12345, Nairobi, Kenya

This policy may be updated periodically. We'll notify users of significant changes. The current version always available at iziinvoice.com/privacy.