This policy explains what data CG Invoicer (“we”) collects, how we use it, and the choices you have. It is a starting template and should be reviewed for your jurisdiction.
Data you provide
- Invoice data. Seller, buyer, line items, and related fields you submit to generate an invoice.
- Account data. Your email address, used to sign you in via magic link and to identify your account.
- Usage data. Records of invoices generated (locale, timestamp, totals) for metering, quotas, and audit.
How invoice data is handled
Invoice input is processed to render your document and is ephemeral by default - we do not persist the input payload. Generated PDFs are stored only for a time-limited signed-download window (24 hours) and then expire. We may add an opt-in retained mode in the future; it will be clearly labelled.
How we use data
To provide and operate the service: generate documents, authenticate you, enforce plan limits, prevent abuse, and improve reliability. We do not sell your data.
Service providers
We rely on infrastructure subprocessors to run the service, which may include cloud hosting, object storage for generated PDFs, and an email provider for sign-in links. These providers process data only to perform services for us.
Security
Data is transmitted over encrypted connections. API keys are stored only as hashes; the full secret is shown to you once and never stored.
Your choices
You can request access to or deletion of your account data by emailing [email protected]. We use a session cookie solely to keep you signed in.
Changes
We may update this policy from time to time. Material changes will be reflected by the “last updated” date above.