Privacy policy

When you upload a bank statement and a reference file, we process them to extract transactions and calculate matching results. We do not sell your data.

The data you upload is processed securely using encryption in transit (HTTPS/TLS). Our systems are designed to handle sensitive financial information with care, following industry best practices for data protection.

By default, uploaded files are deleted after processing. Results may be stored temporarily to render your match screen and exports. If you need longer retention, use the API and configure retention in your account.

You have full control over your data retention preferences. Through your account settings or API configuration, you can specify how long we should retain your files and results. You can also delete your data at any time.

We collect the following types of information:

• Account Information: Email address, name, and authentication credentials
• Usage Data: Upload history, matching statistics, and API usage
• Payment Information: Billing details processed through secure payment providers
• Technical Data: IP address, browser type, and device information

We use your information to:

• Provide and maintain the Service
• Process your uploads and generate matching results
• Send important service notifications and updates
• Improve our algorithms and service quality
• Respond to support requests
• Prevent fraud and ensure security

We use standard security practices (encryption in transit, least-privilege access, and audit logs).

Our security measures include:

• TLS/SSL encryption for all data in transit
• Encryption at rest for stored files
• Regular security audits and penetration testing
• Role-based access controls (RBAC)
• Comprehensive audit logging
• Secure authentication with MFA support

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

• Service Providers: Third-party vendors who help us operate the Service (e.g., hosting, payment processing)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets

All third-party service providers are contractually obligated to protect your data and use it only for authorized purposes.

Depending on your location, you may have the following rights regarding your data:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your data
• Portability: Export your data in a machine-readable format
• Opt-out: Unsubscribe from marketing communications

To exercise these rights, please contact us using the information below.

If you are located in the European Economic Area (EEA), we process your data in accordance with the General Data Protection Regulation (GDPR). Our legal basis for processing includes:

• Contract performance: Processing necessary to provide the Service
• Legitimate interests: Improving and securing the Service
• Consent: When you explicitly opt-in to optional features

We use cookies and similar technologies to maintain sessions, remember preferences, and analyze usage patterns. You can control cookies through your browser settings. Essential cookies are necessary for the Service to function properly.

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission, to protect your data during international transfers.

The Service is not intended for users under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, please contact us immediately.

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a prominent notice on the Service. Your continued use after changes indicates acceptance of the updated policy.

For privacy questions, contact us via the Contact page.

Email: privacy@bankstatementmatcher.com