InvoiceRemind

Privacy Policy

Last updated: 25 June 2025

1. Introduction

InvoiceRemind ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered accounts receivable automation service designed for Xero users in Australia and New Zealand.

This policy complies with the Australian Privacy Act 1988 and the New Zealand Privacy Act 2020.

2. Information We Collect

2.1 Information from Xero Integration

When you connect your Xero account, we collect:

  • Account Information: Your name, email address, and profile image
  • Organization Data: Company name, tenant ID, currency settings
  • Invoice Data: Invoice details, amounts, due dates, payment status, line items
  • Customer Data: Customer names, email addresses, contact details, payment history

2.2 Information You Provide

  • Organization settings and preferences
  • Email signatures and branding customizations
  • Automation settings and preferences

2.3 Automatically Collected Information

  • Usage analytics and performance data (via Vercel Analytics)
  • Session information, IP addresses, and user agent data
  • API usage patterns and sync timestamps

3. How We Use Your Information

We use your information to:

  • Provide Our Service: Generate AI-powered payment reminders and manage your accounts receivable
  • AI Processing: Analyze customer payment patterns to create personalized reminder emails
  • Email Delivery: Send payment reminders to your customers via our email service provider
  • Service Improvement: Optimize our AI algorithms and service performance
  • Customer Support: Provide technical support and respond to your inquiries
  • Compliance: Meet legal and regulatory requirements

4. Information Sharing and Third Parties

We share your information with the following third-party services to provide our functionality:

4.1 Google Gemini (AI Processing)

We send invoice details and customer payment history to Google Gemini 2.5 Flash to generate personalized payment reminder emails. Google processes this data according to their privacy policy.

4.2 Resend (Email Delivery)

We use Resend to deliver payment reminder emails to your customers. This includes customer email addresses and the content of reminder messages.

4.3 Vercel Analytics

We use Vercel Analytics to understand how our service is used and to improve performance. This includes anonymized usage and performance data.

We do not sell, rent, or trade your personal information to third parties for their commercial purposes.

5. Data Security

We implement comprehensive security measures to protect your information:

  • Encryption: All data is encrypted using bank-level 256-bit SSL encryption
  • Xero Certification: We are a Xero Certified App, meeting their security standards
  • Access Controls: Strict user authorization validation to prevent unauthorized access
  • Secure Authentication: OAuth 2.0 with PKCE for secure Xero integration
  • Data Minimization: We only collect and store data necessary for our service

6. Data Retention

We retain your information for as long as necessary to provide our service and comply with legal obligations:

  • Account Data: Retained while your account is active
  • Xero Data: Cached locally with intelligent sync to minimize API calls
  • Email History: Retained to prevent duplicate sends and provide service history
  • Session Tokens: Automatically expire according to our security policies

7. Your Privacy Rights

Under Australian and New Zealand privacy laws, you have the right to:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information
  • Portability: Request a copy of your data in a structured format
  • Withdraw Consent: Disconnect your Xero account at any time
  • Opt-out: Disable automation features through your account settings

You can revoke our access to your Xero data at any time through your Xero account settings.

8. International Data Transfers

Some of our service providers (Google Gemini, Resend, Vercel) may process your data outside of Australia and New Zealand. We ensure these transfers comply with applicable privacy laws and that adequate safeguards are in place to protect your information.

9. Cookies and Tracking

We use essential cookies for authentication and session management, and analytics cookies to understand service usage. You can control cookie preferences through your browser settings.

10. Children's Privacy

Our service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18.

11. Changes to This Privacy Policy

We reserve the right to modify, update, or replace this Privacy Policy at any time, at our sole discretion. We will notify you of any changes by updating the "Last updated" date at the top of this page.

For material changes that affect how we collect, use, or share your personal information, we may provide additional notice such as email notification or prominent notice on our website.

Your continued use of our Service after any changes to this Privacy Policy constitutes your acceptance of the updated policy. We encourage you to review this Privacy Policy periodically.

12. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

Email: [email protected]

We will respond to your privacy requests within 30 days as required by applicable privacy laws.