Data & Privacy Policy

This Data & Privacy Policy (hereinafter as “Privacy Policy”) are subject to Terms of Use. Unless specified otherwise in this Privacy Policy the terms used in this Privacy Policy shall have the same meaning as in the TOU.

Our Data & Privacy Policy describe in detail how all information about you is gathered and processed. As a User of our Service or a visitor to our website, the security of your personal data is our primary focus. To continue using our Service as a User you will need to accept our TOU, agree to our Data Protection Agreement and agree with our Privacy Policy which provide all details on how your data is gathered, processed, and protected.

Definitions

This policy informs you which of your data and personal data is collected and processed when you visit our website, use our web application or any other services offered, how we use your data and personal data and what rights you have regarding the use of your personal data. This privacy also applies for the access and use of the mobile apps as well as the other available services.



We collect and process some data which are necessary for a proper use of the Service. Some of these data might be personal data which could identify you as a live person and which are subject to Data Protection Legislation and GDPR.



We collect and process data:


When you use the Service and its features we collect data about how you use the Service such as:


We also collect data about you from third parties and we may combine these data with data we have about you such as



We may, throughout your use of the Service, collect and process some of your data. We will obtain and process these data through technical means and processes in such a way that it will not be able under any circumstances assign them to your User account or to you. Such data are thus fully anonymous.

We generally use, process and store data including personal data that you provided to us and that we collect to:

We may also process, review, scan and/or analyse your communications with us for fraud prevention, risk assessment, regulatory compliance, investigation, product development, research and customer support purposes and other similar purposes. You consent and agree that we may process, review, scan and/or analyse your communications with us for these purposes.



Some data you provide to us in your User account may be personal data. Personal data are provided by you freely and you are responsible to maintain them accurate, true and complete. You may review, update, or delete the personal data in your User account by logging into your User account and reviewing your account settings and profile.

If you provide personal data of other persons to us (for example your authorized personal data of users or your client data) you warrant and guarantee that you are entitled to do so and that you have legal basis for such action.



We only share personal data with others when it is legally permitted to do so. When We share your personal data with others, it puts contractual arrangements and security mechanisms in place to protect the personal data shared and to comply with data protection, confidentiality and security standards and other obligations. 

When processing your personal data, We may need to share it with third parties, as set out in the below. This list is non-exhaustive and there may be circumstances where we need to share personal data with other third parties:

We may share your personal data with third parties who support us in providing our Service and help provide, run, and manage our internal IT systems. Such third parties may also include, for example, providers of information technology, cloud-based software-as-a-service providers, identity management, website design, hosting and management, data analysis, data back-up, security, and storage services.

We may need to share certain personal data with the payment service provider and the relevant financial institution to handle payments from you and to you. We may furthermore share data with relevant financial institutions, if we consider it strictly necessary for fraud detection and prevention purposes.

We may share personal data with professional services firms who advise and assist Us in relation to the lawful and effective management of Our  organisation and in relation to any disputes We may become involved in.

We share personal data with third party advertising partners when you use our Service. This data is used to provide you with, and measure the effectiveness of, online advertising and for other advertising related activities.

We may share personal data with specialist suppliers who assist us in managing our marketing database and sending out email marketing communications.

We disclose personal data to law enforcement insofar as it is required by law or is strictly necessary for the prevention, detection or prosecution of criminal acts and fraud. We may need to further disclose data to competent authorities to protect and defend our rights or properties, or the rights and properties of its business partners.

We may use service providers to process data including your personal data on its behalf. Third party service providers process personal data only according to Our instructions, under biding legal agreement, are bound by confidentiality clauses and are not allowed to use your personal data for other purposes.

We store and processes your personal data in the European Economic Area (“EEA”) using these companies:

Processing and storing personal data outside EEA is made in compliance with applicable Data Protection Laws in these companies:


We also share persona data with The team.blue Group, consisting of several brands and subsidiaries, which can improve coordination and resource allocation by sharing data internally. This allows for more efficient collaboration on product, campaign, and customer service improvements. Personal data may be shared among team.blue Group companies for marketing statistics, internal administration, and reporting purposes, but only in an amount necessary for the intended use and with proper protective measures in place to prevent unauthorized access or disclosure.

Unless required by relevant Data Protection Laws We have no influence on and assumes no liability for the compliance with Data Protection Laws standards outside of our Service.



We store and processes your personal data for the period necessary in relation to the purpose of processing as described in this Privacy Policy and local Legislation Authorities. We will process your personal data for as long as you have an active User account and automaticaly delete them 10 years after your last sign-in. We may then anonymize your information for statistical purposes.

We will terminate your personal data associated with your User account after 10 years of inactivity or when your Agreement with us has been terminated and when you request a permanent deletion of your User account.

Deleted data will be removed from Our servers, its back-ups and all third party companies listed in paragraph „Transferring of your personal data“ of Privacy Policy.

Even if you ask us to destroy your personal data We may be required to process some of your personal data to comply with legal obligations, i.e. to maintain accounting records and other obligations. We will process personal data for this purpose for a period required by applicable laws.

Where we process your personal data based on your consent you may at any time withdraw your consent to the processing of your personal data. We will process personal data for this purpose until you withdraw your consent.

Where you are entitled to object to our processing of your personal data (i.e. direct marketing) we will process personal data for this purpose until you object to such processing (by unsubscribing from our emails).


Our’s servers are operated by Amazon Ireland with their AWS service which ensures fast and robust data protection on par with current data protection legislative requirements. All the data you provide to the our mobile app is encrypted according to the security standard TLS (Transport Layer Security). You can recognize the secure TLS connection from the “s” after the “http” in the URL shown in your browser (i.e. https://..), or from the lock symbol depicted in the browser tab. All of your data, including their transmission between your device and the Our servers, will be protected by standard security measures with the use of 256-bit SSL encryption.

We also take technical and organizational suitable security measures, in order to protect your data against random or deliberate manipulations, partial or complete losses, destruction and/or against unauthorized access. In order to avoid loss of data, we run a mirrored database setup which means that your data is always stored in two separate locations.

The personal data that we collect is stored in a secure environment within the EEA in compliance with Privacy Shield rules and treated confidentially. Access to this data is limited to selected employees and partially to our subcontractors. We adhere to Data Protection Laws at all times.

We do our utmost to secure your data in the best possible way but we cannot guarantee the safety of your data when transferred over the Internet. When data is transferred over the Internet, there is a certain risk that others can access the data illicitly.



Internet cookies are small text files that are placed on a user's computer or device when they visit a website. These files contain information about the user's activity on the website, such as the pages they have visited and the actions they have taken. Cookies are used by websites for a variety of purposes, such as:

You can find more information on how we store and use Cookies in our Cookie policy.



Subject to the material and territorial scope of the GDPR and Data Protection Laws in EEA you may have these rights granted you by the relevant Data Protection Laws.

You always have the right to access and review the personal data we process about you. You can request an overview of your personal data processed by us by emailing us. You can also request copies of your personal data held by us in writing or (if applicable) in in a structured, commonly used and machine-readable format (data portability right) in accordance with the relevant Data Protection Laws. We will provide you or your designated controller with a copy of the personal data held by us as soon as practicable, and in any event not more than 30 days after receiving a valid request in writing.

You may also request the rectification, erasure and restriction of processing of your personal data and object to processing of your personal data in accordance with the relevant data protection legislation. We will notify you within 30 days of your valid request about the relevant action taken.

You are entitled to access, see and challenge personal data third parties provide to us in accordance with the relevant Data Protection Laws.

Where we process your personal data based on your consent you may at any time withdraw your consent to the processing of your personal data. Withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal.

You are entitled to object to processing of your personal data for the purpose of direct marketing. You can exercise this right by unsubscribing from our newsletter and informational emails within the body of the email.

You are entitled to lodge a complaint with a supervisory authority in accordance with the relevant Data Protection Laws.

There may be a reasonable charge to process your requests under this section unless expressly stated otherwise in relevant Data Protection Laws.

We will notify you by e-mail whenever there are any changes made to the Privacy Policy or General Terms and Agreements.

We may request proof of identification to verify your requests under this section.

For information about your personal data, to exercise your right as well as for further questions about the use of your personal data please send an email to support@invoice-maker.app

Many of your rights described above can be exercised manually in your User account settings.

This Privacy Policy is effective from 16/05/2024