Privacy Policy

Last updated: January 15, 2026

Introduction

This Privacy Policy explains how Invoice Generator ("we", "us", or "our") collects, uses, and protects your personal information when you use our service.

Information We Collect

Account Information

When you create an account, we collect:

  • Email address (for authentication and communication)
  • Authentication tokens (for secure login)

Invoice Data

When you create invoices, we store:

  • Company information (name, address, contact details)
  • Client information (name, address, contact details)
  • Invoice details (items, amounts, dates, notes)
  • Company logos (if uploaded)

Usage Information

We automatically collect:

  • IP address
  • Browser type and version
  • Usage analytics (page views, features used)

How We Use Your Information

We use your information to:

  • Provide and maintain our service
  • Authenticate your account via magic link and OTP
  • Generate and store your invoices
  • Send you service-related emails
  • Improve our service through analytics
  • Prevent fraud and abuse

Data Security

We implement industry-standard security measures to protect your data:

  • Authentication tokens are hashed using SHA-256
  • Secure session management with HTTP-only cookies
  • Rate limiting to prevent abuse
  • Regular security updates and monitoring

Data Sharing

We do not sell, trade, or rent your personal information to third parties. We may share data only:

  • When required by law
  • To protect our rights and safety
  • With service providers who assist in operating our service (e.g., email delivery)

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and data
  • Export your invoice data
  • Opt-out of marketing communications

Cookies

We use cookies for:

  • Session management (keeping you logged in)
  • Storing user preferences

You can disable cookies in your browser, but this may affect service functionality.

Data Retention

We retain your data as long as your account is active. When you delete your account, we remove your personal data within 30 days, except where required by law.

Children's Privacy

Our service is not intended for users under 18 years of age. We do not knowingly collect information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or a notice on our website.

Contact Us

If you have questions about this Privacy Policy, please contact us at: [email protected]