Simplio Logo

Privacy Policy

How we collect, use, and protect information

Last updated: 8/11/2025

Note: Optional analytics/marketing only run with consent where required. You can manage preferences in our future cookie controls.

1. Overview

This Privacy Policy explains how Simplio ("we", "our", or "us") collects, uses, and shares information when you use our application and services (the "Service"). By using the Service, you agree to this Policy. If you do not agree, please do not use the Service.

2. Information We Collect

  • Account Information: Name, email address, and other information you provide during signup and profile management.
  • Customer/Invoice Data: Information you enter for your clients and invoices (e.g., client name, email, invoice amount, due date, description). You are the controller of this data; we process it on your behalf.
  • Usage and Device Data: IP address, user‑agent, pages viewed, and interactions, collected via analytics tools and server logs for security and performance.
  • Emails and Events: Metadata on outbound emails and delivery events (sent, delivered, opened, clicked, bounced) to operate reminders and diagnostics.

3. How We Use Information

  • Provide, maintain, and improve the Service and its features.
  • Automate and send invoice reminder emails on your behalf.
  • Authenticate users, secure accounts, and prevent abuse.
  • Measure performance and understand product usage.
  • Comply with legal obligations and enforce terms.

4. Lawful Bases (EEA/UK users)

  • Contract: to deliver the Service you requested.
  • Legitimate Interests: to secure and improve the Service.
  • Consent: for optional analytics/marketing cookies where required.
  • Legal Obligation: to comply with applicable laws and requests.

5. Cookies and Analytics

We use cookies and similar technologies to operate the Service and measure performance. Optional analytics/marketing cookies are used only with consent where required.

  • Google Analytics (GA4): measures pageviews and events. Data may be transferred to the U.S. You can opt‑out or adjust preferences via our cookie controls (to be provided) and browser settings.
  • Meta Pixel: tracks page views and conversion events. We may also send server‑side events via the Conversions API. Where required, client‑side tracking is subject to consent.
  • Vercel Analytics: collects anonymous performance and usage signals for site reliability.

6. Payment Processing (Stripe)

Subscriptions are handled by Stripe. When you upgrade, payment details are processed directly by Stripe. We do not store full payment card data. Your use of Stripe is governed by Stripe’s terms and privacy policy.

7. Service Providers and Transfers

We rely on trusted vendors to operate the Service:

  • Supabase: database, authentication, and serverless functions.
  • Vercel: hosting and edge infrastructure.
  • Resend: transactional email delivery and event webhooks.
  • Stripe: subscription billing and customer portal.

These providers may process data in the U.S. or other countries. Where required, we rely on appropriate safeguards for international transfers.

8. Data Retention

  • Account and billing data: retained while your account is active and as required by law.
  • Client/invoice data: retained until you delete it or your account is closed.
  • Email events: retained for operational analytics (e.g., up to 12 months) and may be purged periodically.
  • Logs and diagnostics: retained for a limited period for security and troubleshooting.

9. Security

We use reasonable administrative, technical, and physical safeguards to protect data. No system is 100% secure; you are responsible for safeguarding access credentials and maintaining good security practices.

10. Your Choices and Rights

  • Access, update, or delete data in your account dashboard.
  • Manage cookies/analytics preferences using our cookie controls (when available).
  • For EEA/UK/California residents, you may have additional rights under local law. Contact us to exercise them.

11. Children’s Privacy

The Service is not directed to children under 13, and we do not knowingly collect personal information from them.

12. Changes to This Policy

We may update this Policy from time to time. Material changes will be posted in‑app or on our website with an updated “Last updated” date. Continued use constitutes acceptance.

13. Contact Us

If you have questions about this Policy or our data practices, contact us at privacy@simplio.space.