BST

Privacy Policy

Last updated: January 2025

1. Introduction

Bank Statement Tools ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our bank statement analysis service.

2. Information We Collect

2.1 Personal Information

  • Account Information: Email address, password, and account preferences
  • Contact Information: Name and email address when you contact support
  • Payment Information: Billing details processed through secure third-party payment processors
  • Authentication Data: Two-factor authentication credentials and security keys

2.2 Financial Document Data

  • Uploaded Files: Bank statements and financial documents you upload for processing
  • Transaction Data: Financial transaction information contained within your documents
  • Processed Data: Converted and analyzed versions of your financial data
  • Analysis Results: AI-generated insights and categorizations of your financial data

2.3 Technical Information

  • Usage Data: How you interact with our service, pages visited, and features used
  • Device Information: Browser type, operating system, and device identifiers
  • Log Data: IP address, access times, and system activity for security and debugging

3. How We Use Your Information

3.1 Service Provision

  • Process and analyze your financial documents
  • Generate insights and categorizations using AI technology
  • Provide converted file formats for download
  • Maintain your account and service preferences

3.2 Communication

  • Send service-related notifications and updates
  • Respond to your support requests and inquiries
  • Provide important security and billing notifications

3.3 Service Improvement

  • Analyze usage patterns to improve our service (using anonymized data)
  • Develop new features and enhance existing functionality
  • Train and improve our AI models (using anonymized, aggregated data only)

4. Data Security and Protection

4.1 Encryption and Security

  • All data is encrypted in transit using TLS 1.3
  • Files and database records are encrypted at rest using AES-256
  • Multi-factor authentication available for enhanced account security
  • Regular security audits and penetration testing

4.2 Access Controls

  • Strict access controls limiting employee access to customer data
  • All access to customer data is logged and monitored
  • Background checks and security training for all personnel

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

5.1 Service Providers

  • AI Processing: OpenRouter and underlying AI model providers for document analysis
  • Cloud Infrastructure: Secure cloud hosting providers for data storage and processing
  • Payment Processing: Third-party payment processors for billing (they do not have access to your documents)

5.2 Legal Requirements

  • When required by law, court order, or government regulation
  • To protect our rights, property, or safety, or that of our users
  • In connection with fraud prevention and investigation

6. Data Retention

  • Active Accounts: We retain your data as long as your account is active
  • Deleted Accounts: Data is permanently deleted within 30 days of account deletion
  • Financial Documents: Automatically deleted after 90 days unless you choose to keep them longer
  • Backup Systems: Deleted data is purged from backup systems within 6 months

7. Your Privacy Rights

7.1 Access and Control

  • Access: View and download all data associated with your account
  • Correction: Update or correct your personal information
  • Deletion: Delete your account and all associated data
  • Portability: Export your data in standard formats

7.2 Privacy Settings

  • Control how long your processed documents are stored
  • Opt out of non-essential communications
  • Manage two-factor authentication settings

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure that such transfers comply with applicable data protection laws and implement appropriate safeguards, including encryption and contractual protections.

9. Children's Privacy

Our service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected such information, we will delete it immediately.

10. Cookies and Tracking

  • Essential Cookies: Required for authentication and security
  • Functional Cookies: Remember your preferences and settings
  • Analytics: We use minimal analytics to understand service usage (anonymized)
  • No Advertising: We do not use tracking cookies for advertising purposes

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we will provide additional notice via email.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@bankstatementanalyzer.com
Data Protection Officer: dpo@bankstatementanalyzer.com
Address: Bank Statement Tools
[Your Business Address]

Copyright © 2025 Bank Statement Tools

Earn Credits | API Docs | About | Terms | Privacy