Back to Home

Privacy Policy

Effective Date: 26/03/2026

1. Introduction

Welcome to Pocket-Bookkeeper. We respect your privacy and are committed to deeply protecting your personal data strictly under the parameters governed by the United Kingdom General Data Protection Regulation (UK GDPR) and the native UK Data Protection Act 2018.

2. The Data We Collect

We natively collect and process limited Identity Data (Name, Email), Financial Document Data (Subscription tier via Stripe, Invoice IDs, Receipts), and basic Usage Data necessary to serve you. We deliberately never store non-encrypted copies of your core banking credentials physically onto our servers.

3. How We Process Your Data (Third-Parties)

In order to provide our "Smart AI Engine" service, we actively rely on the following secure data architectures as Data Sub-Processors:

  • Google Firebase: Used exclusively for highly-encrypted cloud storage architecture (AES-256 at rest) and biometric identity Authentication synchronization across your sessions.
  • Google Gemini AI: Utilized solely as a rigid text-extraction engine natively reading your uploaded receipts to calculate dynamic HMRC allowances automatically. Gemini algorithms do NOT physically permanently store your financial data nor do they train public dataset models dynamically based off your invoices.
  • Stripe, Inc: Manages secure PCI-compliant recurring billing architectures handling your subscription payments natively on their servers.

4. Your Legal Rights (Right to be Forgotten)

Under formal explicit UK GDPR rules, you natively maintain the physical right to demand immediate access, erasure, and restriction of your cloud data. You may execute an aggressive "Right to be Forgotten" destructive deletion sequence wiping all active cloud records permanently by simply verifying your credentials globally inside your Account Security Settings and selecting "Obliterate Account Forever".

5. Automated Deletion & Portability

In the event you physically terminate your identity, your core encrypted Firebase Storage vaults, your Universal Ledgers, and your active Stripe recurring subscription nodes will automatically trigger explicit cancellation and destruction routines completing the cascade natively in milliseconds. We legally compel you to backup natively to Excel (`.xlsx`) via the Ledger page before initiating.

6. Security & Encryption

The entire infrastructure pipeline operates seamlessly using modern HTTPS cryptographic security tunnels preventing arbitrary man-in-the-middle data interceptions during tax record transfers.