Privacy Policy

Effective Date: December 1, 2024

Introduction

Bank Statement Converter ("we", "our", or "us") is committed to protecting your privacy and maintaining the highest standards of data security. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our SaaS platform for converting bank statements to Excel format.

Our Core Privacy Commitment: We operate with a zero-storage policy for your financial documents. Your bank statements are processed "on-the-fly" and never stored on our servers.

By using Bank Statement Converter, you agree to the collection and use of information in accordance with this policy.

Our Zero-Storage Promise

What This Means for Your Financial Data

  • Never Stored: Your uploaded bank statements are processed in real-time and immediately deleted
  • Instant Deletion: Files are automatically deleted as soon as processing is complete
  • No Access: Our team has no ability to view, access, or retrieve your financial documents
  • Zero Retention: We maintain no copies, backups, or logs of your bank statement data

Information We Collect

1. Account Information You Provide

When you create an account or use our Service, we collect:

  • Registration Data: Email address, name, password (encrypted)
  • Billing Information: Payment details processed securely through Stripe (we never store credit card numbers)
  • Profile Settings: Preferences, subscription plan details
  • Support Communications: Messages when you contact customer support

2. Usage Analytics (Non-Financial)

We collect minimal, anonymous usage data to improve our service:

  • Service Metrics: Number of conversions performed, file types processed, feature usage
  • Technical Data: Browser type, operating system, device information
  • Error Logs: Technical errors to help us fix bugs (no financial data included)
  • Performance Data: Processing times, success rates for service optimization

3. Information We Explicitly Do NOT Collect

Critical Privacy Protection: We do NOT collect, store, view, or have access to:

  • Your Bank Statement Content: Transaction details, account numbers, balances, financial data
  • Converted Excel/CSV Files: The output files created from your conversions
  • Bank Account Information: Account numbers, routing numbers, or other banking credentials
  • Personal Financial Information: Income, spending patterns, or financial history
  • Document Contents: Any text, numbers, or data from your uploaded documents

How We Use Your Information

1. Service Delivery

  • Enable account access and authentication
  • Process payments and manage subscriptions
  • Provide customer support
  • Send service-related notifications

2. Service Improvement

  • Analyze usage patterns to improve features (using anonymized data only)
  • Fix technical issues and bugs
  • Develop new features based on user feedback
  • Monitor system performance and security

3. Legal and Security

  • Comply with applicable laws and regulations
  • Enforce our Terms of Service
  • Protect against fraud and abuse
  • Maintain system security

4. Communication

  • Send account-related notifications
  • Provide customer support responses
  • Share important service updates
  • Send marketing communications (only with your consent, and you can opt-out anytime)

Data Security and Protection

Security Infrastructure

  • Bank-Grade Encryption: 256-bit SSL/TLS encryption for all data transmission
  • Secure Processing: All conversions happen in isolated, encrypted environments
  • Infrastructure Security: SOC2-compliant hosting with enterprise-grade protections
  • Access Controls: Strict employee access controls with multi-factor authentication
  • Regular Audits: Ongoing security assessments and penetration testing

Zero-Storage Architecture

Our technical architecture ensures your financial data privacy:

  1. File Upload: Encrypted transmission to processing server
  2. Real-Time Processing: OCR and AI conversion in secure, temporary memory
  3. Instant Delivery: Converted file sent directly to your browser
  4. Immediate Deletion: All traces removed from our systems within seconds
  5. No Persistence: No databases, logs, or backups contain your financial data

Information Sharing and Disclosure

Our Policy: We Do NOT Sell Your Data

We will never sell, rent, or trade your personal information. We may share limited information only in these specific circumstances:

1. Essential Service Providers

  • Payment Processing: Stripe for secure payment processing (they never see your bank statements)
  • Infrastructure: Cloud hosting providers (Amazon AWS/Google Cloud) with strict data protection agreements
  • Analytics: Anonymized usage data to improve our service (no personal information shared)

2. Legal Requirements

We may disclose information if required by:

  • Court orders or legal process
  • Law enforcement investigations
  • National security requirements
  • Protection of our legal rights and user safety

3. Business Transfers

In case of merger, acquisition, or sale:

  • You will be notified in advance
  • Data protection standards will be maintained
  • You can delete your account before any transfer

4. Your Explicit Consent

Any other sharing requires your specific, informed consent.

Your Privacy Rights

Universal Rights

Regardless of your location, you have the right to:

  • Access: Request a copy of your account data
  • Correction: Update or correct your information
  • Deletion: Delete your account and associated data
  • Data Portability: Export your account data
  • Opt-Out: Unsubscribe from marketing communications

How to Exercise Your Rights

Contact Methods:

  • Online: Visit our Contact page
  • Account Dashboard: Manage most settings directly

Response Time: We will respond within 30 days of your request.

Regional Privacy Protections

California Residents (CCPA)

Under the California Consumer Privacy Act, you have additional rights:

  • Right to Know: What personal information we collect and how it's used
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: We don't sell data, but you can request we don't share for marketing
  • Non-Discrimination: We won't discriminate against you for exercising your rights

European Residents (GDPR)

Under the General Data Protection Regulation, you have rights including:

  • Legal Basis: We process data based on consent or legitimate business interests
  • Data Portability: Receive your data in machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Restrict: Limit how we process your data
  • Supervisory Authority: File complaints with your local data protection authority

Other Jurisdictions

We comply with applicable privacy laws worldwide and will extend similar protections to users globally.

Cookies and Tracking

Website Cookies

On our website, we use:

  • Essential Cookies: Required for basic site functionality (login, security)
  • Analytics Cookies: Google Analytics to understand site usage (you can opt-out)
  • Preference Cookies: Remember your settings and preferences

Cookie Control

  • Manage cookie preferences through your browser settings
  • Opt-out of analytics tracking via your account dashboard
  • Essential cookies cannot be disabled without affecting functionality

No Third-Party Tracking

  • We don't use advertising networks or social media tracking pixels
  • No cross-site tracking or data broker sharing
  • No behavioral advertising based on your usage

Data Retention

Account Data

  • Kept as long as your account is active
  • Deleted within 90 days of account closure
  • Some data may be retained longer for legal compliance

Financial Documents

  • Zero retention: Never stored on our systems
  • Processed and deleted immediately
  • No backups or copies maintained

Usage Analytics

  • Anonymized usage data retained for up to 2 years
  • Used solely for service improvement
  • Cannot be linked back to individual users

International Data Transfers

  • Our servers are located in the United States
  • We use adequacy decisions and standard contractual clauses for international transfers
  • Your data receives the same protection regardless of location
  • You can request data localization if available in your region

Children's Privacy

  • Our service is not intended for users under 18
  • We do not knowingly collect data from minors
  • Parents can contact us if their child has created an account
  • We will promptly delete any data from underage users

Data Breach Notification

In the unlikely event of a security breach:

  • User Notification: Within 72 hours of discovery
  • Authority Notification: As required by applicable laws
  • Transparency: Clear information about what happened and steps to protect yourself
  • Remediation: Immediate steps to prevent further unauthorized access

Changes to This Policy

  • Notification: We'll email you about material changes
  • Website Notice: Updates posted with effective date
  • Continued Use: Using the service after changes means acceptance
  • Opt-Out: You can delete your account if you disagree with changes

Contact Information

For privacy-related inquiries, please visit our Contact page.

Last Updated: December 1, 2024

By using Bank Statement Converter, you acknowledge that you have read, understood, and agree to this Privacy Policy. Your trust is essential to us, and we are committed to protecting your financial data with the highest standards of security and privacy.