effitrio

Privacy Policy — Effitrio

Version: 1.0
Last updated: June 1, 2026

Table of Contents

  1. Introduction
  2. Information We Collect
  3. How We Process Your Information
  4. Legal Bases for Processing
  5. Data Controller vs. Data Processor
  6. Data Storage and Security
  7. GDPR Compliance — EU/EEA/UK/Swiss Users
  8. United States Residents — Privacy Rights
  9. Canada Residents — Privacy Rights
  10. Data Sharing and Third-Party Processors
  11. AI-Powered Features
  12. Social Logins
  13. Cookies and Tracking Technologies
  14. Do-Not-Track (DNT) Signals
  15. Data Retention
  16. Children's Privacy
  17. International Data Transfers
  18. Data Breach Notification
  19. Changes to This Privacy Policy
  20. How to Review, Update, or Delete Your Data
  21. Contact Us

1. Introduction

Welcome to Effitrio ("we," "our," "us," or "Effitrio"). Effitrio is an AI-powered ERP mini tool suite that helps businesses manage invoices, expenses, projects, and customer relationships efficiently. We are committed to protecting your privacy and ensuring the security of your personal information.

Data Controller:
Email: support@effitrio.com Website: www.effitrio.com

Some features of Effitrio — including the ZUGFeRD e-invoice generator and other tools we may offer without sign-in — are available without registration. Creating a free account unlocks additional features, including saved clients, invoice history, and email sending.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at www.effitrio.com and use our services (the "Service"). By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Account Information (Required at Registration)

To create an Effitrio account, we require:

  • Email address — used for login and communication
  • Full name — displayed in your profile
  • Password — encrypted with bcrypt; never stored in plain text

2.2 Business Data (Optional — You Control What's Entered)

You optionally enter business data when using Effitrio features. We store only what you provide. You are the Data Controller for this data; Effitrio acts as a Data Processor on your behalf (see Section 5):

  • Company Profile: Name, address, email, phone, tax ID, VAT number, logo, bank details (all optional)
  • Clients/Customers: Name, email, phone, address, tax ID, contact person, notes
  • Invoices: Invoice number, dates, line items, amounts, tax calculations, payment terms, notes
  • Expenses: Description, category, amount, date, vendor, notes, receipt images
  • Projects: Name, description, timeline, assigned team members, tasks

💡 You're in control: All business data is entered and managed by you. Effitrio does not access, use, sell, or share this data beyond what is required to deliver the Service.

2.3 Payment Information

We do not currently offer paid subscriptions. If you upgrade to a paid subscription in the future, billing address and payment method will be collected via Stripe. We never see or store card numbers.

2.4 Automatically Collected Information

We automatically collect technical data necessary to operate and secure the Service:

  • Device & Technical Data: IP address, browser type, operating system (for security and support)
  • Log and Usage Data: Pages visited, features used, session timestamps, crash reports, and interaction patterns (to improve the product and identify issues)
  • Session Information: Login/logout times, session duration (for account security)
  • Authentication tokens: Session tokens (for example JWT access and refresh tokens) stored in your browser for as long as you remain logged in — used only to authenticate requests to our servers.
  • Local browser storage (authenticated users): In addition to server-side storage, the application may store limited data in your browser (localStorage / sessionStorage) for performance and UX, including: a cache copy of workspace company details (to speed up invoice forms and keep fields in sync with what you have saved in your account), optional draft or convenience copies of invoice-related data such as client lists where the product uses the browser for smoother editing, your signed-in user profile snapshot, cookie / analytics consent choices, short-lived values for OAuth sign-in flows (for example LinkedIn state or callback handoff), UI preferences (for example dismissing onboarding or banners within a session), and navigation return paths in sessionStorage where the app needs to restore your place after preview flows. Authoritative business data remains in our database; browser copies are ancillary and may be cleared by logging out, clearing site data, or through your browser settings. If you are unsure what is stored locally, use your browser’s site-data tools or contact us.

2.5 Communication Data

If you contact us:

  • Support messages — collected to help resolve issues
  • Feedback — feature requests and bug reports you voluntarily share
  • Email communications — newsletters, feature announcements, billing notifications (you can unsubscribe anytime)

2.6 Sensitive Personal Information

In certain jurisdictions, financial data (bank account details, tax IDs) may be classified as sensitive personal information. We process this data only because you voluntarily enter it as part of using the Service and with your consent, or as required to fulfil the contract you have with us.

What we DON'T do: We do not use third-party advertising trackers, do not sell your personal information, and do not share your data with advertisers for their own marketing. Product analytics: Where enabled, we may use PostHog (a third-party analytics service) to understand how the Service is used in aggregated or event form — only in line with your cookie / consent choices where applicable; see Section 10 and Section 13.

3. How We Process Your Information

We use your information for the following purposes:

  • Service Delivery: To provide, maintain, update, and support all Effitrio features.
  • Account Management: To create accounts, authenticate users, manage workspaces, reset passwords, and handle subscription changes.
  • Data Persistence: To store business data securely in our database for access across devices and sessions.
  • Communication: To send service updates, feature announcements, billing notifications, and support responses via Resend.
  • AI Features: To power AI-assisted features (summarisation, insights) by processing data within your workspace via the OpenAI API (see Section 11).
  • Analytics & Improvement: To understand usage patterns and improve product features, including through product analytics (for example PostHog) where you have consented or as otherwise permitted by law — we do not use this for third-party ad targeting.
  • Security & Fraud Prevention: To detect, prevent, and address technical issues, unauthorised access, fraud, and data breaches.
  • Legal Compliance: To comply with tax law requirements, audit obligations, and respond to lawful legal requests.

4. Legal Bases for Processing

For EU/EEA/UK Users (GDPR)

We process your personal data only when we have a valid legal basis:

Processing ActivityLegal Basis
Account creation, login, service deliveryContract Performance (Art. 6(1)(b))
Security monitoring, fraud preventionLegitimate Interests (Art. 6(1)(f))
Analytics and product improvement (including PostHog where enabled)Consent (Art. 6(1)(a)) and/or Legitimate Interests (Art. 6(1)(f)), depending on configuration and your choices
Marketing communicationsConsent (Art. 6(1)(a))
Tax record retentionLegal Obligation (Art. 6(1)(c))
Financial data you voluntarily enterConsent (Art. 9(2)(a))

For Canada Users (PIPEDA)

We process your information when you have given us specific or implied consent. You can withdraw consent at any time. In some exceptional cases (fraud detection, legal obligations, vital interests), we may process information without consent as permitted by applicable Canadian law.

5. Data Controller vs. Data Processor

This section clarifies a key distinction that governs how your data is handled:

When you use Effitrio's core features, we act in two distinct roles:

5.1 Effitrio as Data Controller

For data we collect directly — such as your name, email address, IP address, usage logs, and session data — Effitrio is the Data Controller. We determine the purposes and means of processing this data. This Privacy Policy governs such processing.

5.2 Effitrio as Data Processor

For data you upload into the Service on behalf of your business — including your clients' names, email addresses, phone numbers, bank account details, tax IDs, invoices, and financial records — you remain the Data Controller. Effitrio processes this data solely as a Data Processor on your instructions, as defined under GDPR Article 28.

We do not access, use, sell, or process this data for any purpose beyond providing the Service.

5.3 Data Processing Agreement (DPA)

EU/EEA business users may require a signed Data Processing Agreement (DPA) under GDPR Article 28. To request a DPA, contact: privacy@effitrio.com

6. Data Storage and Security

6.1 Data Storage for Registered Users

Your business data is stored in a PostgreSQL database provided by Supabase, together with object/file storage on Supabase for files you upload (for example receipt images and other documents tied to invoices or expenses). The public web application is hosted on Vercel; the API backend runs on Railway. Your data includes invoices, clients, expenses, projects, and workspace settings. You can access, modify, or delete many individual records at any time via your dashboard, subject to retention rules in Section 15.

Storage Duration: Data is retained as long as your account is active. Upon account deletion, we securely delete your data within 30 days — except transaction logs retained for 7 years per tax and accounting legal requirements (e.g., German GoBD, §147 AO).

6.2 Local browser storage and public tools (summary)

Public tools (no account): We offer free tools that you can use without creating an account (for example the ZUGFeRD e-invoice generator and other tools we may add over time). Data you enter in these flows is processed only to provide the requested output (such as a PDF, XML, or similar result) and is not stored in our database. Nothing is persisted on our servers from the no-login flow after that output is delivered to you. Results are returned directly to your browser unless the tool clearly states otherwise.

Browser storage (all visitors): We may still use browser storage (localStorage / sessionStorage) as described in Section 2.4 — for example authentication tokens and profile cache when you are signed in, optional convenience copies of form fields on public tools, cookie / analytics consent, OAuth handoffs, and UI preferences. Clearing site data or logging out may remove these local copies without deleting account data held in our database.

6.3 Security Measures

We implement industry-standard security practices:

  • Encryption in Transit: All connections use HTTPS/TLS 1.2+ encryption
  • Encryption at Rest: Database encryption with secure key management
  • Password Security: Passwords hashed using bcrypt with salt
  • Authentication: JWT-based session management with secure token storage
  • Access Controls: Role-based access control (RBAC) and workspace isolation
  • Infrastructure: Frontend on Vercel; backend API on Railway; database and file storage on Supabase; supporting services (for example Upstash for Redis, Inngest for background jobs) as described in Section 10
  • Monitoring: Regular security audits and vulnerability assessments

6.4 Limitations

While we implement robust security measures, no system is 100% secure. We cannot guarantee absolute protection against all threats. During the beta phase, security measures are continuously enhanced based on feedback and best practices.

7. GDPR Compliance — EU/EEA/UK/Swiss Users

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you have the following rights under the GDPR:

7.1 Your Rights

  • Right to Access: Request a copy of all personal data we hold about you
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Request that we limit how we use your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format (JSON or CSV)
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time without affecting prior processing
  • Right Not to Be Subject to Automated Decision-Making: If a decision with significant legal effects is made solely by automated means, you may request human review

7.2 Exercising Your Rights

To exercise any GDPR rights, contact: privacy@effitrio.com

Include your request details and account email. We will verify your identity and respond within 30 days (or notify you of any delay). You may also submit a data subject access request at any time.

7.3 Supervisory Authority

If you are dissatisfied with our response, you have the right to lodge a complaint with your local data protection authority (typically in your country of habitual residence, place of work, or the place of the alleged infringement). Without limiting other competent authorities, the contact point for the supervisory authority in Baden-Württemberg, Germany is:

Landesbeauftragter für den Datenschutz und die Informationsfreiheit Baden-Württemberg
Website: www.baden-wuerttemberg.datenschutz.de

UK residents may contact the Information Commissioner's Office (ICO) at ico.org.uk.
Swiss residents may contact the Federal Data Protection and Information Commissioner (FDPIC).

8. United States Residents — Privacy Rights

8.1 Applicable States

If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have specific privacy rights under applicable state law.

8.2 Categories of Personal Information Collected (Last 12 Months)

CategoryExamplesCollected
A. IdentifiersName, email address, IP address, account nameYES
B. Personal information (CA Customer Records)Name, contact information, financial informationYES (user-entered)
C. Protected classification characteristicsGender, age, ethnicityNO
D. Commercial informationTransaction history, subscription dataYES
E. Biometric informationFingerprints, voiceprintsNO
F. Internet/network activityPages visited, features used, session dataYES
G. Geolocation dataDevice locationNO
H. Audio/electronic/sensory dataImages (receipt uploads)YES (user-uploaded)
I. Professional/employment dataBusiness profile data (optional)YES (user-entered)
J. Education informationStudent recordsNO
K. Inferences from personal informationUser preferences or behaviour profilesNO
L. Sensitive personal informationFinancial data (bank details, tax IDs)YES (user-entered, optional)

8.3 Your Rights (US Residents)

  • Right to know whether we are processing your personal data
  • Right to access your personal data
  • Right to correct inaccuracies
  • Right to request deletion of your personal data
  • Right to obtain a copy of data you previously shared with us
  • Right to non-discrimination for exercising your rights
  • Right to opt out of sale of personal data — We do not sell your personal information
  • Right to opt out of targeted advertising — We do not use targeted advertising
  • Right to limit use of sensitive personal data (California)
  • Right to appeal our decisions (see Section 8.5)

8.4 How to Exercise Your Rights

Submit a data subject access request or contact us at: privacy@effitrio.com

We will verify your identity before processing your request. You may designate an authorised agent to make a request on your behalf, provided they submit written, signed permission from you.

8.5 Appeals

If we decline your request, you may appeal by emailing privacy@effitrio.com with the subject "Privacy Rights Appeal." We will respond in writing with our decision and reasoning. If your appeal is denied, you may submit a complaint to your state attorney general.

8.6 California "Shine the Light" Law

California Civil Code Section 1798.83 permits California residents to request, once per year and free of charge, information about personal data disclosed to third parties for direct marketing purposes. We do not share personal data with third parties for direct marketing.

8.7 We Do Not Sell or Share Personal Information

We have not disclosed, sold, or shared any personal information to third parties for a business or commercial purpose in the preceding twelve (12) months. We will not sell or share personal information belonging to website visitors, users, or consumers.

9. Canada Residents — Privacy Rights

We process your information only when you have given specific or implied consent. You may withdraw consent at any time by contacting privacy@effitrio.com. In limited exceptional cases, applicable Canadian law may permit processing without consent (e.g., fraud investigations, legal obligations). We may disclose de-identified information for approved research or statistics projects subject to ethics oversight.

10. Data Sharing and Third-Party Processors

We do not sell, trade, or rent your personal information to third parties for marketing. We share your data only with service providers necessary to operate Effitrio. All third-party processors are bound by written data processing agreements.

10.1 Service Providers

We rely on the providers below to run the Service. Roles are split: your browser talks mainly to Vercel (frontend); the app calls our Railway backend; persistent data and uploaded files live in Supabase; other processors handle payments, email, AI, analytics, caching, and background work. We use subprocessors only as needed to provide the features you use.

ProviderPurposeData shared (summary)
VercelHosting the Next.js frontendTypical hosting metadata (for example IP address, request logs) and static or server-rendered assets; no long-term storage of your workspace database on Vercel
RailwayHosting the backend API (application runtime)Data processed in API requests and responses (including personal and workspace data while handled by the service)
SupabasePostgreSQL database and object storage (files such as receipts and invoice-related uploads)Account, workspace, and business records; file blobs and storage metadata you upload or we generate for you
StripePayment processing and subscription managementBilling address, payment instrument (PCI DSS compliant; we never see full card numbers)
PostHogProduct analytics and feature usage (when enabled and subject to your cookie/consent choices)Pseudonymous identifiers, event data, and usage metadata as configured
ResendTransactional email deliveryEmail addresses; message content (for example invoice or notification text) for delivery (handled per Resend’s retention practices)
OpenAIAI-powered features (text/tool flows and receipt vision/OCR)Structured workspace data is PII-masked where that pipeline applies; receipt images are sent directly for extraction (see Section 11)
UpstashManaged Redis — caching, rate limiting, short-lived operational dataTechnical identifiers, keys, and payloads needed for those features (for example session or workspace-scoped cache entries)
InngestBackground jobs and workflow schedulingEvent names, job metadata, and payloads required to run scheduled or asynchronous tasks (may include workspace or resource identifiers)

10.2 Legal Requirements

We may disclose your information when required by law, court order, or government regulation. We may also share information to:

  • Protect Effitrio's intellectual property, privacy, and safety
  • Prevent or investigate possible wrongdoing in connection with the Service
  • Protect the rights, property, or safety of Effitrio, users, or the public
  • Enforce legal obligations or this Privacy Policy

10.3 Business Transfers

If Effitrio is involved in a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify users of any such change and any choices they may have.

11. AI-Powered Features

Effitrio uses OpenAI's API for AI-assisted features (for example invoice insights, Q&A-style assistance over your workspace data, and receipt scanning / OCR from images you upload).

Not every AI feature uses the same data path. The important distinction is below.

11.1 Text and tool-based features (PII masking)

For features that send structured text or tool results from your workspace (for example summaries or insights built from invoice or expense records):

  • PII masking: Before sending that content to OpenAI, we mask personally identifiable information (PII). Names, email addresses, phone numbers, and similar fields are replaced with anonymous tokens (e.g., __PII_1__). OpenAI does not receive those real values in that pipeline.
  • Tool-based access: OpenAI does not receive your full database. It receives only what is needed for the specific operation, via controlled tool calls.

11.2 Receipt scanning / image extraction (no PII masking on the image)

When you use receipt scanning (extracting text and fields from a receipt photo or file), we send the receipt image itself to OpenAI’s vision API so the model can read and return structured fields (merchant, amounts, dates, line items, etc.).

  • No masking step is applied to the image: Whatever appears on the receipt — including merchant names, partial card numbers, addresses, or other legible text — is visible to the model as part of the image. Treat receipt uploads accordingly; do not upload images you are not willing to have processed by OpenAI under their API Privacy Policy.

11.3 Common disclosures (all OpenAI-powered features)

  • OpenAI retention: OpenAI may retain API data for up to 30 days for abuse monitoring (see OpenAI’s policy linked above).
  • No model training (business API): Your data is not used to train OpenAI’s models in line with OpenAI’s data policy for typical business API use.
  • Legal basis (GDPR): Processing is generally based on contract performance (Art. 6(1)(b)) where the feature is part of the Service you request, and/or consent where you choose optional AI features; applicable basis may depend on the feature and your jurisdiction.

💡 In plain terms: For normal AI text features, we mask many PII fields before they leave our systems. For receipt photos, the whole image goes to OpenAI for OCR — so anything printed on the receipt may be processed there.

You must not use AI features in any way that violates OpenAI's terms or policies.

12. Social Logins

Our Services may offer you the ability to register or log in using a third-party account (for example Google or LinkedIn). If you choose to do so, we will receive certain profile information from the provider, typically your name and email address. We use this information only to create and manage your Effitrio account. We are not responsible for the privacy practices of third-party providers — please review their privacy policies separately.

13. Cookies and Tracking Technologies

We use cookies, local storage, and similar technologies to:

  • Maintain your session and authentication state (primarily via browser storage when you are signed in)
  • Remember your preferences, including your cookie / analytics consent choice

Consent banner: We display a cookie consent banner on our website when you have not yet saved a choice. It lets you enable or disable optional analytics (PostHog) before saving. Analytics is off by default until you accept it in the banner (including via Accept with the Analytics category enabled). Necessary storage for operating the Service continues regardless of your analytics choice. For category details, see our Cookie and storage details page (linked from the banner).

Where you have accepted analytics, we may use PostHog (see Section 10) to collect product analytics events. PostHog may use first-party cookies and/or local storage as part of its SDK.

We do not permit third-party advertising trackers on our Service. You can also control cookies and site data through your browser settings; however, disabling necessary storage may affect Service functionality.

14. Do-Not-Track (DNT) Signals

Most web browsers include a Do-Not-Track ("DNT") feature to signal your preference not to have data about your online browsing activities monitored and collected. At this time, no uniform technology standard for recognising and implementing DNT signals has been finalised. As such, we do not currently respond to DNT browser signals. If a standard is adopted that we are required to follow, we will update this Privacy Policy accordingly.

California law requires us to disclose this: we do not respond to DNT signals at this time.

15. Data Retention

Registered Users: We retain your data for as long as your account is active or as needed to provide services. Upon account deletion, data is securely deleted within 30 days, except:

  • Transaction and financial logs retained for 7 years per German tax law (GoBD, §147 AO)
  • Security and fraud prevention records retained for a reasonable period as legally permitted

Local browser copies: Data held only in your browser (Section 2.4) is under your control; it may persist until you clear site data, revoke consent where relevant, or log out, depending on the type of storage. Removing local copies does not by itself delete your account or workspace data on our servers.

When we have no ongoing legitimate business need to process your personal information, we will delete or anonymise it. If deletion is not immediately possible (e.g., backup archives), we will securely isolate it from further processing until deletion occurs.

16. Children's Privacy

Our Service is not intended for individuals under the age of 16 (the minimum age for digital consent under GDPR) or under 18 in other jurisdictions. We do not knowingly collect personal information from minors. If you believe we have collected information from a child, please contact us immediately at privacy@effitrio.com and we will take prompt action to delete such data.

17. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence (including the United States, where our infrastructure providers operate). For transfers from the EEA/UK, we ensure appropriate safeguards are in place, such as the EU Standard Contractual Clauses (SCCs) or equivalent mechanisms under applicable data protection law, to protect your data during international transfers.

18. Data Breach Notification

In the event of a data breach that compromises your personal information, we will:

  • Notify the relevant supervisory authority within 72 hours as required by GDPR Art. 33
  • Notify affected users without undue delay if the breach is likely to result in high risk to their rights and freedoms (GDPR Art. 34)
  • Include in notifications: details of the breach, categories of data affected, likely consequences, and recommended security actions

19. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on this page with a new "Last updated" date
  • Sending a notification to your registered email address for significant changes

Your continued use of the Service after such changes constitutes acceptance of the updated policy. We encourage you to review this policy periodically.

20. How to Review, Update, or Delete Your Data

You can review or update your account information at any time by logging into your account settings.

Where available in the product, you may also use Settings → Account & Privacy (or equivalent) to request a data export of your workspace data and to initiate account deletion, subject to in-product confirmations and retention rules in Section 15.

To request deletion of your account and all associated data, or to submit a formal data subject access request (including where you prefer not to use self-service tools), contact: privacy@effitrio.com

We will verify your identity and respond within 30 days in accordance with applicable law.

21. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or our data practices:

Privacy & Data Requestsprivacy@effitrio.com
Supportsupport@effitrio.com
Websitewww.effitrio.com
Data ControllerSee Section 1 — support@effitrio.com (controller enquiries); privacy@effitrio.com for privacy and data-rights requests
Supervisory Authority (DE)Landesbeauftragter für den Datenschutz BW — www.baden-wuerttemberg.datenschutz.de

This Privacy Policy was last reviewed and updated on June 1, 2026.