Privacy policy

Last updated: April 6, 2026

This policy describes how Privbooks (“Privbooks”, “we”, “us”, “our”) handles information when you use the website and application at https://privbooks.com (the “Service”).

Who we are

Privbooks is operated as a United States–based business offering the Privbooks software and website.

For privacy requests: privacy@privbooks.com. General support: support@privbooks.com.

What runs on your device

Your accounting ledger (chart of accounts, journal entries, invoices, bills, inventory, contacts, and related data) is stored primarily in a SQLite database inside your web browser, using durable storage such as the Origin Private File System when your browser supports it. We do not receive a copy of that database simply because you use the Service. You can export or back up your data from the Data tab in the app.

What we collect on our servers

Depending on how you use the Service, we may process:

Account: work email address, optional company name, and a session identifier stored in an httpOnly cookie after signup or email verification.
Billing: records needed to link your account to Stripe (customer id, subscription status, plan tier, and related metadata). Stripe processes payment card data under its own privacy policy.
Bank linking (paid plans): if you connect Plaid, tokens and institution metadata required to sync accounts are stored in our database so feeds can run server-side.
Invoice checkout (paid plans): if you use Stripe Connect customer checkout, we may store checkout session metadata and a queue of payment receipts until you reconcile them in your local books.
Security and abuse prevention: rate-limit counters for signup and similar operational logs needed to run the Service.
Email: if email verification is enabled, we send messages through our email provider and store verification tokens until you confirm or they expire.
Optional cloud ledger snapshots (Plus / Pro): if you or your operator enable this feature, you may upload a copyof your local SQLite ledger file to our operator's object storage (e.g. Supabase Storage). We store metadata in Postgres (workspace id, file path, size, schema version, timestamp, who uploaded). The file is not the live ledger — your browser still holds the working copy unless you restore from cloud. We do notapply client-side passphrase encryption to that file; you rely on transport TLS and the cloud provider's storage controls.
Workspace invitations: if an account owner invites someone by email, we store the invitee address, role (bookkeeper or viewer), a hashed acceptance token, and expiry. When accepted, we record membership so that person can download (and bookkeepers can upload) snapshots for that workspace. Invitation emails are sent through the same provider as verification mail.

We do not use your ledger contents to train public machine-learning models. We do not sell your personal information.

Authentication

Privbooks uses email-based access (magic link or optional verification, depending on operator settings). There is no multi-factor authentication (MFA / TOTP / WebAuthn) in the product today. Anyone with access to your inbox or session cookie can act as you until you sign out or the session expires. Use a strong mailbox and device protections for sensitive books.

Subprocessors and infrastructure

Depending on configuration, we use vendors to run the Service, including for example: hosting (e.g. Vercel), database and object storage (e.g. Supabase / Postgres),payments (Stripe), bank connectivity (Plaid, for paid users who opt in), and transactional email (e.g. Resend). Each processes data under its own terms and privacy policy as a processor or service provider to us. We do not list every subprocessors.com-style detail here; contact privacy@privbooks.com for an up-to-date summary for your diligence.

Legal bases (EEA/UK visitors)

Where the GDPR or UK GDPR applies, we process personal data on the basis of performing the contract with you, our legitimate interests in operating and securing the Service (in ways that are not overridden by your rights), and compliance with law. Where consent is required (for example, certain cookies or marketing if we add them later), we will ask separately.

Retention

Server-side account and billing records are kept for as long as your account is active and for a reasonable period afterward for legal, tax, and dispute purposes. Email verification tokens expire on the schedule configured in the product. Local SQLite data remains on your device until you delete it or clear site data.

Your rights

You may request access, correction, or deletion of server-held personal information, and you may object to or restrict certain processing where applicable law allows. California residents may have additional rights under the CCPA/CPRA (we do not “sell” or “share” personal information as those terms are defined). Contact privacy@privbooks.com to exercise rights. We may need to verify your request.

Children

The Service is not directed at children under 16, and we do not knowingly collect their personal data.

International transfers

We host the Service in the United States. If you access the Service from elsewhere, your information may be processed in the U.S. and other countries that may not provide the same level of protection as your home jurisdiction. Where required, we use appropriate safeguards.

Changes

We may update this policy from time to time. We will post the revised version on this page and update the “Last updated” date.

Contact

Privacy: privacy@privbooks.com
Legal notices: legal@privbooks.com