Privacy Policy

Last updated: February 2026

1. Introduction

GoZappify ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our invoice processing service.

GoZappify is operated from Jersey, Channel Islands. By using our service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, password, and business details when you register
  • Invoice Data: Supplier invoices you upload, including line items, prices, and supplier information
  • Payment Information: Billing details processed securely through PayPal (we do not store full card numbers or PayPal credentials)
  • Communications: Messages you send to our support team
  • Multi-Factor Authentication: If you enable two-factor authentication, we store an encrypted TOTP secret and hashed recovery codes associated with your account

2.2 Information Collected Automatically

  • Usage Data: How you interact with our service, features used, and actions taken
  • Device Information: Browser type, operating system, and device identifiers
  • Log Data: IP address, access times, and pages viewed

2.3 Third-Party Integrations

When you connect QuickBooks Online, Xero, or other accounting software, we access only the data necessary to provide our service, such as product lists, customer lists, tax codes, and the ability to create bills and invoices. We use secure OAuth 2.0 authentication and do not store your accounting software login credentials.

2.4 reCAPTCHA

We use Google reCAPTCHA v3 on our login, registration, and password reset pages to protect against automated abuse. reCAPTCHA collects hardware and software information, such as device and application data, and sends it to Google for analysis. Your use of reCAPTCHA is subject to Google's Privacy Policy and Terms of Service.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our invoice processing service
  • Process invoices using AI and sync data to your accounting software
  • Process payments and manage your subscription
  • Send service-related communications (account updates, security alerts)
  • Respond to your support requests
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

  • Service Providers: Third parties that help us operate our service (e.g., PayPal for payments, Railway for cloud hosting)
  • AI Processing: Invoice content is processed using AI services (Anthropic Claude) to extract data. This data is not used to train AI models
  • Accounting Integrations: QuickBooks Online, Xero, and other connected platforms, as authorised by you
  • Security Services: Google reCAPTCHA for bot protection on authentication pages
  • Legal Requirements: When required by law or to protect our rights

5. Data Security

We implement appropriate technical and organisational measures to protect your data, including:

  • Encryption of data in transit (TLS/HTTPS) and at rest
  • Secure password hashing (Werkzeug/PBKDF2)
  • Optional two-factor authentication (TOTP) for account access
  • reCAPTCHA protection on authentication forms
  • Regular security assessments
  • Access controls and authentication
  • Secure OAuth 2.0 connections for third-party integrations

6. Data Retention

We retain your data for as long as your account is active or as needed to provide our services. Invoice data is retained to allow you to access historical records. If you delete your account, we will delete or anonymise your data within 90 days, except where retention is required for legal purposes.

7. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Deletion: Request deletion of your data
  • Portability: Receive your data in a portable format
  • Objection: Object to certain processing of your data
  • Withdraw Consent: Where processing is based on consent

To exercise these rights, contact us at support@gozappify.com.

8. Cookies

We use essential cookies to operate our service (e.g., session management, authentication). We do not use third-party tracking or advertising cookies. Google reCAPTCHA may set cookies as part of its bot detection functionality.

9. Children's Privacy

Our service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

10. International Data Transfers

Your data may be processed in countries outside your jurisdiction, including the United States (for cloud hosting and AI processing services). We ensure appropriate safeguards are in place for any international transfers in compliance with applicable data protection laws.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through a notice on our service. Continued use of the service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

GoZappify

Email: support@gozappify.com