π‘οΈ YOUR PRIVACY RIGHTS
You have comprehensive rights over your personal and financial data. Access, export, correct, or delete your information at any time. We're committed to transparency and user control with enterprise-grade security.
1. Privacy Overview
At Luxira Business Bookkeeping Platform, privacy is not an afterthoughtβit's fundamental to our design. This Privacy Policy explains how we collect, use, protect, and share your personal and financial information when you use our business bookkeeping automation platform.
2. Information We Collect
We collect the following categories of information to provide our financial intelligence services:
π€ Account & Profile Data
- Name, email, phone number
- Profile preferences & settings
- Authentication credentials
- Account verification information
π¦ Financial Information
- Bank account details (via Plaid)
- Transaction history & patterns
- Receipt data & images
- Tax categorizations & preferences
π Usage & Analytics
- App interaction patterns
- Feature usage statistics
- Device & browser information
- Performance metrics
π€ AI Processing Data
- ML model inputs & outputs
- AI interaction logs
- Training data (anonymized)
- User feedback & corrections
3. How We Use Your Data
We use your information solely to provide and improve our bookkeeping services:
- Service Provision: Process receipts, categorize expenses, generate financial insights
- AI Enhancement: Improve AI model accuracy through anonymized training data
- Personalization: Customize dashboards and recommendations for your needs
- Security & Fraud Prevention: Detect unusual patterns and protect your account
- Customer Support: Respond to inquiries and provide technical assistance
- Legal Compliance: Meet regulatory requirements and tax obligations
4. AI & Machine Learning Processing
π€ AI Processing Transparency
Purpose: AI processes your financial data to provide receipt categorization, expense insights, and financial recommendations.
Third-Party AI: We use industry-leading AI services with strict data processing agreements that prohibit using your data for model training.
Data Anonymization: Sensitive financial data is anonymized or pseudonymized before AI processing whenever possible.
Opt-Out Available: You can disable AI processing in your account settings while maintaining access to core platform features.
5. Financial Data Handling
Your financial data receives comprehensive protection through our enterprise-grade security framework:
- π Banking Connections: Bank-level security with read-only access to transaction data through certified providers
- π‘οΈ Data Encryption: Military-grade encryption at rest and in transit with advanced security protocols
- ποΈ Secure Storage: Enterprise-grade infrastructure with geographic data residency options
- ποΈ Access Controls: Advanced security architecture with role-based access and comprehensive audit logging
- π Security Practices: Regular security assessments and penetration testing
6. Data Sharing & Third Parties
We do not sell your personal data. We share information only with:
Service Providers
- Banking Data: Secure bank data aggregation with bank-level encryption
- AI Processing: AI services with strict no-training agreements
- Payment Processing: Secure payment processing with industry standards
- Database Hosting: Enterprise-grade database hosting with security controls
- Analytics: Privacy-compliant analytics (anonymized data only)
Legal Requirements
We may disclose information if required by law, regulation, court order, or to protect rights and safety.
7. Data Security & Protection
We implement multiple layers of security to protect your data:
- Encryption: End-to-end encryption for all data transmission and storage
- Access Controls: Multi-factor authentication and role-based permissions
- Monitoring: 24/7 security monitoring and threat detection
- Auditing: Regular security audits and compliance monitoring
- Incident Response: Comprehensive breach response plan with user notification procedures
8. Your Privacy Rights
π‘οΈ COMPREHENSIVE USER RIGHTS
ποΈ Right to Access: Request and receive a copy of all personal data we hold about you
βοΈ Right to Rectification: Correct any inaccurate or incomplete personal information
ποΈ Right to Deletion: Request complete deletion of your account and all associated data
π€ Data Portability: Export your data in machine-readable formats for transfer to other services
βΈοΈ Right to Restrict: Limit how we process your personal data while maintaining account access
π« Right to Object: Object to processing for marketing, profiling, or legitimate interests
9. International Users
For users worldwide, we are committed to implementing privacy-by-design principles:
- Data Minimization: We collect only data necessary for service provision
- Purpose Limitation: Data used only for specified, legitimate purposes
- Transparency: Clear information about how your data is processed
- User Control: Tools to manage, export, or delete your data
- Security: Industry-standard protections for your information
10. Data Protection Commitment
We are committed to providing strong data protection for all users:
- β Transparency about data collection
- β Clear disclosure of data sharing practices
- β No sale of personal information
- β User access to personal data
- β Equal service regardless of privacy choices
- β User-controlled data deletion
11. Data Retention & Deletion
We retain your data according to the following schedule:
- Active Accounts: Data retained while your account remains active
- Deleted Accounts: 30-day recovery period, then permanent deletion
- Financial Records: 7 years for tax-related data (as required by law)
- Security Logs: 1 year for fraud prevention and security monitoring
- Anonymized Data: May be retained indefinitely for research and service improvement
12. International Data Transfers
Your data may be processed in countries outside your residence. We ensure appropriate safeguards for international transfers:
- EU Standard Contractual Clauses for GDPR compliance
- Adequacy decisions by the European Commission
- Other legally recognized transfer mechanisms
- Data localization options for enterprise customers
13. Cookies & Tracking Technologies
We use cookies and similar technologies for:
- Essential: Authentication, session management, and security
- Analytics: Performance monitoring and usage statistics (via PostHog)
- Functional: User preferences and customization settings
- Security: Fraud prevention and threat detection
You can control cookie preferences in your browser settings and our privacy dashboard.
14. Children's Privacy Protection
Luxira is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18. If we discover such collection, we will immediately delete the information.
15. Data Breach Procedures
In the unlikely event of a data breach:
- Detection: Continuous monitoring systems detect potential breaches
- Response: Immediate containment and investigation within 24 hours
- Notification: Users notified within 72 hours (GDPR requirement)
- Remediation: Swift action to secure systems and prevent future incidents
- Transparency: Public incident reports when appropriate
16. Privacy Controls & Settings
Your privacy dashboard provides granular controls over:
- Data processing preferences and AI opt-out settings
- Marketing communication preferences
- Data sharing permissions with third-party integrations
- Account deletion and data export tools
- Privacy notification preferences
17. Security Practices
π‘οΈ Security Controls
Regular audits of security controls and processes
π Data Standards
Industry-standard data security practices
β Security Management
Comprehensive information security framework
π Data Protection
Privacy-focused data handling practices
18. Policy Updates & Changes
We may update this Privacy Policy to reflect changes in our practices or legal requirements. Material changes will be communicated through:
- Email notification to all registered users
- In-app notifications upon next login
- Updated "Last Modified" date at the top of this policy
- 30-day notice period for material changes affecting user rights
19. Contact & Privacy Support
π§ Privacy Questions
For privacy-related questions or requests about your data
Please contact us through your account settings or support channels
π Data Requests
Access, export, or deletion requests
Available through account settings and support