Privacy Policy

1. Introduction

Welcome to BankBytes ("we," "our," or "us"). We are committed to protecting your privacy and securing your personal and financial information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at bankbytes.io or use our bank statement conversion services.

BankBytes provides AI-powered bank statement conversion services, transforming PDF bank statements into structured formats like CSV, Excel, and QuickBooks. We understand the sensitive nature of financial data and have implemented enterprise-grade security measures to protect your information.

2. Information We Collect

2.1 Personal Information

We collect personal information that you voluntarily provide to us, including:

• Contact Information

  Name, email address, phone number, postal address

• Account Information

  Username, password, billing information, subscription preferences

• Professional Information

  Company name, job title, business address (for business accounts)

2.2 Financial Document Data

When you upload bank statements for conversion, we temporarily process:

• Transaction Details

  Date, description, amount, transaction type, account balances

• Account Information

  Bank name, account numbers (masked for security), statement dates

2.3 Technical Information

We automatically collect technical information to improve our services:

• Usage Data

  IP address, browser type, device information, pages visited, time spent

• Performance Data

  Error logs, processing times, feature usage statistics

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Provision

• • Process and convert your bank statements to requested formats
• • Maintain your account and provide customer support
• • Enable data export and download functionality
• • Process payments and manage subscriptions

3.2 Service Improvement

• • Analyze usage patterns to improve our AI processing algorithms
• • Develop new features and enhance existing functionality
• • Monitor and improve system performance and security

3.3 Communication

• • Send service updates, security alerts, and support messages
• • Provide customer support and respond to inquiries
• • Send marketing communications (with your consent)

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following limited circumstances:

4.1 Service Providers

We work with trusted third-party service providers who assist us in operating our business:

• • Cloud hosting providers (AWS, Google Cloud) with strict data processing agreements
• • Payment processors (Stripe) for secure payment handling
• • Analytics providers (with anonymized data only)
• • Customer support tools (with encrypted data transmission)

4.2 Legal Requirements

We may disclose your information when required by law or to:

• • Comply with legal obligations, court orders, or regulatory requests
• • Protect our rights, property, or safety, or that of our users
• • Prevent fraud, security breaches, or illegal activities

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction. We will notify you of any such change in ownership or control.

5. Data Security

We implement industry-leading security measures to protect your information:

5.1 Encryption and Security

• AES-256 Encryption

  All data encrypted in transit (TLS 1.3) and at rest

• Secure Infrastructure

  SOC 2 Type II certified cloud infrastructure

• Access Controls

  Multi-factor authentication and role-based access

5.2 Data Processing Security

• • Secure processing environments with isolated containers
• • Automatic document deletion after processing completion
• • Regular security audits and penetration testing
• • Employee security training and background checks

6. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

6.1 General Rights

• Access

  Request a copy of the personal information we hold about you

• Correction

  Request correction of inaccurate or incomplete information

• Deletion

  Request deletion of your personal information

• Portability

  Request transfer of your data to another service

6.2 GDPR Rights (EU/UK Residents)

If you are located in the European Union or United Kingdom, you have additional rights under GDPR:

• • Right to object to processing based on legitimate interests
• • Right to restrict processing in certain circumstances
• • Right to withdraw consent for marketing communications
• • Right to lodge a complaint with your local data protection authority

6.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

7. Data Retention

We retain your information only for as long as necessary to provide our services and comply with legal obligations:

7.1 Financial Document Data

• • Free Plan: Documents deleted after 3 months
• • Premium Plan: Documents deleted after 6 months
• • Pro Plan: Documents deleted after 12 months
• • Anonymous Processing: Documents deleted immediately after conversion

7.2 Account Information

• • Active accounts: Retained while account is active
• • Inactive accounts: Deleted after 2 years of inactivity
• • Billing records: Retained for 7 years for accounting purposes

8. International Data Transfers

BankBytes is based in the United States. If you are located outside the US, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

We ensure adequate protection for international transfers through:

• • Standard Contractual Clauses (SCCs) approved by the European Commission
• • Data Processing Agreements with all service providers
• • Compliance with applicable data transfer regulations

9. Children's Privacy

Our services are not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@bankbytes.io.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

• • Update the 'Last Updated' date at the top of this policy
• • Notify you via email for material changes (if you have an account)
• • Post a notice on our website for significant updates
• • Provide 30 days notice for changes that materially affect your rights

We encourage you to review this Privacy Policy periodically to stay informed about our privacy practices.

11. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us: