Privacy Policy

1. Introduction

Invoice Kwik ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our invoicing platform and services.

This policy applies to all users of Invoice Kwik, including businesses and their authorised users. By using our services, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when using our services:

• Account Information: Name, email address, company name, business address, phone number, and payment details
• Business Data: Customer information, invoice details, product/service information, and transaction records
• Communications: Information from your enquiries, support requests, and feedback

2.2 Automatically Collected Information

• Usage Data: IP address, browser type, device information, pages visited, and time spent on our platform
• Cookies: We use cookies and similar tracking technologies to improve user experience and analyse platform usage
• Log Data: Server logs, error reports, and system activity

3. How We Use Your Information

We use the collected information for the following purposes:

• To provide, maintain, and improve our invoicing services
• To process transactions and send invoices on your behalf
• To communicate with you about your account, updates, and support
• To detect, prevent, and address technical issues and fraud
• To comply with legal obligations and enforce our terms
• To analyse usage patterns and improve our platform
• To send marketing communications (with your consent)

4. Legal Basis for Processing (UK GDPR)

Under UK GDPR, we process your personal data based on:

• Contract Performance: Processing necessary to provide our services to you
• Legitimate Interests: Improving our services, fraud prevention, and system security
• Legal Obligation: Compliance with tax, accounting, and other legal requirements
• Consent: Marketing communications and optional features (you may withdraw consent at any time)

5. Data Sharing and Disclosure

We may share your information with:

• Service Providers: Third-party vendors who assist in providing our services (e.g., cloud hosting, payment processing)
• Business Partners: With your consent, to provide integrated services
• Legal Requirements: When required by law, court order, or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets

We do not sell your personal data to third parties. All third-party service providers are contractually obligated to protect your data.

6. Data Security

We implement appropriate technical and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication mechanisms
• Employee training on data protection

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations. Business records, including invoices, are retained for at least 6 years in accordance with UK tax law. You may request deletion of your account data, subject to our legal retention requirements.

8. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

• Right of Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data (subject to legal requirements)
• Right to Restriction: Limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for marketing or optional processing

To exercise these rights, please contact us using the details provided below.

9. Cookies

We use cookies and similar technologies to enhance your experience. You can control cookies through your browser settings. However, disabling cookies may affect the functionality of our platform.

10. International Data Transfers

Your data may be transferred to and processed in countries outside the UK. We ensure appropriate safeguards are in place, such as Standard Contractual Clauses, to protect your data in accordance with UK GDPR requirements.

11. Children's Privacy

Our services are intended for business use and not directed at children under 16. We do not knowingly collect personal data from children.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a prominent notice on our platform. Your continued use of our services after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

14. Supervisory Authority

You have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection: