1. Introduction
Welcome to CloudCeipt (“we,” “our,” “us”). We respect your privacy. This Policy explains how we collect, use, store, and share information when you use our website, web app, WhatsApp AI Receipt Assistant, and related services (collectively, the “Services”). By using the Services, you agree to this Policy.
2. Information We Collect
2.1 Information you provide
- Account: Name, email address, password, WhatsApp number, company details.
- Uploads: Receipt images, bank statements, registration documents, and files for processing.
- Billing: If/when you subscribe, payment details are handled by payment processors (e.g., PayFast).
- Communications: Emails, WhatsApp and in-app messages.
2.2 Collected automatically
- Usage: Page views, clicks, timestamps, feature usage.
- Device/Browser: IP address, device type, OS, browser.
- Cookies/SDKs: Session cookies for auth; analytics for performance insights.
2.3 From third parties
- WhatsApp API: Your number, message content, and media when you send receipts.
- Analytics Providers: Aggregated, non-identifying metrics to improve the Services.
3. How We Use Information
- Deliver the Service: Process/store receipts, generate insights, dashboards, and reports.
- Security & Fraud Prevention: Verify accounts, detect duplicates, monitor abuse.
- Improve & Support: Diagnose issues, analyze usage, enhance features.
- Billing & Subscriptions: Manage plans, payments, and invoices (when enabled).
- Communications: Account notices, product updates, and relevant offers.
4. How We Share Information
We do not sell your personal information. We share it only with:
- Service Providers: Cloud hosting & Applied AI Services (Azure), analytics (MongoDB), email delivery (GO DADDY), support tools, and payment processors (Payfast, Peach).
- Legal/Compliance: When required by law, regulation, or valid request.
- Business Transfers: In a merger, acquisition, or asset sale, we will provide notice before transfer.
5. Data Storage, Security & Retention
- Transport security: TLS/SSL for data in transit.
- Storage: Receipt images in Azure Storage services; metadata in MongoDB with access controls.
- Access controls: Role-based and least-privilege principles.
- Retention: We keep data while your account is active or as needed for Services and legal purposes. System logs may be retained for up to 12 months; backups may persist up to 90 days.
6. Your Rights
Subject to applicable law (including POPIA and GDPR), you may:
- Request access to your data;
- Request correction of inaccurate data;
- Request deletion (where legally permissible);
- Object to or restrict certain processing;
- Request portability of your data;
- Withdraw consent where processing relies on consent.
Contact: support@cloudceipt.com.
7. Cookies & Tracking
We use session cookies for authentication and preferences, and analytics cookies to understand performance. You may control cookies in your browser; some features may not function if you disable them.
8. POPIA, GDPR & International Transfers
CloudCeipt is South Africa-focused and aims to comply with the Protection of Personal Information Act, 2013 (“POPIA”). For users in the EEA/UK, we rely on lawful bases such as performance of a contract, legitimate interests, legal obligation, and consent (where required). Your data may be transferred to countries with different protections; we apply appropriate safeguards where applicable.
9. Children
Our Services are not intended for individuals under 18. We do not knowingly collect data from minors. If you believe a minor has provided data, contact us to delete it.
10. Changes to This Policy
We may update this Policy from time to time. Material changes will be communicated via email or in-app notice with a clear effective date.
11. Contact Us
Questions or requests? Email support@cloudceipt.com.