Privacy Policy

At Reconily, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services.

1. Information We Collect

1.1 Information You Provide

We collect information that you voluntarily provide to us:

• Account Information: Name, email address, company name, and password
• Payment Information: Credit card details, billing address (processed securely through Stripe)
• Bank Statements: Uploaded PDF files or photos of bank statements
• QuickBooks Data: Transaction data accessed through your authorized QuickBooks Online account
• Communications: Emails, support tickets, and feedback you send to us

1.2 Automatically Collected Information

When you use Reconily, we automatically collect:

• Device Information: Device type, operating system, unique device identifiers
• Usage Data: App features used, time spent, reconciliation history
• Log Data: IP address, browser type, access times, pages viewed
• Location Data: General location based on IP address (not precise geolocation)

1.3 Third-Party Data

We receive data from:

• QuickBooks Online: Transaction data, company information, account details (with your authorization)
• Analytics Providers: Usage statistics and performance metrics

2. How We Use Your Information

We use your information to:

2.1 Provide Services

• Process and reconcile your bank statements with QuickBooks data
• Generate reconciliation reports and identify discrepancies
• Maintain and improve our OCR and matching algorithms
• Provide customer support and respond to inquiries

2.2 Business Operations

• Process payments and manage subscriptions
• Send transactional emails (receipts, account updates, security alerts)
• Analyze usage patterns to improve our services
• Detect and prevent fraud, abuse, and security incidents
• Comply with legal obligations

2.3 Communications (With Your Consent)

• Send newsletters and product updates
• Notify you about new features
• Conduct surveys and request feedback

You can opt out of marketing communications at any time.

3. How We Share Your Information

We do not sell your personal information to third parties.

We may share your information with:

3.1 Service Providers

• Cloud Hosting: Amazon Web Services (AWS) for secure data storage
• Payment Processing: Stripe for payment processing
• Analytics: Google Analytics for usage analytics
• Customer Support: Zendesk for support ticket management
• Email Services: SendGrid for transactional emails

All service providers are contractually obligated to protect your data and use it only for specified purposes.

3.2 Business Transfers

If Reconily is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you via email and/or prominent notice in the App before your information becomes subject to a different privacy policy.

3.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal processes (subpoenas, court orders)
• Requests from law enforcement or government agencies
• Protection of our rights, property, or safety
• Emergency situations involving danger to persons

4. Data Security

We implement comprehensive security measures to protect your information:

4.1 Technical Safeguards

• Encryption in Transit: All data transmitted using TLS 1.3 encryption
• Encryption at Rest: AES-256 encryption for stored data
• Secure Authentication: OAuth 2.0 for QuickBooks, bcrypt for passwords
• Access Controls: Role-based access with principle of least privilege
• Regular Security Audits: Quarterly penetration testing and vulnerability assessments

4.2 Organizational Safeguards

• SOC 2 Type II compliance
• Employee security training
• Incident response procedures
• Data breach notification protocols

4.3 Data Retention

We retain your data only as long as necessary:

• Bank Statements: Processed immediately, not stored permanently (deleted within 30 days)
• Reconciliation Reports: Retained for the duration of your subscription plus 90 days
• Account Information: Retained while your account is active plus 2 years for legal compliance
• Payment Records: Retained for 7 years for tax compliance

5. Your Privacy Rights

5.1 General Rights

You have the right to:

• Access: Request a copy of your personal information
• Correction: Update inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Data Portability: Receive your data in a machine-readable format
• Objection: Object to certain data processing activities
• Restriction: Request restriction of processing in certain circumstances

5.2 California Residents (CCPA)

If you are a California resident, you have additional rights:

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of the sale of personal information (we do not sell data)
• Right to non-discrimination for exercising CCPA rights

5.3 European Residents (GDPR)

If you are in the European Economic Area, you have rights under GDPR:

• Right to withdraw consent at any time
• Right to lodge a complaint with a supervisory authority
• Right to be informed about data processing

5.4 Exercising Your Rights

To exercise any of these rights, contact us at privacy@reconily.com. We will respond within 30 days.

6. QuickBooks Data

6.1 Authorization

When you connect Reconily to QuickBooks Online, you authorize us to access your QuickBooks data through Intuit's OAuth 2.0 protocol. You can revoke this authorization at any time through:

• QuickBooks Online settings → Apps → Manage apps
• Reconily app settings → Disconnect QuickBooks

6.2 Data Usage

We access only the QuickBooks data necessary for reconciliation:

• Purchase transactions
• Deposit transactions
• Account information
• Company name and ID

6.3 Intuit's Privacy Policy

Your QuickBooks data is also subject to Intuit's Privacy Policy. We recommend reviewing it at https://www.intuit.com/privacy/

7. Cookies and Tracking

We use cookies and similar technologies:

7.1 Types of Cookies

• Essential Cookies: Required for the App to function (session management, authentication)
• Analytics Cookies: Help us understand how you use the App
• Preference Cookies: Remember your settings and preferences

7.2 Cookie Management

You can control cookies through your browser settings. Note that disabling certain cookies may affect App functionality.

8. Children's Privacy

Reconily is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at privacy@reconily.com.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from your jurisdiction.

When we transfer data internationally, we use:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions where applicable
• Other legally approved transfer mechanisms

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy in the App
• Sending an email to your registered address
• Displaying a prominent notice in the App

Changes become effective when posted. Your continued use of Reconily after changes are posted constitutes acceptance of the updated Privacy Policy.

11. Third-Party Links

The App may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

13. Compliance Certifications

Reconily maintains the following compliance standards:

• SOC 2 Type II: Annual audits of security controls
• GDPR: Compliant with EU data protection regulations
• CCPA: Compliant with California privacy requirements
• Intuit App Certification: Meets Intuit's security and privacy standards