Privacy Policy - Easy Bank Convert

Privacy First: We never store your bank statements or personal financial data. All processing is done in-memory and files are automatically deleted after conversion.

1. Introduction

Easy Bank Convert ("we," "our," or "us") is committed to protecting your privacy and the confidentiality of your financial information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our bank statement conversion service.

2. Information We Collect

Personal Information You Provide

We collect information you voluntarily provide when you:

Create an account (name, email address)
Subscribe to premium services (billing information processed by Stripe)
Contact us for support (name, email, message content)
Sign up for notifications or updates

Financial Document Processing

Important: While you upload bank statements for conversion, we do NOT permanently store these documents. Files are processed in-memory only and automatically deleted immediately after conversion.

Automatically Collected Information

Usage data (pages visited, features used, conversion statistics)
Device information (browser type, operating system, IP address)
Log data (access times, error logs, performance metrics)
Cookies and similar tracking technologies

3. Legal Basis for Processing (GDPR/CPRA)

We process your personal data based on the following legal grounds:

GDPR Legal Basis

Contract Performance (Art. 6(1)(b)): Processing files, managing your account, providing the conversion service
Legitimate Interest (Art. 6(1)(f)): Service improvement, security monitoring, fraud prevention, anonymous analytics
Consent (Art. 6(1)(a)): Marketing emails, optional cookies, newsletter subscriptions
Legal Obligation (Art. 6(1)(c)): Tax records, payment processing compliance, data breach notifications

4. How We Use Your Information

We use collected information for the following purposes:

Service Provision

Process and convert your bank statement files
Provide download links for converted files
Manage your user account and subscription
Enforce usage limits and rate limiting

Communication

Send service-related notifications and updates
Respond to customer support inquiries
Send welcome emails and password reset instructions
Notify you of login activities for security purposes

Service Improvement

Analyze usage patterns to improve our service
Debug technical issues and optimize performance
Develop new features based on user needs
Ensure service security and prevent abuse

5. Data Processing and Security

No Permanent Storage

Your bank statements are never permanently stored. Our processing pipeline:

You upload a PDF file
We process it in-memory using secure servers
Converted files are temporarily available for download
All files are automatically deleted within 1 hour

Security Measures

Encryption in Transit: All data transmission uses TLS/SSL encryption
Secure Processing: Files are processed on secure, isolated servers
Access Controls: Strict access controls limit who can access systems
Regular Audits: Security practices are regularly reviewed and updated
Automatic Deletion: Temporary files are automatically purged

Third-Party Processing

Payment Processing: Stripe handles all payment information securely
Email Services: BuiltWithHeart processes transactional emails
Document Processing: Advanced parsing is performed using secure AI services

6. Information Sharing and Disclosure

🔒 CPRA Disclosure: No Sale of Personal Information

We do not sell, rent, or share your personal information for monetary consideration.We have not sold personal information in the past 12 months and do not plan to do so in the future.

We do not sell, trade, or rent your personal information to third parties.

We may disclose your information only in the following circumstances:

Service Providers: To trusted third parties who assist in operating our service (payment processing, email delivery)
Legal Requirements: When required by law, regulation, or court order
Business Protection: To protect our rights, privacy, safety, or property
Business Transfer: In connection with a merger, acquisition, or sale of assets (with notification)

7. Data Retention

Retention Periods

Bank Statements: Immediately deleted after processing (never stored)
Converted Files: Available for 1 hour, then automatically deleted
Account Data: Retained while your account is active
Usage Logs: Retained for 90 days for security and debugging
Support Communications: Retained for 2 years for service improvement

8. Your Privacy Rights (GDPR & CPRA)

Under GDPR and CPRA, you have comprehensive rights regarding your personal information:

✅ How to Exercise Your Rights

Export Your Data: Account → Export My Data

Delete Account: Account → Delete Account

Cookie Preferences: Manage Cookie Settings

Email Support: privacy@easybankconvert.com

GDPR Rights (EU Residents)

Right to Access (Art. 15): Request a copy of your personal data we hold
Right to Rectification (Art. 16): Correct inaccurate or incomplete data
Right to Erasure (Art. 17): Request deletion of your personal data
Right to Portability (Art. 20): Receive your data in a machine-readable format
Right to Restrict Processing (Art. 18): Limit how we use your data
Right to Object (Art. 21): Object to processing based on legitimate interests
Right to Withdraw Consent: Withdraw consent for marketing or cookies anytime

CPRA Rights (California Residents)

Right to Know: What personal information we collect and how it's used
Right to Delete: Request deletion of your personal information
Right to Correct: Request correction of inaccurate personal information
Right to Opt-Out: Opt-out of sale or sharing of personal information
Right to Limit: Limit use of sensitive personal information
Right to Non-Discrimination: Equal service regardless of exercising rights

Response Times

Data Export: Immediate (available via account dashboard)
Account Deletion: 30-day grace period, then permanent deletion
Data Correction: Updated immediately in your account settings
Other Requests: 30 days maximum response time (usually within 5 business days)

9. Cookies and Tracking

We use cookies and similar technologies to:

Remember your login state and preferences
Analyze site usage and improve user experience
Prevent abuse and ensure security
Provide personalized content

You can control cookies through your browser settings. Note that disabling cookies may affect service functionality.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information during such transfers, in accordance with applicable data protection laws.

11. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "last updated" date. Your continued use of the Service after such changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy, your personal information, or our privacy practices, please contact us:

Easy Bank Convert - Privacy Team
Email: privacy@easybankconvert.com
Support: support@easybankconvert.com
Contact Form: www.easybankconvert.com/contact

14. Data Protection Authority

If you are located in the European Economic Area, you have the right to lodge a complaint with your local data protection authority if you believe we have not complied with applicable data protection laws.