Privacy Policy

Simply Invoicing ("we", "us", "our") is committed to protecting your privacy and ensuring you have a safe experience on our website and when using our invoicing software (the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect personal data.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy applies to website visitors, registered users, and anyone whose personal data is processed within the Service.

This includes customer details stored in your dashboard and invoice data shared with customers via invoice access or delivery links.

We collect information to provide and improve the Service. Account information includes your name, email address, business name, business address (if provided), and login credentials. Passwords are stored securely using hashing.

You may enter or upload invoice and business data such as customer details, line items, payment records, and invoice history. Invoices are stored in your dashboard and may be shared with customers through view or download links.

We also collect usage data such as IP address, browser type, pages visited, and device information, as well as communication data when you contact us for support.

We use personal data to operate and improve the Service. This includes creating and managing user accounts, storing invoices in your dashboard, and enabling invoice access for customers.

Data is also used for billing and subscription management, sending service communications, and responding to support requests.

Additionally, we process data for analytics, security monitoring, fraud prevention, and compliance with legal obligations.

We process personal data only when a lawful basis applies under UK GDPR. This includes processing necessary to perform our contract with you and provide the Service.

Some processing is required to comply with legal obligations, such as accounting or tax-related record keeping.

We may also rely on legitimate interests for security, fraud prevention, and service improvement, or consent where required for cookies and marketing communications.

We may share personal data with trusted service providers such as hosting providers, email services, analytics tools, and customer support platforms that help us operate the Service.
Payment information may be shared with Stripe and PayPal for subscription billing and (where enabled) for processing invoice payments made by your customers.

We do not sell personal data to third parties for marketing purposes.

We implement reasonable technical and organisational measures to protect personal data. This includes HTTPS encryption, access controls, and operational security procedures.

We monitor systems for suspicious activity and maintain incident response processes. Regular backups are maintained to reduce the risk of data loss.

Despite our efforts, no system can be guaranteed to be completely secure.

Under UK GDPR, you have rights including access to your personal data, correction of inaccurate information, and deletion in certain circumstances.

You may also request restriction of processing, data portability where applicable, and object to processing based on legitimate interests.

Requests can be made using the contact details in this policy. We aim to respond within 30 days.

We use cookies and similar technologies to support essential functionality and improve the Service.

Essential cookies are required for login, security, and core features. Analytics cookies help us understand usage and improve performance where consent is required.

Further details are available in our Cookie Policy.

We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy.

Data is retained for the duration of active accounts and any contractual relationship. Billing records may be retained as required by law.

When accounts are deleted, data is typically removed within 30 days unless legal retention obligations apply.

If you have questions about this Privacy Policy or wish to exercise your data protection rights, you can contact us via email at legal@simplyinvoicing.co.uk.

Our postal address is Simply Invoicing, London, United Kingdom.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO).

When processing account registration, billing, service communications, and website analytics, Simply Invoicing acts as a data controller.

When you store customer details and invoice data in the Service, you are generally the controller and we act as a processor on your behalf.

If required, a Data Processing Agreement (DPA) can be provided upon request.

Subscription payments are processed by Stripe and PayPal. We do not store full card details or sensitive payment information.

We receive limited payment data such as transaction status, subscription state, and billing identifiers.

Payment processing is also subject to the privacy policies of Stripe and PayPal.

Some service providers may process personal data outside the United Kingdom.

Where required, we use appropriate safeguards such as the UK International Data Transfer Agreement (IDTA) and contractual protections.

You may contact us for further details regarding international data transfers.

We send essential service emails such as security alerts, billing confirmations, and platform updates.

Marketing communications may be sent where permitted, and you can opt out at any time using the unsubscribe link.

We do not send marketing emails without a lawful basis.

The Service is not intended for children under the age of 18.

We do not knowingly collect personal data from children.

If you believe a child has provided data to us, please contact us so we can take appropriate action.

We do not use automated decision-making or profiling that produces legal or similarly significant effects.

Basic automated checks may be used for security, fraud prevention, and abuse detection.

These checks are designed to protect the Service rather than make decisions about individuals.

If you have any questions about these Terms of Use, please contact us at: