Privacy Policy

1. Introduction

AI Bank Statement Converter (“we,” “our,” or “us”) respects your privacy and is committed to protecting your personal data. This privacy policy will inform you about how we look after your personal data when you visit our website and use our services, and tell you about your privacy rights and how the law protects you.

Please read this privacy policy carefully before using our services. By using AI Bank Statement Converter, you consent to the practices described in this policy.

2. Data We Collect

We collect and process different types of information when you use our services:

Special note about financial data: We process but do not store your financial documents or the extracted data beyond the time necessary to provide our conversion service. Your bank statements are processed in secure, isolated environments and are purged from our systems once processing is complete.

3. How We Use Your Data

We use the data we collect for the following purposes:

• To provide our service: Processing your bank statements to convert them to CSV format.
• To manage your account: Setting up and managing your account, processing payments, and communicating with you about your account or our services.
• To improve our service: Analyzing usage patterns and user feedback to enhance functionality and user experience.
• To ensure security: Monitoring and preventing fraud, unauthorized access, and other potential security issues.
• To comply with legal obligations: Meeting regulatory requirements and responding to legal requests or court orders.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason compatible with the original purpose.

4. Legal Basis for Processing

We process your personal data on the following legal grounds:

• Performance of a contract: Processing necessary to fulfill our contractual obligations to you, including providing our conversion service.
• Legitimate interests: Processing necessary for our legitimate interests, such as improving our services, preventing fraud, and ensuring the security of our platform.
• Consent: Where you have given explicit consent for specific processing activities.
• Legal obligation: Processing necessary to comply with legal requirements, such as tax and financial regulations.

5. Data Sharing and Recipients

We may share your personal data with the following categories of recipients:

• Service providers: Third-party vendors who perform services on our behalf, such as hosting, payment processing, and analytics. These providers are contractually obligated to protect your data and can only use it for specified purposes.
• Business partners: If you use integrated services, we may share data necessary for that integration to function.
• Legal authorities: When required by law, court order, or governmental regulation.
• Professional advisors: Such as lawyers, auditors, and insurers, where necessary for legal, compliance, or insurance purposes.

We do not sell your personal data to third parties under any circumstances.

6. International Data Transfers

We primarily process and store your data in the United States. If we transfer your data to service providers in other countries, we ensure appropriate safeguards are in place to protect your information, such as:

• Standard contractual clauses approved by the European Commission
• Binding corporate rules for transfers within our corporate group
• Privacy Shield certification (where applicable)
• Explicit consent (in limited circumstances)

By using our services, you consent to the transfer of your data to countries where we operate, which may have different data protection laws than your country of residence.

7. Data Security

We have implemented appropriate technical and organizational measures to protect your personal data, including:

• Encryption of sensitive data both in transit and at rest
• Secure, isolated processing environments for financial documents
• Regular security assessments and penetration testing
• Access controls and authentication requirements
• Staff training on data protection and security practices
• Incident response procedures

While we take reasonable steps to protect your data, no method of electronic storage or transmission is 100% secure. We encourage you to take precautions to protect your personal information online.

8. Cookie Policy

We use cookies and similar technologies to enhance your experience on our website. Cookies are small text files stored on your device that help us recognize you and remember certain information.

We use the following types of cookies:

• Essential cookies: Required for the operation of our website and services (e.g., for user authentication and security).
• Preference cookies: Enable the website to remember your preferences and customize your experience.
• Analytics cookies: Help us understand how visitors interact with our website by collecting and reporting information anonymously.
• Marketing cookies: Used to track visitors across websites to display relevant advertisements.

You can control cookies through your browser settings to refuse all or some cookies or to alert you when websites set or access cookies. However, if you disable or refuse cookies, some parts of our website may become inaccessible or not function properly.

9. Your Data Protection Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: The right to request copies of your personal data.
• Rectification: The right to request correction of inaccurate personal data.
• Erasure: The right to request deletion of your personal data in certain circumstances.
• Restriction: The right to request the limiting of processing of your personal data.
• Data portability: The right to request the transfer of your data to another organization or directly to you.
• Objection: The right to object to processing of your personal data in certain circumstances.
• Withdraw consent: The right to withdraw consent where we rely on consent to process your data.

To exercise any of these rights, please contact us using the information provided in the “Contact Us” section. We will respond to all legitimate requests within one month.

10. Children’s Privacy

Our services are not intended for children under 16 years of age, and we do not knowingly collect personal data from children. If we learn that we have collected personal data from a child without verification of parental consent, we will delete that information as quickly as possible.

If you believe we might have inadvertently collected data from a child, please contact us immediately.

11. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the updated policy on our website with a new “Last Updated” date.

We encourage you to review this policy periodically to stay informed about how we protect your information.

12. Contact Us

If you have questions, concerns, or requests regarding this privacy policy or our data practices, please contact us:

For users in the European Union, you also have the right to lodge a complaint with your local data protection authority if you believe we have not complied with applicable data protection laws.