Privacy Policy
Last Updated: November 16, 2025
Introduction
Welcome to PineBill. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you use our invoice management and PDF generation platform.
By using PineBill, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.
Information We Collect
Account Information
When you create an account, we collect:
- Name and email address
- Password (encrypted and hashed)
- Profile picture (optional)
- Authentication data from third-party providers (Google OAuth)
Organization & Business Data
To provide our invoice management services, we collect:
- Organization details (company name, address, email, phone)
- Company logo and branding materials
- Invoice settings and preferences
- Customer information (names, addresses, contact details)
- Product and service catalogs
- Invoice data (amounts, dates, descriptions, payment methods)
- Employee records (names, positions, contact information)
Usage Data & Analytics
We automatically collect certain information about your usage:
- API usage logs (endpoints accessed, request methods, response codes)
- IP addresses and user agent information
- Usage metrics (number of invoices, API calls, storage usage)
- Session data and authentication logs
- Feature usage patterns and preferences
File Storage Data
Our Vault feature stores:
- Uploaded files and documents
- File metadata (names, sizes, types, upload dates)
- Folder structures and organization
- File access logs and sharing permissions
How We Use Your Information
We use the collected information for the following purposes:
- Service Provision: To provide, maintain, and improve our invoice generation and management services
- Account Management: To create and manage your account, authenticate users, and provide customer support
- Payment Processing: To process subscription payments and manage billing through our payment partner Polar.sh
- Communication: To send service-related emails, password resets, and important updates
- Security: To protect against fraud, abuse, and security threats using reCAPTCHA and other security measures
- Analytics: To understand how our service is used and improve user experience
- Legal Compliance: To comply with legal obligations and enforce our Terms of Service
Third-Party Services
We use the following third-party services to operate PineBill:
Authentication
- Google OAuth: For optional sign-in with Google accounts. See Google's Privacy Policy
Payment Processing
- Polar.sh: Handles subscription management and payment processing. See Polar's Privacy Policy
Storage & Infrastructure
- Cloudflare R2: Secure file storage for uploaded documents and generated PDFs
Security & Anti-Spam
- Google reCAPTCHA v3: Protects against spam and abuse. See Google's Privacy Policy
Email Services
- SMTP Provider: For sending transactional emails (password resets, notifications)
Cookies & Tracking Technologies
We use cookies and similar tracking technologies to enhance your experience:
Essential Cookies
- Session Cookies: Required for authentication and security
- Security Tokens: CSRF protection and API authentication
Preference Cookies
- Theme Preferences: Remember your light/dark mode selection
- User Settings: Store your interface preferences
Analytics (Future)
We may implement analytics tools (such as Google Analytics 4) in the future to better understand how users interact with our service. We will update this policy and provide appropriate controls before implementing such tools.
Your Privacy Rights
Under GDPR and other privacy laws, you have the following rights:
- Right to Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate or incomplete data
- Right to Erasure: Request deletion of your personal data
- Right to Data Portability: Receive your data in a portable format
- Right to Restrict Processing: Limit how we use your data
- Right to Object: Object to certain data processing activities
- Right to Withdraw Consent: Withdraw consent for data processing at any time
To exercise these rights, please contact us at support@pinebill.com. We will respond to your request within 30 days.
Data Security
We implement industry-standard security measures to protect your data:
- Encryption of data in transit using HTTPS/TLS
- Password hashing using bcrypt
- Secure authentication with JWT tokens
- Regular security audits and updates
- Access controls and role-based permissions
- Secure file storage infrastructure with Cloudflare R2, by default all files are stored in non-public buckets so only authorized users can access them.
However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
Data Retention
We retain your personal data for as long as necessary to provide our services and comply with legal obligations:
- Active Accounts: Data is retained while your account is active
- Deleted Accounts: Most data is deleted within 30 days of account deletion
- Legal Requirements: Some data may be retained longer for legal, tax, or audit purposes
- API Logs: Usage logs are retained for security and debugging purposes (typically 90 days)
International Data Transfers
Your data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your data, including using Standard Contractual Clauses where applicable.
Children's Privacy
PineBill is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us, and we will take steps to delete such information.
Changes to This Privacy Policy
We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by email or through a prominent notice on our website. The "Last Updated" date at the top of this policy indicates when it was last revised.
Contact Us
If you have questions about this privacy policy or our data practices, please contact us:
Email: support@pinebill.com
Service Name: PineBill
Related: Terms of Service