← Back to ClearInvoice

Privacy Policy

Last updated: May 2026

1. Who we are

ClearInvoice is operated by Andrew McManis, trading from Plymouth, UK ("we", "us", "our"). We are the data controller for personal data processed through this service. For privacy enquiries contact us at privacy@clearinvoice.co.uk.

2. What data we collect

We collect the following categories of personal data:

  • Account data: your email address, name, and password (stored as a bcrypt hash via Supabase Auth).
  • Business profile: business name, address, phone number, bank account details (sort code and account number), and VAT number if applicable.
  • Client and invoice data: names, email addresses, and postal details of your clients; invoice line items, amounts, and dates you enter into the service.
  • Payment data: billing information managed by Stripe. We do not store card numbers — Stripe handles all payment card data.
  • Usage data: pages visited, features used, and error logs collected to improve the service.

3. Legal basis for processing

Under UK GDPR we process your data on the following bases:

  • Contract performance: account data, business profile, and invoice data are processed to deliver the service you have signed up for.
  • Legitimate interests: usage data is processed to detect fraud, fix bugs, and improve ClearInvoice.
  • Legal obligation: we retain certain transactional records as required by UK law.

4. Third-party processors

We share data with the following processors only to the extent necessary to provide the service:

ProcessorPurposeLocation
SupabaseDatabase and authenticationEU (Ireland)
StripePayment processing and billingEU / UK
ResendTransactional email deliveryEU
AnthropicAI writing features (quote text, payment reminders)USA

When data is transferred outside the UK (Anthropic), we rely on adequacy decisions or standard contractual clauses as the transfer mechanism.

5. Data retention

We retain your account and invoice data for as long as your account is active. If you delete your account, your personal data is permanently deleted within 30 days, except where we are required by law to retain records for longer (for example, financial records which may be retained for up to 7 years under UK tax legislation).

6. Cookies

ClearInvoice uses only strictly necessary session cookies to keep you signed in. We do not use advertising or analytics cookies from third parties.

7. Your rights

Under UK GDPR you have the right to:

  • Access: request a copy of the personal data we hold about you.
  • Rectification: ask us to correct inaccurate or incomplete data.
  • Erasure: ask us to delete your personal data ("right to be forgotten").
  • Portability: receive your data in a structured, machine-readable format.
  • Restriction: ask us to limit how we process your data in certain circumstances.
  • Object: object to processing based on legitimate interests.

To exercise any of these rights, email privacy@clearinvoice.co.uk. We will respond within 30 days.

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

8. Changes to this policy

We may update this policy from time to time. We will notify you of material changes by email or by displaying a notice in the app. Continued use of ClearInvoice after the update constitutes acceptance of the revised policy.

9. Contact

ClearInvoice · Plymouth, UK
Privacy enquiries: privacy@clearinvoice.co.uk