Privacy Policy

SayPaid

Last Updated: February 12, 2026

1. Introduction

Welcome to SayPaid ("we," "our," or "the App"). SayPaid is designed to help contractors, tradespeople, and small business owners quickly generate professional PDF invoices from voice notes. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our mobile application.

By using SayPaid, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use the App.

2. Information We Collect

2.1 Information You Provide

  • Account Information: When you sign in using Google Sign-In or Apple Sign-In, we collect your name, email address, and profile picture provided by these authentication services.
  • Business Profile: Company name, business address, phone number, email, payment instructions (e.g., bank details, IBAN), and optionally a business logo.
  • Invoice Data: Client names, job locations, service descriptions, pricing details, quantities, dates, and other information you include when creating invoices.
  • Tax Settings: Tax rates and configurations you set up for your invoices.

2.2 Audio Recordings

Important Notice: When you use the voice recording feature, your audio files are temporarily processed to extract invoice information. Audio recordings are:
  • Stored temporarily on your device during recording
  • Sent to Google Gemini AI for processing (see Section 2.4)
  • Not permanently stored on our servers after processing is complete
  • Automatically deleted from temporary storage after invoice creation

2.3 Automatically Collected Information

  • Device Information: Device type, operating system version, unique device identifiers, and mobile network information.
  • Usage Data: App features used, invoice creation statistics, subscription status, and app interaction patterns.
  • Crash Reports: Technical diagnostics and crash logs collected via Firebase Crashlytics to improve app stability.
  • Analytics: Anonymized usage patterns collected via Firebase Analytics to understand how the app is used and to improve user experience.

2.4 Third-Party AI Processing

Google Gemini AI Processing: Your audio recordings are sent to Google's Gemini AI service for multimodal processing to extract invoice details. Google's processing is subject to their own privacy policies and data processing agreements. The audio is:
  • Transmitted securely to Google Gemini API
  • Processed to identify client names, work descriptions, quantities, prices, and dates
  • Not used by us to train AI models
  • Subject to Google's AI/ML services privacy practices

For more information about Google's data practices, visit: https://policies.google.com/privacy

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Provision: To create, store, and manage your invoices and business profile.
  • AI Processing: To process voice recordings and extract structured invoice data using Google Gemini AI.
  • Authentication: To verify your identity and secure your account using Firebase Authentication.
  • PDF Generation: To combine your business profile with invoice details to generate professional PDF documents.
  • Cloud Sync: To store and synchronize your data across devices using Cloud Firestore.
  • Subscription Management: To manage your subscription tier, validate purchases, and enforce usage limits.
  • App Improvement: To analyze app usage patterns, fix bugs, and enhance features.
  • Customer Support: To respond to your inquiries and provide technical assistance.
  • Compliance: To comply with legal obligations and enforce our Terms of Service.

4. Data Storage and Security

4.1 Where We Store Your Data

Your data is stored using Firebase services (a Google Cloud platform):

  • Cloud Firestore: User profiles, invoice metadata, subscription information, and tax settings.
  • Firebase Storage: Generated PDF invoices and business logos.
  • Firebase Authentication: Account credentials and authentication tokens.

Data is stored in Google Cloud data centers with industry-standard security measures.

4.2 Security Measures

We implement appropriate technical and organizational measures to protect your data:

  • End-to-end encryption for data transmission (HTTPS/TLS)
  • Firebase security rules to restrict unauthorized access
  • Secure authentication using OAuth 2.0 protocols
  • Regular security audits and monitoring via Firebase Crashlytics
  • Automatic deletion of temporary audio files after processing

Note: While we strive to protect your data, no method of electronic storage is 100% secure. We cannot guarantee absolute security.

4.3 Data Retention

  • Audio Recordings: Deleted immediately after AI processing and invoice creation (typically within minutes).
  • Invoice Data: Retained indefinitely until you delete invoices or your account.
  • Account Information: Retained while your account is active.
  • Archived Invoices: Soft-deleted invoices are retained for 90 days before permanent deletion.
  • Analytics Data: Anonymized usage data retained for up to 24 months.

5. Data Sharing and Third Parties

We do not sell, rent, or trade your personal information. We share data only in the following circumstances:

5.1 Service Providers

  • Google Firebase/Cloud: For authentication, database, storage, analytics, and crash reporting.
  • Google Gemini AI: For processing audio recordings to extract invoice data.
  • Google Sign-In / Apple Sign-In: For authentication services.
  • Google Play / Apple App Store: For subscription payment processing and validation.

5.2 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to:

  • Comply with legal obligations
  • Protect our rights, property, or safety
  • Prevent fraud or security issues
  • Respond to lawful requests from public authorities

5.3 Business Transfers

If SayPaid is involved in a merger, acquisition, or asset sale, your personal information may be transferred as part of that transaction. We will notify you of any such change.

6. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

6.1 Access and Portability

  • Request a copy of your personal data stored in the app
  • Export your invoice data in a portable format

6.2 Correction and Update

  • Update your business profile and account information directly in the app
  • Edit or delete individual invoices

6.3 Deletion (Right to be Forgotten)

  • Delete individual invoices or your entire account
  • Request complete removal of your data from our systems
  • Account deletion removes all associated data including invoices, profile, and settings

To delete your account:

  • In-App: Go to Settings → Profile → Delete Account
  • Web: Visit our Account Deletion Page
  • Email: Contact us at y.korol@mobidev.biz

6.4 Objection and Restriction

  • Object to certain data processing activities
  • Request restriction of processing under specific circumstances

6.5 Withdraw Consent

  • Revoke permission for microphone access in your device settings
  • Opt out of analytics tracking (contact us for assistance)

GDPR (EU Users): If you are located in the European Union, you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with a supervisory authority.

CCPA (California Users): California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected and to opt out of the sale of personal information (we do not sell personal information).

7. Children's Privacy

SayPaid is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information from our systems.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States and other countries where Google Cloud operates data centers. These countries may have different data protection laws than your country.

We rely on Google Cloud's compliance with international data protection frameworks, including:

  • EU-U.S. Data Privacy Framework
  • Standard Contractual Clauses (SCCs) for GDPR compliance
  • ISO 27001 and SOC 2/3 certifications

9. Cookies and Tracking Technologies

The mobile app does not use cookies in the traditional web sense. However, we use similar tracking technologies:

  • Firebase Analytics: Tracks app usage patterns and user interactions (anonymized)
  • Firebase Crashlytics: Collects crash reports and performance data
  • Device Identifiers: Uses device IDs for authentication and analytics

You can limit tracking by adjusting your device settings or contacting us to opt out of analytics.

10. Subscription and Payment Information

SayPaid offers subscription plans managed through Google Play Store (Android) or Apple App Store (iOS). Payment processing is handled entirely by these platforms:

  • We do not store credit card or payment information
  • Subscription validation is performed via secure Cloud Functions
  • We store only subscription status, tier, and validity dates
  • Refunds and billing inquiries should be directed to Google Play or Apple App Store

For payment-related privacy information, refer to:

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you via in-app notification or email
  • Request your consent if required by applicable law

We encourage you to review this Privacy Policy periodically. Your continued use of the app after changes indicates your acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Data Protection Officer: For privacy-related inquiries specific to GDPR compliance, contact dpo@saypaid.app

We will respond to your inquiry within 30 days (or as required by applicable law).

13. Summary of Key Points

  • ✓ We collect business profile information, invoice data, and temporarily process audio recordings
  • ✓ Audio files are sent to Google Gemini AI for processing and then immediately deleted
  • ✓ We use Firebase services for authentication, database, storage, and analytics
  • ✓ We do not sell your personal information to third parties
  • ✓ You can access, update, export, and delete your data at any time
  • ✓ Audio recordings are not permanently stored after invoice creation
  • ✓ We implement strong security measures to protect your data
  • ✓ You have rights under GDPR (EU) and CCPA (California) if applicable