Privacy Policy

Startit Services LLC · Last updated: 08/06/2026

This Privacy Policy explains how Startit Services LLC ("we") collects, uses and protects your personal data when you use the Service. We act as the data controller for account data, and as a processor for the customer data you upload.

1. Information we collect

Account data you provide (name, email, password). Content you upload to operate the Service (company, client and invoice data). Technical and usage data (IP address, device/browser, logs) for security and diagnostics. We do NOT store full card numbers — payments are handled directly by our payment providers.

2. How we use your information

To provide and improve the Service, process subscriptions, send invoice-related notifications and reminders, provide support, ensure security and comply with legal obligations. We do not sell your personal information.

3. Legal bases (GDPR)

Where the GDPR applies, we process data to perform our contract with you, to comply with legal obligations, for our legitimate interests (security, service improvement) and, where required, with your consent.

4. Sharing and subprocessors

We share data only with providers that help us run the Service, under confidentiality and data-processing agreements: Stripe and PayPal (payment processing), Resend (transactional email delivery) and DigitalOcean (hosting and storage). We may also disclose data when required by law. Some providers may process data outside your country, under appropriate safeguards.

5. Cookies

We use strictly necessary cookies to keep you signed in and to secure the Service. We do not use third-party advertising cookies.

6. Data retention

We retain your information while your account is active. You may request deletion at any time; some records may be retained as required by law (e.g. tax or accounting obligations).

7. Security

We apply technical and organizational measures to protect your data; each account is isolated and can access only its own data. No system is completely secure, but we work to minimize risks and will notify you of material breaches as required by law.

8. Your rights

Depending on your location (including under the GDPR and CCPA), you may have the right to access, correct, export, delete or object to the processing of your personal data, and to withdraw consent. To exercise these rights, contact us. You may also lodge a complaint with your local data protection authority.

9. California (CCPA)

We do not sell or share your personal information as defined by the CCPA. California residents may exercise their rights to know, delete and opt out by contacting us.

10. Children

The Service is not directed to individuals under 18, and we do not knowingly collect their data.

11. Changes and contact

We may update this Policy and will post the current version on this page. For any privacy request, contact us through our contact page or at info@startitservices.com.