📘 Tally Assistant Back to Home

Privacy Policy

Last updated: June 28, 2026

1. Introduction

Tally Assistant ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our financial management platform.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Name and email address (via Clerk authentication)
  • Profile information you choose to provide (business name, address, tax ID)
  • Payment information (processed entirely by Paddle — we never store credit card details)

2.2 Financial Data

To provide our service, we collect and store:

  • Transaction records (amounts, currencies, descriptions, dates)
  • Client information (names, contact details)
  • Invoice data (line items, totals, status)
  • Time tracking entries (duration, hourly rates)
  • Receipt and screenshot images you upload
  • CSV files you import

2.3 Usage Data

We automatically collect certain information when you use the Service:

  • Page interaction data (features used, pages visited)
  • Device and browser information
  • API request logs

3. How We Use Your Information

We use your information solely to:

  • Provide, maintain, and improve the Service
  • Process AI-powered features (transaction parsing, categorization, invoice generation)
  • Send payment reminders and invoice emails on your behalf
  • Communicate with you about account updates, billing, and support
  • Comply with legal obligations

4. AI Data Processing

When you use our AI features (CSV parsing, screenshot recognition, invoice generation), your data is sent to OpenAI's API for processing. We have configured our integration to:

  • Not use your data for OpenAI model training
  • Automatically delete API inputs and outputs after 30 days
  • Process data only for the specific request you make

5. Data Sharing

We do not sell your personal or financial data to third parties. We may share data with service providers essential to operating the Service:

  • OpenAI — AI processing (CSV parsing, image recognition, categorization)
  • Paddle — Payment processing (we never see your credit card details)
  • Supabase / PostgreSQL — Database hosting
  • Clerk — Authentication services
  • Resend — Email delivery
  • Inngest — Background job processing
  • Frankfurter API — Currency exchange rates (public API, no personal data sent)

6. Data Retention

We retain your account and financial data for as long as your account is active. After account deletion or subscription cancellation, we retain your data for 90 days, after which it is permanently deleted. Backup copies may persist for up to 30 additional days.

7. Data Security

We implement industry-standard security measures:

  • Encryption at rest (AES-256) and in transit (TLS 1.3)
  • Regular automated database backups
  • Access controls and authentication via Clerk
  • Secure API endpoints with user-level authorization

8. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Delete your account and associated data
  • Export your data in a portable format
  • Object to or restrict certain processing activities

To exercise any of these rights, contact us at [email protected].

9. International Data Transfers

Your data is stored on servers in the United States (Supabase / AWS West). If you are located in the European Economic Area (EEA), Switzerland, or the United Kingdom, we ensure appropriate safeguards are in place for data transfers, including Standard Contractual Clauses.

10. Cookies

We use essential cookies for authentication and session management via Clerk. We do not use tracking cookies, analytics cookies, or third-party marketing cookies. You can control cookie settings through your browser preferences.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. Your continued use after changes constitutes acceptance of the updated policy.

12. Contact

For privacy-related inquiries:
Email: [email protected]
Response time: within 48 hours