Last updated: March 2025

Privacy Policy

Your privacy matters to us. This policy explains what data we collect, how we use it, and what rights you have over it.

1. What Data We Collect

When you use SlateInvoice, we collect the following types of information:

Account Information

  • Name and email address (when you sign up)
  • Password (stored as a secure hash — never in plain text)
  • Business name and contact details (if provided in settings)

Invoice & Business Data

  • Invoice records you create (line items, amounts, due dates, statuses)
  • Client records (names, emails, addresses) that you save
  • Products and services you add to your library

Payment Information

  • Subscription billing is handled by Stripe. We do not store your credit card number or payment details on our servers.
  • We receive confirmation of successful payments and your Stripe customer ID for billing management.

Usage & Technical Data

  • Browser type and device information (for diagnostics)
  • Log data such as IP address and pages visited (standard server logs)

2. How We Use Your Data

We use the data we collect to:

  • Provide and operate the SlateInvoice service
  • Allow you to create, manage, and send invoices and estimates
  • Process subscription payments through Stripe
  • Send transactional emails (password resets, billing receipts)
  • Respond to support requests
  • Improve the product based on usage patterns

We do not sell your data to third parties. We do not use your data for advertising.

3. Third-Party Services

We rely on a small number of trusted third-party services to run SlateInvoice:

Stripe — Payments

Stripe processes all subscription payments. Your card details are entered directly on Stripe's secure forms and never touch our servers. Stripe's privacy policy: stripe.com/privacy

NextAuth — Authentication

We use NextAuth.js for secure sign-in and session management. Sessions are maintained via HTTP-only cookies and are not accessible to client-side JavaScript.

4. Cookies

SlateInvoice uses a minimal number of cookies — only what's needed to keep you signed in:

  • Session cookie: Set by NextAuth to keep you authenticated between page loads. Expires when you sign out or the session expires.
  • CSRF token: A security cookie to protect against cross-site request forgery.

We do not use advertising cookies, tracking pixels, or any third-party analytics cookies.

5. Data Retention & Deletion

Your data is retained as long as your account is active. If you delete your account, we will permanently remove your personal data, invoice records, and client data within 30 days.

Some data may be retained for a limited period where required by law (e.g., financial transaction records) or for fraud prevention purposes.

6. Your Rights

You have the following rights regarding your data:

  • Access: Request a copy of the data we hold about you.
  • Correction: Update or correct inaccurate information in your account settings.
  • Deletion: Request deletion of your account and all associated data.
  • Portability: Request an export of your data in a common format.

To exercise any of these rights, email us at privacy@slateinvoice.com.

7. Data Security

We use industry-standard security practices including HTTPS encryption, hashed passwords, and HTTP-only session cookies. While we take security seriously, no system is 100% bulletproof — please use a strong, unique password for your account.

8. Children's Privacy

SlateInvoice is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, contact us and we will delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we'll update the "Last updated" date at the top of this page. Continued use of SlateInvoice after changes constitutes acceptance of the revised policy.

10. Contact Us

Questions or requests about your privacy? Reach out:

SlateInvoice

New Jersey, USA

Email: privacy@slateinvoice.com

Website: slateinvoice.com