Scope and Key Definitions
- Service means the InvoxEasy web application, related websites, account features, and online support services operated by The Things Tech Company.
- Account means the web account used to sign in to and access account-scoped features of the service.
- Company, We, Us, or Our refers to The Things Tech Company, based in Hong Kong SAR, China.
- Personal Data means information that relates to an identified or identifiable individual.
- Usage Data means technical, diagnostic, and activity data collected automatically from use of the service or its infrastructure.
- User Content means information and files you create, upload, import, or store in InvoxEasy, including business profile data, customers, products, documents, and PDFs.
- Service Provider means a third party that processes data on behalf of the company, such as hosting, authentication, storage, analytics, or billing providers.
Data We Collect
While using the service, we may collect information that you provide directly, information created through your use of the service, and technical information needed to secure and operate the service.
- Account and identity data, such as your email address, provider account identifier, display name, and sign-in method, when you authenticate using Google or Sign in with Apple.
- Subscription and billing data, such as entitlement status, plan selection, customer identifiers, checkout events, and billing portal events required to provide paid features. Full payment card details are handled by Stripe and are not stored by us.
- User Content, such as supplier profile details, customer and product records, generated or imported PDFs, document metadata, avatar data, and other information you save in the service.
- Usage data may include IP address, browser type and version, device or browser identifiers, pages visited, timestamps, feature usage, latency, and diagnostic data.
- Session and security data, including cookies and related tokens used to keep you signed in, verify requests, prevent abuse, and protect account-scoped storage.
How We Use Personal Data
- To provide, maintain, secure, and monitor the service.
- To authenticate your account, manage your session, and keep account data separated between signed-in users.
- To store, sync, retrieve, export, preview, and manage the User Content you choose to place in the service.
- To process subscriptions, payments, entitlement checks, account restoration, and related service delivery.
- To contact you about service updates, security matters, support requests, and account-related information.
- To troubleshoot issues, analyze usage trends, improve the service, and support audits, compliance, or business transfers if needed.
How We Share Information
- With infrastructure and storage providers, such as Cloudflare, only to the extent needed to host, secure, and deliver the service.
- With billing and payment providers, such as Stripe, only to the extent needed to process subscriptions, manage renewals, and support billing-related requests.
- With identity providers, such as Google or Apple, when you choose to sign in through those services.
- With professional advisers, regulators, law enforcement, or courts when disclosure is required by law or reasonably necessary to protect rights, safety, or the integrity of the service.
- During a merger, acquisition, financing, or asset sale, subject to applicable confidentiality and legal requirements.
Retention, Transfer, and Deletion
We retain personal data and User Content only as long as reasonably necessary for the purposes described in this policy, including to operate the service, maintain subscription records, resolve disputes, enforce agreements, and comply with legal obligations.
Account content may remain stored while your account is active. Backups, logs, and security records may persist for a limited period after deletion or change events.
Your information may be processed and stored in locations outside your jurisdiction. By using the service and providing information, you understand that such processing may occur, and we take reasonable steps to apply appropriate safeguards.
- You may request access to, correction of, export of, or deletion of personal information by contacting [email protected].
- We may retain certain records where required for security, fraud prevention, accounting, tax, subscription, or other lawful compliance purposes.
Security and Service Providers
We use commercially reasonable administrative, technical, and organizational measures to protect personal data and User Content. These measures are designed to support account separation, authenticated access, transport security, and restricted operational access.
No method of transmission over the Internet or electronic storage is completely secure. You remain responsible for protecting your own account credentials and for the accuracy and legality of the content you upload or generate.
Your Choices, Children, and External Links
You may choose not to provide certain information, but some features, especially account-based storage, synchronization, and subscription management, may not function without it.
The service is not directed to children under 13, or a higher minimum age where required by applicable law, and we do not knowingly collect personal data from children without required consent.
The service may contain links to third-party websites or services. We are not responsible for the content, privacy practices, or terms of those third parties.
Changes and Contact
We may update this Privacy Policy from time to time. Material changes may be communicated by updating the published version, by prominent in-service notice, or by other reasonable means.
If you have questions about this Privacy Policy, contact [email protected].
