Privacy Policy

Last updated: November 2025

1. Introduction

This Privacy Policy explains how PayLoad (“the App”, “we”, “our”) handles your data.

2. Data Collection & Usage

• Invoices
  • Stored only on your device (AsyncStorage).
  • Never uploaded to our servers.
• User Account Information
  • Email, name, and profile settings stored securely in Supabase.
• Support Requests
  • If you submit a ticket, your email, description, and optional screenshot are stored in our database.
• AI Text Processing
  • If you use AI-powered creation, the text you provide may be sent securely to our Supabase Edge Function and processed by a third-party large language model (e.g., OpenAI GPT-5-mini or Google Gemini) transiently to generate invoice structure. We do not retain this text after processing for this purpose.
• Profile Signature
  • If you add your own business/personal signature in your profile, it is stored securely in Supabase and used to render invoices. Client signatures captured during invoice creation are temporary for PDF generation and are not retained on our servers.
• Voice & Audio Processing
  • If you use voice input, audio is sent securely to our Supabase Edge Function for transcription via a third-party processor (OpenAI Whisper).
  • Audio is processed transiently for transcription only and is not retained by us after processing.
• Device Contacts
  • If you import contacts from your device, they are processed locally on your device for selection convenience and are not uploaded to our servers.
• Analytics
  • Anonymous usage metrics (invoice counts, AI usage) are stored.
• Crash Reports (Sentry)
  • Collected for debugging and performance monitoring.
  • Retention: 30 days (free tier policy).

3. Data Sharing

• We do not sell or share personal data with third parties.

3.1 Subprocessors

We use reputable processors to provide the App: