Privacy Policy

Last updated: January 11, 2026

1. Information We Collect

1.1 Information You Provide

We collect information that you voluntarily provide when using our Service:

• Account Information: Name, email address, password, and profile settings when you create an account.
• Business Information: Business name, address, phone number, logo, and tax identification numbers.
• Client Data: Names, contact information, and other details about your clients that you enter into the system.
• Financial Data: Invoice amounts, payment records, and banking information for payment processing.
• Communications: Messages sent through our support system and any feedback you provide.

1.2 Automatically Collected Information

We automatically collect certain information when you use the Service:

• Usage Data: Features used, actions taken, and time spent in the application.
• Device Information: Browser type, operating system, device type, and screen resolution.
• Log Data: IP address, access times, pages viewed, and referring URLs.

2. How We Use Your Information

We use the collected information for the following purposes:

• To provide, maintain, and improve the Service
• To process payments and send related notifications
• To communicate with you about your account and respond to inquiries
• To analyze usage patterns and improve our features
• To detect, prevent, and address security issues and fraud
• To comply with legal obligations and enforce our terms

3. Information Sharing

We do not sell your personal information. We may share your information in the following circumstances:

• Service Providers: We share information with trusted third-party service providers who assist in operating our Service, subject to confidentiality obligations.
• Payment Processing: Payment information is shared with Stripe for processing transactions securely.
• Legal Requirements: We may disclose information when required by law, court order, or to protect our rights and safety.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owner.

We never sell your personal information to third parties for advertising purposes.

4. Data Security

We implement industry-standard security measures to protect your information:

• Encryption of data in transit (TLS/SSL) and at rest
• Strict access controls and authentication requirements
• Regular security assessments and vulnerability testing
• 24/7 automated security monitoring and alerting

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. After account termination, we retain certain information for up to 7 years as required for legal, tax, and accounting purposes. You may request deletion of your data by contacting us, subject to legal retention requirements.

6. Your Rights

You have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request correction of inaccurate or incomplete information.
• Deletion: Request deletion of your personal information, subject to legal requirements.
• Data Portability: Export your data in a machine-readable format.
• Withdraw Consent: Withdraw consent for optional data processing at any time.

To exercise these rights, please contact us at [email protected]. We will respond to your request within 30 days.

7. Cookies and Tracking

We use cookies and similar technologies to improve your experience:

• Essential Cookies: Required for the Service to function properly (authentication, security).
• Functional Cookies: Remember your preferences and settings.
• Analytics Cookies: Help us understand how you use the Service to improve it.

8. Third-Party Services

We integrate with third-party services that have their own privacy policies:

• Stripe: Payment processing. View their privacy policy at stripe.com/privacy.
• QuickBooks (Intuit): Accounting synchronization. View their privacy policy at intuit.com/privacy.
• Twilio: SMS notifications. View their privacy policy at twilio.com/legal/privacy.
• Google: Authentication (optional). View their privacy policy at policies.google.com/privacy.

9. International Data Transfers

Daybook is based in Canada. If you access the Service from outside Canada, your information may be transferred to and processed in Canada. By using the Service, you consent to this transfer. We ensure appropriate safeguards are in place for international data transfers.

10. Canadian Privacy Law (PIPEDA)

We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws. This includes:

• Obtaining meaningful consent for collection and use of personal information
• Limiting collection to purposes identified at the time of collection
• Providing access to your personal information upon request
• Keeping personal information accurate and up-to-date
• Implementing appropriate security safeguards

11. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the Service at least 30 days before they take effect. The "Last updated" date at the top of this policy indicates when it was last revised.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact our Privacy Officer: