Privacy Policy

Your privacy matters. This page explains what data NoraInvoice collects, how it is used, and your choices.

Data We Process

• Account data (username, email when provided)
• Business data you enter (customers, invoices)
• Operational metadata (audit logs, IPs for security)
• Optional telemetry if Sentry is enabled (errors only)
• Optional payment data via Stripe or native app stores (Apple/Google) — processed by those providers
• Optional email delivery metadata (SMTP provider)
• Cookies for session authentication
• Language preference and caching keys
• Metrics for service health (non-PII aggregates)
• Rate-limiting counters (non-PII)
• File uploads you submit (e.g., org logo)
• API keys you create (hashed secret stored)
• Support feedback you submit
• Audit events for sensitive actions
• Subscription status via Stripe and native app store webhooks
• Internationalisation selections (language)
• Team membership (org, role) if used

Retention

Data is retained while your account is active and as required by law for billing/accounting.

Your Choices

• Access/update data from the app UI
• Delete customers/invoices you own
• Revoke API keys at any time
• Request account deletion via support
• Disable telemetry by omitting Sentry DSN

Contact support for questions regarding data.