Privacy Policy

1. Introduction

InvoiceWice (“we”, “us”) provides an online service for creating, managing, and sending invoices (“Service”). This Privacy Policy explains how we process personal data when you use the Service, in line with the EU General Data Protection Regulation (GDPR) and applicable law.

2. Data controller

The controller of your personal data is the operator of InvoiceWice. For privacy requests, contact tomas@munno.lt.

3. Data we collect

We process data you provide or that is generated when you use the Service:

• Account data: email address, authentication identifiers, and optional profile fields (e.g. display name, business email) stored when you register or sign in.
• Business and invoice data: client names, client email addresses, billing amounts, invoice descriptions, invoice numbers, dates, template text (including payment details you enter), and related records needed to generate and send invoices.
• Logos and files: images you upload for branding (stored in our file storage).
• Technical data: session cookies and similar data required to keep you signed in and secure the Service.

4. Why we use your data

We use personal data to:

• Provide, operate, and maintain the Service (performance of a contract).
• Authenticate your account and protect against abuse (legitimate interests and legal obligations).
• Send transactional emails when you use features that deliver invoices to your clients (performance of a contract; your instructions).
• Respond to support requests and comply with law (legitimate interests / legal obligation).

5. Service providers (processors)

We use trusted infrastructure providers who process data on our instructions. They include:

• Supabase — for authentication, database storage, and file storage for your account and content. See Supabase's privacy information.
• Resend — for sending email when you use invoice delivery features. See Resend's privacy policy.

Your clients’ email addresses and message content are transmitted to Resend only when you choose to send invoices through the Service.

6. International transfers

Data may be processed in the European Economic Area and/or other regions where our providers operate. Where data is transferred outside the EEA, we rely on appropriate safeguards (such as Standard Contractual Clauses) as required by GDPR.

7. Retention

We keep your personal data for as long as your account remains active, and for as long as necessary to provide the Service. If you use a paid plan and stop paying, we may delete your data or restrict access in line with our subscription and billing terms. After you delete your account, we delete or anonymise personal data within a reasonable period, subject to legal retention requirements.

8. Security

We implement appropriate technical and organisational measures to protect your data, including access controls and encryption in transit where supported by our providers. No online service is completely risk-free; you should use a strong password and protect your account credentials.

9. Cookies

We use cookies and similar technologies required for authentication and session management. You can control cookies through your browser settings; disabling essential cookies may prevent the Service from working.

10. Children

The Service is not directed at children under 16. We do not knowingly collect personal data from children.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised version on this page and update the “Last updated” date. Continued use of the Service after changes constitutes notice of the update where permitted by law.

12. Contact

Questions about this policy: tomas@munno.lt