Privacy

• Account profile data for authentication, workspace access, and support.
• Uploaded PDFs and extracted statement rows for conversion delivery.
• Billing state synchronized from Stripe for subscriptions and credit controls.
• Security logs, request IDs, and audit events for abuse prevention and evidence.

Uploaded documents and extracted statement rows use 24-hour document retention. The deletion runtime records sweep activity, receipts, and audit evidence. Account, billing, and audit records follow the retention periods in the public privacy manifest.

Workspace owners and admins can request account data export and account deletion from workspace settings. These requests are recorded, audited, and handled as workflows rather than silent background mutations.

See the machine-readable manifest at /.well-known/privacy-manifest.json.