Privacy Policy

Effective Date: 18 June 2025

Capisso Limited respects your privacy. This Privacy Policy outlines how we collect, use, store, and protect your personal and business data in compliance with the General Data Protection Regulation (GDPR).

1. Information We Collect

a. Account Information

When you sign up, we collect:

  • Name
  • Email address
  • Company information
  • Payment and subscription details

b. Uploaded Data

We collect and store:

  • Images of receipts (via email, WhatsApp, or the Capisso iOS app)
  • Metadata and categorised financial data

c. Third-party Data

If you connect to Xero, we collect:

  • Expense categories
  • Accounting data
  • Transaction history as needed for sync

2. Use of Your Data

We use your data to:

  • Provide expense categorisation and syncing
  • Improve AI model performance
  • Send invoices, receipts, and updates
  • Comply with legal obligations

We do not sell or rent your data to third parties.

3. Legal Basis

Our legal basis for processing is:

  • Your consent (for account creation, AI use, Xero sync)
  • Contractual necessity (service provision)
  • Legal obligation (e.g., tax compliance)

4. Data Sharing

We share data with:

  • OpenAI (for AI processing)
  • Supabase (database & document storage)
  • Stripe or GoCardless (for payment processing)
  • Xero (if connected)

Each third party is GDPR-compliant and contractually obligated to safeguard your data.

5. Data Security

Capisso implements encryption, access control, and secure hosting with Railway app and Supabase. We regularly audit our security practices.

6. Data Retention

We retain your data for as long as your account is active or as required by law. You may request deletion at any time by emailing privacy@capisso.com.

7. Your Rights

Under GDPR, you have the right to:

  • Access your data
  • Rectify inaccuracies
  • Request erasure
  • Object to processing
  • Withdraw consent
  • Data portability

You can exercise these rights by contacting us at: privacy@capisso.com

8. Cookies and Analytics

We use cookies to enhance your experience and track site usage. You may opt out via your browser settings.

9. International Transfers

Your data may be stored or processed in countries outside the EEA (e.g., US-based services like AWS). We ensure these transfers are protected by Standard Contractual Clauses or similar legal safeguards.

10. Contact Us

Capisso Limited

Company Number: 691522

Registered Address: Rubicon Centre, MTU, Bishopstown, Cork, Ireland

Email: privacy@capisso.com