Bookkeeper logo
Back to home

Last updated: March 1, 2025

Privacy Policy

At BookkeeperIQ, your privacy is fundamental to how we operate. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your personal data. We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws in Canada.

1. Who We Are

BookkeeperIQ Inc. is a Canadian company that provides cloud-based bookkeeping software for sole proprietors and small businesses. References to "we", "us", or "our" in this policy refer to BookkeeperIQ Inc. For privacy inquiries, contact our Privacy Officer at privacy@usebookkeeper.com.

2. Information We Collect

We collect information in three ways:

a) Information you provide directly

  • Account details: name, email address, password (hashed), and business name;
  • Billing information: credit card details (processed by our payment provider; we do not store card numbers);
  • Financial data: receipts, invoices, bank statements, and expense records you upload;
  • Communications: support messages, feedback, and survey responses.

b) Information collected automatically

  • Usage data: pages visited, features used, session duration, and click patterns;
  • Device data: browser type, operating system, IP address, and device identifiers;
  • Cookies and similar tracking technologies (see Section 8).

c) Information from third parties

  • OAuth providers (Google, GitHub) if you use social sign-in;
  • Payment processors (e.g., Stripe) for billing status and fraud signals.

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service;
  • Process payments and manage your subscription;
  • Generate financial summaries, expense reports, and T2125-ready exports;
  • Power AI-assisted features such as expense categorization and the Insight assistant;
  • Send transactional emails (receipts, password resets, account alerts);
  • Send product updates and marketing communications (you can opt out at any time);
  • Detect and prevent fraud, abuse, and security incidents;
  • Comply with our legal obligations under Canadian law.

We rely on contractual necessity (to provide the Service), legitimate interests (security, product improvement), and your consent (marketing emails) as our legal bases for processing.

4. Data Storage and Security

Your data is stored on servers located in Canada (primary) and the United States (backup/CDN). All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption.

We implement technical and organizational safeguards including access controls, regular security audits, and employee training. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

In the event of a data breach affecting your personal information, we will notify you and relevant authorities as required by PIPEDA within 72 hours of becoming aware of the breach.

5. Sharing of Your Information

We do not sell your personal information. We may share your information with:

  • Service providers — third parties that help us operate the Service (e.g., cloud hosting, email delivery, payment processing, analytics). These providers are contractually bound to protect your data;
  • Your accountant or advisor — only if you explicitly grant them access via the Business plan accountant seat feature;
  • Legal authorities — when required by law, court order, or to protect the rights and safety of our users or the public;
  • Business transfers — in connection with a merger, acquisition, or sale of assets, with notice to you.

6. Canadian Privacy Law (PIPEDA)

We are committed to compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA). Under PIPEDA, you have the right to:
  • Know why your personal information is being collected;
  • Access your personal information held by us;
  • Challenge the accuracy of your personal information and request corrections;
  • Withdraw consent for non-essential uses (subject to legal and contractual restrictions).

Residents of Quebec have additional rights under Law 25 (Bill 64). Contact us at privacy@usebookkeeper.com to exercise any of these rights.

7. Your Rights and Choices

  • Access & portability — request a copy of your data in a portable format from account settings;
  • Correction — update incorrect information from your account profile;
  • Deletion — request deletion of your account and associated data (subject to legal retention obligations);
  • Marketing opt-out — unsubscribe via the link in any marketing email or from notification settings;
  • Cookie preferences — manage tracking via the cookie consent banner or browser settings.

To exercise any right, email privacy@usebookkeeper.com. We will respond within 30 days.

8. Cookies and Tracking

We use the following types of cookies:

  • Essential cookies — required for authentication and core functionality (cannot be disabled);
  • Analytics cookies — help us understand how the Service is used (e.g., page views, feature adoption);
  • Preference cookies — remember your settings such as language and theme.

You can opt out of non-essential cookies via the cookie banner at the bottom of the page. Opting out will not affect your ability to use core features of the Service.

9. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. Financial records are retained for a minimum of 7 years to comply with CRA requirements, even after account deletion. Upon account deletion, non-financial personal data is removed within 90 days. Anonymized, aggregate data may be retained indefinitely for analytics purposes.

10. Children's Privacy

The Service is not directed at individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that a child under 18 has provided us with personal information, we will delete it promptly.

11. Third-Party Links

The Service may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or a prominent in-app notice at least 14 days before the changes take effect. The "Last updated" date at the top of this page reflects the most recent revision.

13. Contact Our Privacy Officer

For questions, requests, or complaints about this Privacy Policy or our data practices:

Privacy Officer — BookkeeperIQ Inc.

Email: privacy@usebookkeeper.com

Canada

You also have the right to file a complaint with the Office of the Privacy Commissioner of Canada at priv.gc.ca.