Privacy Policy

Last updated: December 1, 2024

1. Introduction

StatementBridge is committed to protecting your privacy. This policy describes how we collect, use, and protect your personal data in compliance with GDPR.

2. Data We Collect

We collect: registration data (name, email); usage data (conversions made); uploaded files for conversion (bank statements). Files are automatically processed and deleted after 30 days.

3. Purpose of Processing

We use your data to: provide the conversion service; manage your account; communicate about the service; improve the platform; comply with legal obligations.

4. Legal Basis

Processing is based on: contract execution (to provide the service); consent (for marketing communications); legitimate interests (to improve the service); legal obligations.

5. Data Sharing

We do not sell your data. We may share data with: payment processors (Stripe); infrastructure providers (AWS); when required by law.

6. Security

We implement security measures including: TLS 1.3 encryption in transit; AES-256 encryption at rest; restricted data access; security monitoring.

7. Your Rights

You have the right to: access your data; rectify incorrect data; delete your data; data portability; object to processing; withdraw consent.

8. Data Retention

Uploaded files: 30 days (configurable). Account data: while account is active. Usage logs: 12 months. Billing data: 7 years (legal obligation).

9. Cookies

We use essential cookies for service operation and analytical cookies (with consent) to improve the experience.

10. Contact

To exercise your rights or for privacy questions: [email protected]. Supervisory authority: CNPD (Portugal).