Privacy Policy

1. Introduction

Welcome to BankToFile ("we," "our," or "us"). We are committed to protecting your privacy and handling your data in an open and transparent manner. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our bank statement conversion service.

By using BankToFile, you confirm your acceptance of this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our service.

2. Information We Collect

2.1 Personal Information

When you register for an account, we collect:

• Email address
• Name
• Password (encrypted)
• Payment information (processed securely through Stripe)

2.2 File Processing

When you upload bank statements for conversion:

• Files are processed entirely in memory
• We do NOT store your bank statements on our servers
• Files are immediately deleted after conversion
• Only metadata (file name, page count) is retained for billing purposes

2.3 Authentication Data

If you use Google OAuth to sign in, we receive your Google ID, email, and profile picture. We do not have access to your Google password.

3. How We Use Your Information

3.1 Service Delivery

• Process your bank statement conversions
• Manage your account and subscription
• Track usage against your plan limits
• Provide customer support

3.2 Communication

• Send transactional emails (conversion confirmations, receipts)
• Send important service updates and security notices
• Send newsletter updates (if you've subscribed)

4. Data Storage and Security

4.1 Security Measures

We implement industry-standard security measures:

• All data transmitted via HTTPS encryption
• Passwords hashed using bcrypt
• Database hosted on secure Railway infrastructure
• Regular security audits and updates

4.2 Payment Security

• Payment processing handled by Stripe (PCI DSS compliant)
• We never store your full credit card details
• Only Stripe customer IDs are retained

4.3 File Processing Security

• Files processed in memory only
• No permanent storage of uploaded documents
• Immediate deletion after conversion
• No third-party access to your files

5. Data Retention

5.1 Account Data

• Account information retained while your account is active
• You can request account deletion at any time
• Upon deletion, personal data removed within 30 days

5.2 Conversion Logs

Metadata (file names, page counts) retained for:

• Free plan: 90 days
• Paid plans: Duration of subscription + 1 year

6. Data Sharing

We do not sell, trade, or rent your personal information to third parties.

We share data with trusted service providers:

• Stripe: Payment processing
• Google OAuth: Authentication (if you choose to use it)
• Railway: Database and hosting infrastructure

7. Your Rights

You have the right to:

• Access and download your personal data
• Update or correct your account information
• Request deletion of your account and data
• Unsubscribe from newsletter emails
• Lodge a complaint with a data protection authority

8. Cookies and Tracking

We use essential cookies for authentication, security, and service functionality. Analytics cookies may be used for aggregate, anonymized data only.

9. Children's Privacy

BankToFile is not intended for users under 18 years of age. We do not knowingly collect personal information from children.

10. Contact Us

If you have questions about this Privacy Policy, please contact us:

• Email: privacy@banktofile.com
• Support: support@banktofile.com