At ParseBankStatement.com, we respect your privacy and are committed to protecting your personal data. This privacy policy will inform you about how we look after your personal data when you visit our website and tell you about your privacy rights and how the law protects you.

ParseBankStatement.com is operated by our company (referred to as "we", "us", or "our" in this privacy policy). We are a company registered in the United Kingdom.

This privacy policy applies to all users of our services globally, though specific rights may vary depending on your location and applicable data protection laws.

For the purpose of the UK Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR), we are the data controller responsible for your personal data.

When you use our service to parse bank statements, we may collect and process the following data:

• Content Data: The files you upload for parsing
• Metadata: Information about these files (file size, format, upload date)
• Processing Results: Results of the parsing operation
• Technical Data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform
• Usage Data: Information about how you use our website and services
• Account Data: If you create an account, we collect your email address and password (stored in encrypted form)

We process your personal data on the following legal bases:

• Performance of a Contract: Processing necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
• Legitimate Interests: Processing necessary for our legitimate interests, except where such interests are overridden by your interests or fundamental rights and freedoms.
• Compliance with Legal Obligations: Processing necessary for compliance with our legal obligations.
• Consent: Where you have given consent to the processing of your personal data for specific purposes.

We use your data only for the following purposes:

• To provide our parsing service to you, including processing your uploaded files through our third-party API partner
• To improve our service and user experience
• To troubleshoot issues and provide support
• To notify you about changes to our service
• To prevent fraud and ensure the security of our platform
• To comply with legal obligations

We use a third-party API service to perform the actual parsing of bank statements. When you upload files to our service, they are processed by this third-party provider. We have agreements in place that require them to:

• Process the data only for the purposes of providing the parsing service
• Implement appropriate security measures
• Delete the data after processing is complete
• Not use the data for their own purposes

As we serve users globally, your data may be transferred to, and stored at, destinations outside the UK and European Economic Area (EEA). Whenever we transfer your personal data outside the UK or EEA, we ensure a similar degree of protection is afforded to it by implementing appropriate safeguards, such as:

• Using specific contracts approved by the UK Information Commissioner's Office (ICO) or European Commission
• Transferring data to countries that have been deemed to provide an adequate level of protection
• Where we use providers based in the US, transferring data to them if they have appropriate certification or agreements in place

Your uploaded files and parsing results are stored temporarily and are automatically deleted after 24 hours. We implement appropriate technical and organizational security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed.

These security measures include:

• Encryption of sensitive data at rest and in transit
• Regular security assessments and penetration testing
• Access controls and authentication procedures
• Regular backups in secure environments
• Staff training on data protection and security practices

Despite our security measures, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

• Notify the relevant supervisory authority (such as the ICO in the UK) without undue delay and, where feasible, not later than 72 hours after becoming aware of the breach
• Notify affected users directly in clear and plain language describing the nature of the breach, likely consequences, and measures we are taking to address the breach
• Document all breaches, including facts, effects, and remedial actions taken

We maintain a data breach response plan that is regularly reviewed and tested to ensure we can react quickly and effectively in the event of a breach.

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for. Specifically:

• Uploaded files and parsing results: 24 hours
• Account information: For as long as you maintain an account with us
• Technical and usage data: Up to 26 months for analytics purposes

Depending on your location, you may have different rights under applicable data protection laws. If you are in the UK or EEA, under the UK GDPR or EU GDPR, you have rights including:

• Right to Access: You can request copies of your personal data.
• Right to Rectification: You can request correction of inaccurate or incomplete data.
• Right to Erasure: You can request that we delete your personal data in certain circumstances.
• Right to Restrict Processing: You can request we suspend processing of your personal data.
• Right to Data Portability: You can request transfer of your data to you or a third party.
• Right to Object: You can object to our processing of your personal data.
• Rights Related to Automated Decision Making: You can contest any automated decision made about you.

If you wish to exercise any of these rights, please contact us. We may need to request specific information from you to help us confirm your identity.

We use "cookies" and similar tracking technologies to distinguish you from other users of our website, remember your preferences, and understand how you use our site. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies.

Our cookie types include:

• Strictly Necessary Cookies: Required for the operation of our website
• Analytical/Performance Cookies: Allow us to recognize and count visitors and analyze site usage
• Functionality Cookies: Used to recognize you when you return to our website
• Targeting Cookies: Record your visit to our website, pages visited, and links followed

Our service is not intended for children under 16 years of age, and we do not knowingly collect personal data from children under 16.

We may update our privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page and updating the "last updated" date at the top. You are advised to review this privacy policy periodically for any changes.

If you are in the UK, you have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). If you are in the EU, you have the right to make a complaint to your local supervisory authority.