Ferpz logo

Legal

Privacy Policy

Last updated: December 21, 2024

Table of Contents

1. Introduction

Ferpz ("we," "our," or "us") operates the website ferpz.com and the Ferpz application at dash.ferpz.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.

We are committed to protecting your privacy. By using Ferpz, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use our services.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address (required) — For account creation, login, and important notifications
  • Password (required) — Stored securely using PBKDF2 + SHA-256 hashing; we never store plain-text passwords
  • Name (optional) — For profile personalization and invoice display
  • Timezone (optional) — For accurate deadline calculations

2.2 OAuth Information

If you sign in using Google or Apple, we receive:

  • Email address
  • Display name
  • Provider-specific user ID

We do not receive or store your OAuth provider password.

2.3 Business Information

To provide our services, we collect information about your business:

  • Company name and type
  • Country of incorporation
  • Currency preference
  • Tax identification numbers (VAT/Tax ID) — optional
  • Business address — optional
  • Estimated annual revenue — optional, for tax threshold calculations

2.4 Financial Transaction Data

When you use Ferpz to track finances, we store:

  • Income and expense amounts
  • Transaction dates and categories
  • Notes and descriptions you add
  • Customer and vendor names
  • Tax rates (VAT/Sales tax)

2.5 Invoice Data

For invoicing features:

  • Customer names and email addresses
  • Invoice amounts and line items
  • Payment status

2.6 AI Chat Data

When using our AI CFO feature:

  • Messages you send to the AI
  • AI responses
  • Images uploaded for OCR (receipt scanning)

2.7 Usage Data

We automatically collect:

  • AI message counts (for plan limits)
  • OCR usage counts
  • Login timestamps
  • IP addresses (for security and rate limiting)

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Send you technical notices, updates, and security alerts
  • Respond to your comments, questions, and support requests
  • Calculate tax estimates and deadline reminders
  • Generate financial reports and insights
  • Power AI features to answer your finance questions
  • Monitor and analyze usage patterns to improve user experience
  • Detect, prevent, and address technical issues and fraud

4. Third-Party Services

We use select third-party services to operate Ferpz. Each service receives only the data necessary for its specific function:

OpenAI

Purpose: AI CFO chat responses, receipt OCR
Data shared: Your messages to the AI, uploaded receipt images

Polar

Purpose: Payment processing
Data shared: Email address, subscription details
Note: Credit card information is processed directly by Polar; we never see or store your card details

Cloudflare

Purpose: CDN, DDoS protection, security
Data shared: IP addresses, request metadata

5. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption in transit: All data transmitted between your browser and our servers uses TLS/HTTPS
  • DDoS Protection: Cloudflare provides CDN and security protection for our infrastructure
  • Password security: Passwords are hashed using industry-standard algorithms with unique salts
  • Session security: Secure session management with HttpOnly cookie flags
  • Rate limiting: Protection against brute-force attacks

While we use commercially reasonable measures to protect your data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Your Rights

Depending on your location, you may have certain rights regarding your personal data:

For EU/UK Users (GDPR)

  • Right to access: Request a copy of your data via Settings > Export
  • Right to rectification: Update your information directly in the app
  • Right to erasure: Request account deletion by contacting support@ferpz.com
  • Right to data portability: Export your data as CSV files
  • Right to object: Contact us to object to certain processing activities

For California Users (CCPA)

  • Right to know what personal information we collect
  • Right to delete your personal information
  • Right to opt-out of the sale of personal information
  • Right to non-discrimination for exercising your rights

Note: We do not sell your personal information to third parties.

How to Exercise Your Rights

  • Access & Export: Settings > Data Export in your dashboard
  • Account Deletion: Email support@ferpz.com with subject "Account Deletion Request"
  • Other Requests: Email privacy@ferpz.com

7. Data Retention

We retain your data as follows:

  • Active accounts: Data is retained for as long as your account is active
  • Deleted accounts: Account data is permanently deleted within 30 days of deletion request
  • Backup data: May persist in encrypted backups for up to 90 days
  • Legal requirements: We may retain certain data if required by law

8. Children's Privacy

Ferpz is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@ferpz.com. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information.

9. International Transfers

Your data may be transferred to, and processed in, countries other than your country of residence. Our servers and third-party service providers are located primarily in the United States and European Union.

For transfers from the EU/UK, we rely on Standard Contractual Clauses and adequacy decisions where applicable. By using Ferpz, you consent to the transfer of your information to these locations.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new policy on this page with an updated date
  • Sending an email notification to registered users
  • Displaying a notice in the application

We encourage you to review this policy periodically. Your continued use of Ferpz after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us:

← Back to Home