How InvoiceFly treats, stores, process and saves your data including your personal data in the Service according to a Data Protection Laws, specifically the General Data Protection Regulation (“GDPR”).
This Data & Privacy Policy (hereinafter as “Privacy Policy”) are subject to Terms of Use. Unless specified otherwise in this Privacy Policy the terms used in this Privacy Policy shall have the same meaning as in the TOU.
Our Data & Privacy Policy describe in detail how all information about you is gathered and processed. As a User of our Service or a visitor to InvoiceFly website, the security of your personal data is our primary focus. To continue using our Service as a User you will need to accept our TOU, agree to our Data Protection Agreement and agree with our Privacy Policy which provide all details on how your data is gathered, processed, and protected.
“LabHouse” or ‘we’ is the provider and operator of the Service, registered as Labhouse Mobile SL, Plaça de Pau Vila, 1, Barcelona, 08003, Spain, Company NIF: B04968699.
‘User’ or ‘you’ means any person which signs up to InvoiceFly and completes the registration process.
‘Data Protection Law/s’ means applicable and binding laws to which InvoiceFly and User is a subject to in the field of personal data protection and privacy especially GDPR.
‘GDPR’ means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
‘Personal Data’ has the meaning given to that term in Data Protection Laws. It’s any information relating to a data subject by which it can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person or legal entity (where applicable).
‘Processing’ has the meanings given to that term in Data Protection Laws (and related terms such as ‘process’ have corresponding meanings).
This policy informs you which of your data and personal data is collected and processed when you visit our website, use our web application or any other services offered, how we use your data and personal data and what rights you have regarding the use of your personal data. This privacy also applies for the access and use of the mobile apps as well as the other available services.
InvoiceFly collects and processes some data which are necessary for a proper use of the Service. Some of these data might be personal data which could identify you as a live person and which are subject to Data Protection Legislation and GDPR.
We collect and process data:
When you use the Service and its features we collect data about how you use the Service such as:
We also collect data about you from third parties and we may combine these data with data we have about you such as
As long as it is not necessary for the creation and maintenance of a contractual relationship between you and InvoiceFly, we don’t collect, gather and process any personal data which could identify you as a person.
In order to ensure audit-proof processing of the data, the creation, modification or deletion of data may be logged or it may be prevented (especially according to the French anti-fraud law).
InvoiceFly may, throughout your use of the Service, collect and process some of your data. InvoiceFly will obtain and process these data through technical means and processes in such a way that it will not be able under any circumstances assign them to your User account or to you. Such data are thus fully anonymous.
We generally use, process and store data including personal data that you provided to us and that we collect to:
We may also process, review, scan and/or analyse your communications with us for fraud prevention, risk assessment, regulatory compliance, investigation, product development, research and customer support purposes and other similar purposes. You consent and agree that we may process, review, scan and/or analyse your communications with us for these purposes.
We may also share or disclose some personal data to:
Unless required by relevant Data Protection Laws InvoiceFly has no influence on and assumes no liability for the compliance with Data Protection Laws standards outside of our Service.
When we process personal data about you we are doing so on the following legal basis:
InvoiceFly does not process your personal data including profiling to make automated decisions.
Some data you provide to us in your User account may be personal data. Personal data are provided by you freely and you are responsible to maintain them accurate, true and complete. You may review, update, or delete the personal data in your User account by logging into your User account and reviewing your account settings and profile.
If you provide personal data of other persons to us (for example your authorized personal data of users or your client data) you warrant and guarantee that you are entitled to do so and that you have legal basis for such action.
InvoiceFly stores and processes your personal data in using the following companies. Processing and storing personal data outside EEA is made in compliance with applicable Data Protection Laws in these companies:
InvoiceFly stores and processes your personal data for the period necessary in relation to the purpose of processing as described in this Privacy Policy and local Legislation Authorities. We will process your personal data for as long as you have an active User account and automaticaly delete them 10 years after your last sign-in. We may then anonymize your information for statistical purposes.
We will terminate your personal data associated with your User account after 10 years of inactivity or when your Agreement with us has been terminated and when you request a permanent deletion of your User account.
Deleted data will be removed from InvoiceFly servers its back-ups and all third party companies listed in paragraph „Transferring of your personal data“ of Privacy Policy.
Even if you ask us to destroy your personal data InvoiceFly may be required to process some of your personal data to comply with legal obligations, i.e. to maintain accounting records and other obligations. We will process personal data for this purpose for a period required by applicable laws.
Where we process your personal data based on your consent you may at any time withdraw your consent to the processing of your personal data. We will process personal data for this purpose until you withdraw your consent.
Where you are entitled to object to our processing of your personal data (i.e. direct marketing) we will process personal data for this purpose until you object to such processing (by unsubscribing from our emails).
InvoiceFly’s servers are operated by Google US with their Firebase service which ensures fast and robust data protection on par with current data protection legislative requirements. All the data you provide to the InvoiceFly website is encrypted according to the security standard TLS (Transport Layer Security). You can recognize the secure TLS connection from the “s” after the “http” in the URL shown in your browser (i.e. https://..), or from the lock symbol depicted in the browser tab. All of your data, including their transmission between your device and the InvoiceFly servers, will be protected by standard security measures with the use of 256-bit SSL encryption.
We also take technical and organizational suitable security measures, in order to protect your data against random or deliberate manipulations, partial or complete losses, destruction and/or against unauthorized access. In order to avoid loss of data, we run a mirrored database setup which means that your data is always stored in two separate locations.
The personal data that we collect is stored in a secure environment within the USA in compliance with Privacy Shield rules and treated confidentially. Access to this data is limited to selected InvoiceFly employees and partially to our subcontractors. We adhere to Data Protection Laws at all times.
We do our utmost to secure your data in the best possible way but we cannot guarantee the safety of your data when transferred over the Internet. When data is transferred over the Internet, there is a certain risk that others can access the data illicitly.
Internet cookies are small text files that are placed on a user's computer or device when they visit a website. These files contain information about the user's activity on the website, such as the pages they have visited and the actions they have taken. Cookies are used by websites for a variety of purposes, such as:
You can find more information on how we store and use Cookies in our Cookies Policy (link).
Service may allow its users to connect their calendar, including third party calendars and time organizers (i.e. Google calendar, Apple calendar, etc.) to the Service.
By connecting a calendar to the Service, you shall be able to send invitations to other Users and clients and inform them about the time schedule.
The respective user is responsible for accurate information in the Calendar.
Subject to the material and territorial scope of the GDPR and Data Protection Laws in EEA you may have these rights granted you by the relevant Data Protection Laws.
You always have the right to access and review the personal data we process about you. You can request an overview of your personal data processed by us by emailing us. You can also request copies of your personal data held by us in writing or (if applicable) in in a structured, commonly used and machine-readable format (data portability right) in accordance with the relevant Data Protection Laws. We will provide you or your designated controller with a copy of the personal data held by us as soon as practicable, and in any event not more than 30 days after receiving a valid request in writing.
You may also request the rectification, erasure and restriction of processing of your personal data and object to processing of your personal data in accordance with the relevant data protection legislation. We will notify you within 30 days of your valid request about the relevant action taken.
You are entitled to access, see and challenge personal data third parties provide to us in accordance with the relevant Data Protection Laws.
Where we process your personal data based on your consent you may at any time withdraw your consent to the processing of your personal data. Withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal.
You are entitled to object to processing of your personal data for the purpose of direct marketing. You can exercise this right by unsubscribing from our newsletter and informational emails within the body of the email.
You are entitled to lodge a complaint with a supervisory authority in accordance with the relevant Data Protection Laws.
There may be a reasonable charge to process your requests under this section unless expressly stated otherwise in relevant Data Protection Laws.
We will notify you by e-mail whenever there are any changes made to thhe Privacy Policy or General Terms and Agreements.
We may request proof of identification to verify your requests under this section.
For information about your personal data, to exercise your right as well as for further questions about the use of your personal data please send an email to support@labhouse.io
Many of your rights described above can be exercised manually in your User account settings.
This Privacy Policy is effective from April 20-th 2023