Privacy Policy

Last Updated: November 6, 2025

Effective Date: November 6, 2025

Introduction

Welcome to Invoice Easy ("we," "our," or "us"). We are committed to protecting your privacy and handling your personal information transparently. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application Invoice Easy (the "App").

Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the App.

1. Information We Collect

1.1 Information You Provide to Us

Account Information:

Business Profile Information:

Invoice and Customer Data:

User Preferences:

1.2 Information Collected Automatically

Device and Usage Information:

Error and Performance Data:

1.3 Information We Do NOT Collect

2. How We Use Your Information

2.1 Core Functionality

2.2 Service Improvement (Optional)

2.3 Communication

2.4 Legal Compliance

3. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties. We only share your information in the following limited circumstances:

3.1 Service Providers

We use trusted third-party services to operate our App:

Firebase (Google LLC)

RevenueCat

Sentry

Apple App Store / Google Play Store

3.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas, or government agencies).

3.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information becomes subject to a different privacy policy.

4. Data Storage and Security

4.1 Where Your Data is Stored

On Your Device (Local Storage):

In the Cloud (Firebase):

Important: PDF files are never uploaded to the cloud. They remain on your device only.

4.2 Data Security

We implement industry-standard security measures to protect your information:

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

4.3 Data Retention

5. Your Rights and Choices

5.1 Access and Portability

5.2 Correction and Deletion

5.3 Analytics and Error Tracking Control

5.4 Marketing Communications

We do not send promotional emails. You will only receive transactional emails necessary for account management.

5.5 Your Regional Rights

For EU/EEA Residents (GDPR):

GDPR Lawful Bases for Processing:

We process your personal data based on the following lawful bases under GDPR Article 6:

Processing Activity Lawful Basis Explanation
Account creation and authentication Contract Necessary to provide the App services you requested
Invoice and customer data storage/sync Contract Necessary to deliver the core invoicing functionality
Subscription management and billing Contract Necessary to manage your paid subscription
Business logo storage Contract Necessary to provide invoice customization features
Transactional emails (verification, password resets) Contract Necessary for account security and service delivery
Analytics and usage tracking Consent Only collected if you enable "Share anonymous analytics"
Error tracking and crash reports Consent Only collected if you enable analytics (opt-out applies to both)
Security and fraud prevention Legitimate Interest Necessary to protect our services and users
Legal compliance Legal Obligation Required to comply with applicable laws

You have the right to withdraw consent at any time for processing based on consent (analytics and error tracking) through Settings → Privacy.

For California Residents (CCPA/CPRA):

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have specific rights regarding their personal information.

Notice at Collection:

We collect the following categories of personal information and use them for the purposes described:

Category Examples from Our App Business Purpose Sold/Shared?
Identifiers Email address, device identifiers, user ID Account creation, authentication, sync across devices No
Customer Records Business name, phone, address, email Store and display business profile on invoices No
Commercial Information Subscription status, purchase history, invoice records Manage subscription, provide invoicing functionality No
Internet/Network Activity Device type, OS version, app interactions, error logs Analytics (opt-in), error tracking (opt-in), service improvement No
Professional Information Business profile, customer database, invoice line items Provide core invoicing and business management features No
Visual Information Business logo (optional) Customize invoices with your branding No

Retention: We retain personal information for as long as your account is active. When you delete your account, we initiate immediate deletion from Firebase Authentication, Firestore, and local device storage. Complete removal from third-party backup systems (Firebase/Google Cloud Platform) may take up to 30 days per their data retention policies.

Sale and Sharing: We do NOT sell or share your personal information for cross-context behavioral advertising. We do NOT sell or share personal information of minors under 16.

Sensitive Personal Information: We collect your account password (encrypted) for authentication. We do not use or disclose sensitive personal information except as necessary to provide the App services.

Your CCPA/CPRA Rights:

Exercising Your Rights: Contact us at info@cavoreum.com or use the in-app data export and account deletion features. We will respond within 45 days. You may designate an authorized agent to make requests on your behalf.

For South African Residents (POPIA):

Under the Protection of Personal Information Act 4 of 2013 (POPIA), South African residents have specific rights regarding their personal information.

Information Officer:
Cavoreum
Email: info@cavoreum.com
Address: Unit 1 Boskruin View Office Park, 1 Girdwood Avenue, Johannesburg, 2125

Lawful Processing Conditions:

We process your personal information in compliance with POPIA's 8 conditions for lawful processing:

  1. Accountability: We implement appropriate measures to ensure compliance with POPIA
  2. Processing Limitation: We process information only for the purposes disclosed in this policy
  3. Purpose Specification: See Section 2 "How We Use Your Information" for detailed purposes
  4. Further Processing Limitation: We do not process information for purposes incompatible with original collection
  5. Information Quality: You can update your information at any time through the App
  6. Openness: This Privacy Policy provides transparent information about our processing activities
  7. Security Safeguards: See Section 4.2 "Data Security" for our security measures
  8. Data Subject Participation: See below for your rights

Your POPIA Rights:

Cross-Border Transfers:

Your personal information may be transferred to countries outside South Africa (including the United States for Firebase and Sentry services). We ensure adequate safeguards are in place through:

Information Regulator Contact:

If you believe we have not complied with POPIA, you may lodge a complaint with:

Information Regulator (South Africa)
Email: inforeg@justice.gov.za
Website: https://www.justice.gov.za/inforeg/

Exercising Your Rights: Contact our Information Officer at info@cavoreum.com or use the in-app data export and account deletion features.

6. Children's Privacy

Invoice Easy is not intended for use by children under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

7. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ.

If you are located outside the United States and choose to provide information to us, please note that we transfer data, including personal information, to the United States and process it there.

By using the App, you consent to this transfer and processing.

For EU/EEA residents, we ensure appropriate safeguards are in place for international data transfers, including reliance on:

8. Third-Party Links

The App may contain links to third-party websites or services (e.g., when sharing invoices via email or messaging apps). We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing any information.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

Your continued use of the App after any changes indicates your acceptance of the updated Privacy Policy.

10. California "Shine the Light" Law

California Civil Code Section 1798.83 permits California residents to request information regarding disclosure of personal information to third parties for direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes.

11. Do Not Track Signals

Some web browsers have a "Do Not Track" feature. Because there is no common understanding of how to interpret Do Not Track signals, our App does not currently respond to Do Not Track signals. We do, however, provide you with the ability to opt out of analytics tracking through the in-app Settings.

12. Data Controller and Representative

Data Controller:
Cavoreum
Unit 1 Boskruin View Office Park
1 Girdwood Avenue
Johannesburg, 2125
Email: info@cavoreum.com

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: info@cavoreum.com

For data protection inquiries from EU/EEA residents, please include "GDPR Request" in your subject line.

Summary for Quick Reference

What We Collect:

How We Use It:

Who We Share With:

Your Rights:

Security:

Questions?
Contact us at info@cavoreum.com