Privacy Policy

When you use Lance, we may collect:

• Account information: Your name, email address, and profile photo provided by Google OAuth during sign-in
• Invoice data: Business details, client information, line items, and payment details you enter into invoices
• Usage data: Pages visited, features used, and general interaction patterns (no keystroke logging)
• Client data: Client names, email addresses, GSTIN numbers, and addresses you enter for invoicing purposes
• Financial data: Invoice amounts, payment terms, milestone status, and settlement records

Your information is used to:

• Provide and maintain the Service
• Process brief text through AI extraction (third-party AI provider) to generate structured invoice data
• Store your invoices securely in the cloud (for authenticated users)
• Improve the extraction engine and user experience

Lance may use AI services to process project briefs into structured invoice data. When this feature is active, your brief text is sent to a third-party AI provider for processing. The AI provider processes data in accordance with their own data usage policies. No brief data is stored by the AI provider for training purposes. This feature is optional — you can always create invoices manually without AI processing.

Local storage:Draft invoices are saved in your browser's localStorage for convenience. This data remains on your device and is not transmitted to our servers unless you explicitly save to the cloud.

Cloud storage: When you are logged in and save an invoice, it is stored in our Supabase PostgreSQL database. Each invoice is associated with your user account and protected by Row-Level Security (RLS), meaning only you can access your data.

We do not sell, rent, or share your personal information with third parties for marketing purposes. Data is shared only with:

• Third-Party AI Provider: For AI-powered brief extraction (transient processing only)
• Supabase: For authentication and data storage
• Vercel: For application hosting and delivery

Your invoice data is retained for as long as your account is active. You may delete individual invoices at any time from the Invoice History page. If you wish to delete your entire account and all associated data, please contact us.

We implement industry-standard security measures including:

• HTTPS encryption for all data in transit
• Row-Level Security (RLS) ensuring users can only access their own invoices
• OAuth-based authentication (no passwords stored by Lance)
• Server-side API key management (OpenAI keys never exposed to the client)

You have the right to:

• Access your stored invoice data
• Delete your invoices at any time
• Export your invoices as PDF
• Request account deletion

Lance uses essential cookies for authentication session management. We do not use advertising cookies or third-party tracking cookies. Analytics, if implemented, use privacy-respecting, cookie-free methods.

Lance is not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

We may update this Privacy Policy from time to time. Changes will be reflected on this page with an updated effective date. Continued use of the Service after changes constitutes acceptance.

For privacy-related questions or data requests, please reach out via the contact information provided on the platform.

Under India's Digital Personal Data Protection Act, 2023, you have the right to: (a) access your personal data held by Lance, (b) request correction of inaccurate data, (c) request deletion of your data (right to erasure), and (d) withdraw consent for data processing. To exercise any of these rights, contact us at hello@lanceinvoice.xyz. We will respond within 30 days.

Your invoice data is retained as long as your account is active. If you delete your account, all associated data (invoices, client records, profile information) will be permanently deleted within 30 days. You can delete individual invoices at any time from your dashboard.

Lance uses Supabase (hosted infrastructure) and Vercel (application hosting), which may process data in regions outside India. By using Lance, you consent to this transfer. All data is encrypted in transit (TLS) and at rest.