← BillBook Business

Privacy Policy

Last updated: 11 June 2026

This policy explains how we handle personal data when you use BillBook Business. We have written it to meet the EU General Data Protection Regulation (GDPR / DSGVO). BillBook Business is local-first: by default your business records stay on your own device, and we deliberately collect as little as possible.

Who is responsible (Controller)

The controller for personal data processed through the Service is:

Shamil Niyas, trading as Shamrocks Games
Neue Heimat 16, 65795 Hattersheim am Main, Germany
Email: privacy@billbookbusiness.com

Full business details are in our Legal Notice (Impressum).

Local-first by default

Your invoices, receipts, cashbook entries, orders, stock and customer records are saved in the app’s storage on your own device. Unless you turn on optional cloud sync, none of it is sent to us or anyone else. Because the data lives on your device, clearing the app’s data or uninstalling it removes it — so please keep your own backups (you can export your data at any time).

What we process, why, and our legal basis

  • Account data — if you sign in with Google, we receive your name, email address and profile picture, only to create and secure your account. Legal basis: performance of a contract (Art. 6(1)(b) GDPR).
  • Your business records — if you enable cloud sync, the records you choose to sync are stored so you can back them up and use them across devices. Legal basis: contract (Art. 6(1)(b)).
  • Subscription & billing data — paid plans are handled by our Merchant of Record, Paddle (see below). Paddle processes your payment details; we receive only limited transaction and billing information needed to manage your subscription and meet our record-keeping and tax obligations. Legal basis: contract (Art. 6(1)(b)) and legal obligation (Art. 6(1)(c)).
  • Smart features — only when you choose to use the Smart Helper or Snap-a-bill, the question you type with the relevant business figures, or the photo of a bill you scan, is sent securely to our AI processor to produce that single answer or reading. It is never used for advertising or to train models, and never sold. Legal basis: contract / your request (Art. 6(1)(b)).
  • Technical & security data — our hosting provider processes basic request data (such as IP address and timestamps) to deliver the site securely and prevent abuse. Legal basis: legitimate interests in security and reliability (Art. 6(1)(f)).

Who processes data for us

We use a small number of carefully chosen service providers who process data on our behalf under data-processing agreements, or as independent providers where noted:

  • Paddle (Paddle.com Market Limited) — payments and subscription billing, as our Merchant of Record. See Paddle’s Privacy Policy.
  • Google — optional “Continue with Google” sign-in. Our use of information received from Google APIs follows the Limited Use requirements of the Google API Services User Data Policy.
  • Supabase — secure cloud database for optional cloud sync, with per-user Row-Level Security so only you can read or write your own data.
  • Cloudflare — website and app hosting, content delivery and security.
  • Anthropic — the AI provider that powers the Smart Helper and Snap-a-bill when you use them. Data sent for these features is not used to train models.

We do not sell your data or your customers’ details, and we do not show third-party advertising.

International transfers

Some of these providers process data outside the European Economic Area (for example in the United States). Where that happens, the transfer is protected by appropriate safeguards such as the EU Standard Contractual Clauses and/or an adequacy decision. You can ask us for more detail using the contact above.

What we deliberately do not do

BillBook is not a payments product: it does not connect to any bank, card processor or payment gateway from your device, and never stores card, bank-account or payment-token details — those are handled solely by Paddle at checkout. Any QR code you display is your own bank-issued code. We never sell your data, and we do not profile you for advertising. BillBook is invoicing and billing software — not a marketplace or a place to buy or sell digital content.

How long we keep data

We keep account and synced data for as long as your account is active. You can delete your account and data from within the app at any time, after which we delete it from our active systems, except where we must keep limited billing records to meet legal and tax obligations.

Your rights

Under the GDPR you have the right to access, correct, delete or port your data, to restrict or object to certain processing, and to withdraw any consent at any time. To exercise these rights, contact privacy@billbookbusiness.com. You also have the right to lodge a complaint with a data-protection supervisory authority — for us, the competent authority is the Hessian Commissioner for Data Protection and Freedom of Information (Der Hessische Beauftragte für Datenschutz und Informationsfreiheit).

Children

BillBook Business is intended for business owners and is not directed at children.

Changes to this policy

We may update this policy as the Service evolves; the date above reflects the current version.

Contact

Privacy questions or requests: privacy@billbookbusiness.com. General support: support@billbookbusiness.com.

← Back to BillBook Business