Privacy Policy

← Back to Home

1. Data Controller

The data controller responsible for processing your personal data is:

iPendio, Inc.
580 Howard Street, Suite 210
San Francisco, CA 94105, United States
Email: privacy@ipendio.com
Phone: +1 (415) 829-7143

For matters concerning data protection, you may contact our Privacy Officer directly at privacy@ipendio.com.

2. Data We Collect

We collect and process the following categories of personal data in the course of providing our services:

Account Data

Full name, business email address, job title, phone number, organization name, and role within the platform. Collected during registration or when an administrator invites a user.

Usage Data

Actions performed within the platform (invoices submitted, approvals granted, reports generated), feature interactions, session timestamps, and workflow configurations.

Technical Data

IP address, browser type, device identifiers, operating system, referring URLs, and access logs. Collected automatically via standard web protocols.

Financial Data

Invoice line items, vendor payment information, purchase order details, and budget allocations submitted by client organizations. iPendio processes this data on behalf of the client (as a data processor) to deliver platform functionality.

3. How We Use Data

We process personal data for the following specific purposes:

• Service delivery: Processing invoices, executing approval workflows, generating analytics reports, and delivering the core platform functionality.
• Transactional notifications: Sending confirmations, approval requests, payment receipts, budget alerts, and security notifications triggered by user actions or system events.
• Billing and administration: Managing subscriptions, processing payments, and maintaining account records.
• Security and fraud prevention: Monitoring access patterns, detecting anomalies, enforcing authentication, and protecting data integrity.
• Legal compliance: Fulfilling regulatory obligations including tax reporting, audit requirements, and law enforcement requests.
• Platform improvement: Analyzing aggregated, anonymized usage patterns to improve features and user experience. No individual tracking is performed for this purpose.

4. Legal Bases for Processing (GDPR)

Under the General Data Protection Regulation, we rely on the following legal bases:

Legal Basis	Processing Activity
Performance of Contract	Delivering platform services, processing invoices, executing payment workflows, managing user accounts, and sending transactional notifications.
Legitimate Interest	Platform security monitoring, fraud prevention, usage analytics (aggregated/anonymized), and infrastructure optimization.
Legal Obligation	Tax reporting, financial audit compliance, law enforcement requests, and regulatory obligations.
Consent	Optional operational notifications that users may choose to receive (managed via our Notification Preferences page).

5. No Data Selling

iPendio does not sell, rent, lease, or trade personal data to any third parties. We do not share personal data with advertisers, data brokers, or marketing partners. This commitment applies to all categories of data we collect, including account data, usage data, technical data, and financial data processed on behalf of our clients.

We will never monetize your data or your end users' data. Our revenue comes solely from platform subscription fees.

6. Sub-Processors

We engage a limited number of sub-processors to deliver our services. Each sub-processor is contractually bound to equivalent data protection obligations:

Sub-Processor	Purpose	Location
Amazon Web Services (AWS)	Cloud infrastructure, compute, storage, and database hosting (us-west-2, Oregon)	United States
Mailgun (Sinch)	Transactional email delivery via SMTP relay for system notifications	United States / EU
Stripe, Inc.	Payment processing for subscription billing	United States

We do not engage additional sub-processors without prior notice to affected clients. A current list of sub-processors is maintained at our Trust Center.

7. International Data Transfers

Our primary infrastructure is located within the United States. When personal data is transferred from the European Economic Area (EEA), United Kingdom, or Switzerland to the United States, we ensure adequate protection through:

• Standard Contractual Clauses (SCCs): We incorporate EU-approved SCCs into our agreements with sub-processors and clients.
• EU-US Data Privacy Framework: We support and align our practices with the EU-US Data Privacy Framework principles.
• Supplementary measures: We implement encryption in transit and at rest, access controls, and pseudonymization where feasible.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this policy:

Data Category	Retention Period
Account data	Duration of the service relationship + 90 days post-termination for data export
Invoice and financial data	7 years (tax and audit compliance requirements)
Usage data	24 months, then aggregated/anonymized
Technical logs	12 months
Email delivery logs	90 days
Security and access audit logs	12 months
Billing records	7 years (legal requirement)

After the applicable retention period, data is securely deleted or irreversibly anonymized.

9. Your Rights — GDPR

If you are located in the European Economic Area, United Kingdom, or Switzerland, you have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete personal data.
• Right to Erasure: Request deletion of your personal data, subject to legal retention obligations.
• Right to Restriction: Request that we limit the processing of your personal data under certain circumstances.
• Right to Data Portability: Receive your personal data in a structured, commonly used, machine-readable format.
• Right to Object: Object to processing based on legitimate interest or for direct marketing purposes.
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact privacy@ipendio.com. We will respond within 30 days of receiving your verified request. You also have the right to lodge a complaint with your local data protection authority.

10. Your Rights — CCPA

If you are a California resident, the California Consumer Privacy Act (CCPA) provides the following rights:

• Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you.
• Right to Delete: Request deletion of personal information we have collected, subject to certain exceptions.
• Right to Opt-Out of Sale: iPendio does not sell personal information. No opt-out mechanism is necessary, but we honor this right categorically.
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To submit a CCPA request, email privacy@ipendio.com or call +1 (415) 829-7143. We will verify your identity before processing the request and respond within 45 days.

11. Cookies

iPendio uses only strictly necessary cookies for platform operation:

• Session cookie: Maintains your authenticated session while using the platform. Expires when you close your browser or after 24 hours of inactivity.
• CSRF token: Protects against cross-site request forgery attacks. Essential for security.

We do not deploy:

• Advertising or marketing cookies
• Third-party tracking pixels or analytics scripts
• Social media tracking widgets
• Cross-site tracking mechanisms

Because we use only strictly necessary cookies, no cookie consent mechanism beyond acknowledgment is required under GDPR. However, we provide transparent disclosure in our cookie banner.

12. Data Security

We implement comprehensive technical and organizational measures to protect personal data:

• Encryption in transit: All data transmitted between clients and the platform is encrypted using TLS 1.3.
• Encryption at rest: Databases, file storage, and backups are encrypted using AES-256.
• Access controls: Role-Based Access Control (RBAC) restricts data access to authorized personnel. Principle of least privilege is enforced.
• Multi-Factor Authentication: MFA is mandatory for all administrative accounts and available for all users.
• Vulnerability management: Regular penetration testing, automated dependency scanning, and code review processes.
• Incident response: Documented incident response plan with defined escalation procedures and notification timelines (72-hour GDPR notification commitment).

For additional details, visit our Trust Center.

13. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices, legal requirements, or platform functionality. When we make material changes:

• We will provide at least 30 days' advance notice via email to registered account holders.
• An updated effective date will be prominently displayed at the top of this page.
• Significant changes will be highlighted in a summary changelog.

Continued use of the platform after the effective date of a revised policy constitutes acceptance of the updated terms.

14. Contact

For privacy-related inquiries, data subject requests, or concerns about our data practices:

Privacy Officer — iPendio, Inc.
580 Howard Street, Suite 210
San Francisco, CA 94105, United States
Email: privacy@ipendio.com
Phone: +1 (415) 829-7143

For general inquiries: info@ipendio.com
For security issues: security@ipendio.com
For abuse reports: abuse@ipendio.com