mozey Privacy Policy

1. Information We Collect

We collect the following types of information:

A. Information You Provide Directly

• Account Information: Name, email address, password when you create an account.
• Receipt Data: Images of receipts, invoices, and related documents you upload.
• Extracted Data: Vendor names, dates, amounts, tax information, and other data extracted from your receipts via OCR and AI.
• Invoice & Contract Data: Invoice details including client information, payment amounts, dates, line items, contract content, AI-generated contract templates, quote content, quote expiration dates, and associated metadata.
• Client Information: Client names, email addresses, company names, addresses, phone numbers, and communication history when you create invoices or contracts.
• Payment Method Information: Payment method details you display to clients (Stripe links, PayPal, Zelle, Venmo, Wire transfer, CashApp, Wise, Bank transfer, Check). We do not store payment processing data.
• E-Signature Data: Digital signature data, signer names, email addresses, IP addresses of signatories, and signature timestamps for contract management.
• Document Sharing Tokens: Secure tokens used to share invoices, quotes, and contracts with clients, along with token access logs and expiration data.
• Subscription & Billing Information: We use Lemon Squeezy to handle billing. We do not store your full credit card details on our servers.

B. Information Collected Automatically

• Usage Data: Pages visited, features used, time spent, device type, browser type, IP address.
• Cookies and Tracking Technologies: We use cookies and similar technologies to improve user experience and analyze usage patterns.

2. How We Use Your Information

We use your information to:

• Provide, operate, and maintain the Service,
• Process your receipts using OCR and AI to extract data,
• Organize and categorize your expenses,
• Create, manage, and store invoices, contracts, and quotes,
• Generate AI-powered contract templates based on your inputs,
• Allow you to export your data in various formats (CSV, PDF, etc.),
• Communicate with you about your account, updates, and support requests,
• Improve and personalize the Service,
• Detect and prevent fraud or security issues,
• Comply with legal obligations.

3. How We Share Your Information

We may share your information in the following limited circumstances:

A. Service Providers

We work with trusted third-party providers to help operate the Service, including:

• Cloud storage providers (to store your receipt images, invoices, contracts, and data),
• OCR and AI processing services,
• Payment processor (Lemon Squeezy),
• Email and communication tools (for account notifications and support).

These providers are contractually obligated to protect your data and use it only for the purposes we specify.

B. Client Visibility

When you create invoices, quotes, or contracts and share them with clients (either via email or through shared tokens), your client may receive limited information such as invoice amounts, dates, and other details necessary to complete the transaction. Client emails and names are shared only when necessary for the service you explicitly request.

C. Legal Requirements

We may disclose your information if required by law, court order, or governmental authority, or to protect the rights, property, or safety of mozey, our users, or others.

D. Business Transfers

If mozey is acquired or merged with another company, your information may be transferred as part of that transaction. We will notify you if this occurs.

4. Third-Party Services

We use the following third-party services to operate mozey:

5. AI & Data Processing

When you use mozey's AI-powered features, here's how we handle your data:

• Receipt Scanning: Receipt images are processed using AI-powered OCR to extract data. Original images are encrypted at rest using AES-256 encryption.
• Contract Generation: Contract templates are AI-generated based on your inputs (contract type, parties, terms). We process your inputs securely to provide tailored templates.
• No AI Training: Your receipt data, contract content, invoice details, and client information are NOT used for AI model training.
• US-Based Processing: AI processing servers are located in the United States.
• Minimal Retention: AI providers process data in real-time and do not retain it after processing for model training purposes.

6. Invoice, Contract & Quote Data Management

mozey provides comprehensive invoicing, contract management, and quoting features. Here's how we handle this data:

• Invoice Storage: Invoice data including client names, email addresses, company information, line item descriptions, rates, amounts, payment dates, and status information are securely stored in your account and encrypted at rest.
• Invoice Sending: When you send invoices to clients, we transmit the invoice securely and track delivery. Client email addresses are used only for invoice delivery and payment reminders.
• Payment Tracking: Invoice payment status (unpaid, paid, overdue) is tracked and updated. You can mark invoices as paid and record the payment method and date.
• Payment Method Display: Your preferred payment methods (Stripe, PayPal, Zelle, Venmo, Wire, CashApp, Wise, Bank, Check) are displayed on invoices sent to clients. We do not process payments directly or store payment processing information.
• Contract Management: Contracts you create or upload are stored securely. AI-generated contract templates are created based on your specifications and stored in your account.
• E-Signatures: Digital signature data, signer names, signer email addresses, IP addresses, and timestamps are stored securely. E-signatures use cryptographic verification to ensure authenticity.
• Quote Tracking: Quotes you create are stored with line items, pricing, expiration dates, and acceptance/rejection status. You can monitor client responses and convert approved quotes to invoices.
• Secure Document Sharing: When you share invoices, contracts, or quotes with clients via unique token-based secure links, documents are accessible to the intended recipient only using time-limited access tokens. Access is restricted and logged.
• Client-Facing Pages: Clients access shared documents through secure, token-protected pages. These pages display invoice details, contract content, or quote information without exposing other sensitive data.
• Client Data Responsibility: You are responsible for ensuring you have the legal right to collect and process client information (names, emails, addresses, phone numbers, payment details) in accordance with applicable privacy laws.

7. Data Retention

We retain your data according to the following schedule:

• Receipt and Tax Data: Retained for 7 years to comply with IRS Schedule C record-keeping requirements.
• Invoice, Contract & Quote Data: Retained for 7 years for tax and legal compliance purposes.
• Account Data: Deleted within 30 days of an account deletion request.
• Data Export: You can export all your data at any time in CSV or PDF format from your account dashboard.
• Billing Records: Some billing records may be retained for legal or tax compliance purposes as required by law.

If you delete your account, your receipt images, invoices, contracts, quotes, and extracted data will be permanently deleted within 30 days.

8. Your Rights and Choices

Depending on your location, you may have the following rights:

A. Access and Portability

You can access, download, and export your data at any time through your account dashboard.

B. Correction

You can update or correct your account information, receipt data, invoices, contracts, and quotes within the app.

C. Deletion

You can request deletion of your account and all associated data by contacting us at hello@mozey.co or using the account deletion feature in settings.

D. Opt-Out of Marketing

You can unsubscribe from promotional emails by clicking the "unsubscribe" link in any marketing email.

E. Cookies

You can control or disable cookies through your browser settings. Note that disabling cookies may affect your ability to use certain features of the Service.

9. California Residents Rights (CCPA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You have the right to know what personal data we collect, use, and share about you.
• Right to Delete: You have the right to request deletion of your personal data.
• Right to Opt-Out: You have the right to opt-out of the sale of your personal data. We do not sell your personal data.
• Right to Non-Discrimination: You have the right to not be discriminated against for exercising your CCPA rights.

10. Data Security

We take data security seriously and use industry-standard measures to protect your information, including:

• Encryption of data in transit (TLS/SSL),
• Encryption of data at rest (AES-256),
• Access controls and authentication,
• Regular security audits and monitoring.

However, no system is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

11. International Data Transfers

mozey is based in the United States. If you access the Service from outside this country, your information may be transferred to, stored, and processed in servers located in other countries (such as the United States).

By using the Service, you consent to such transfers. We ensure that appropriate safeguards (such as Standard Contractual Clauses) are in place to protect your data.

12. Children's Privacy

mozey is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.

13. Third-Party Links and Services

The Service may contain links to third-party websites or integrations (such as accounting software). We are not responsible for the privacy practices of these third parties. Please review their privacy policies before providing any information.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make significant changes, we will notify you via email or through a notice on the Service.

Your continued use of the Service after changes are posted means you accept the updated policy.

15. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us: