Zap Invoice

Privacy Policy

Last updated: 19 May 2026

This Privacy Policy describes how Zap Invoice ("Zap Invoice", "we", "our", or "us") collects, uses, and protects information about you when you use our website at zapinvoice.in and our invoicing services.

1. Who We Are

Zap Invoice is a GST invoicing platform built for Indian freelancers and small businesses. We operate from India and are committed to protecting your personal data in compliance with applicable Indian data protection laws.

For any privacy-related queries, contact us at: support@zapinvoice.in

2. What Data We Collect

Account Information

  • Email address — collected when you sign up via Supabase Auth (magic link or password)
  • Authentication tokens — session tokens stored in secure HTTP-only cookies to keep you signed in

Business Profile Data

When you fill your business profile, we store:

  • Business/freelancer name
  • Business address and state
  • GSTIN (GST Identification Number)
  • Phone number and email (optional)
  • Bank account details (account number, IFSC, bank name) — for prefilling invoice payment details only
  • UPI ID — for generating UPI QR codes on invoices
  • Business logo — uploaded to secure cloud storage

Invoice Data

  • All invoices you create — including client details, line items, amounts, and tax calculations
  • Invoice history and status
  • Client master records (Pro feature)
  • Product/service catalogue entries (Pro feature)

Payment Information

Subscription payments are processed by Razorpay. We never see, store, or have access to your card number, UPI credentials, or bank account details. Razorpay processes all payments directly and shares only the transaction status with us.

Anonymous Usage

If you use the invoice builder without signing up, invoice count data is stored in your browser's localStorage only — on your device, never transmitted to our servers.

Technical Data

  • IP address (logged by our hosting provider Vercel for security)
  • Browser type and version (via standard HTTP headers)
  • Pages visited and timestamps (server logs only; not used for advertising)

3. How We Use Your Data

  • Service delivery — to provide the invoicing platform, prefill your invoices, and manage your account
  • Billing — to manage your Pro subscription via Razorpay
  • Customer support — to respond to your queries and resolve issues
  • Security — to detect and prevent fraud, abuse, and unauthorized access
  • Product improvement — anonymized, aggregated usage patterns to improve our features

We do not send marketing emails without your explicit consent. We do not use your data for advertising.

4. Data Storage and Security

Your data is stored on Supabase (hosted on AWS Mumbai region, ap-south-1) — keeping your data within India. We implement:

  • TLS/HTTPS encryption for all data in transit
  • AES-256 encryption for data at rest
  • Row-Level Security (RLS) policies ensuring each user can only access their own data
  • Regular database backups

5. Third-Party Service Providers

We share data with these processors only to the extent necessary to provide the service:

  • Supabase (supabase.com) — database, authentication, and file storage
  • Razorpay (razorpay.com) — payment processing for Pro subscriptions
  • Resend (resend.com) — transactional email delivery (invoice emails, OTP)
  • Vercel (vercel.com) — web hosting and edge delivery

Each provider has its own privacy policy and security certifications. We do not sell or share your data with any other third parties.

6. We Never Sell Your Data

We will never sell, rent, or trade your personal information or invoice data to any third party, advertiser, or data broker — under any circumstances.

7. Cookies

We use only the following cookies:

  • Authentication session cookie — stores your login session (secure, HTTP-only, expires on logout)
  • Theme preference — stores your dark/light mode preference in localStorage (not a cookie; client-only)

We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

8. Your Rights

You have the right to:

  • Access your data — export your business profile and invoices from the dashboard
  • Correct your data — edit your business profile and invoice details at any time
  • Delete your data — delete individual invoices from the dashboard; request full account deletion by emailing support@zapinvoice.in
  • Withdraw consent — cancel your Pro subscription at any time from the Billing page

9. Data Retention

  • Active account data is retained as long as your account exists
  • After account deletion, your data is permanently deleted within 30 days
  • Payment records are retained as required by Indian GST and financial regulations (typically 7 years)

10. Children's Privacy

Our service is not intended for persons under 18 years of age. We do not knowingly collect personal information from minors. If you believe a minor has created an account, please contact us for immediate deletion.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email (if you are a registered user) and update the "Last updated" date above. Continued use of the service after changes constitutes acceptance of the revised policy.

12. Contact Us

For any privacy concerns, data requests, or questions about this policy:

  • Email: support@zapinvoice.in
  • Website: zapinvoice.in