Invoice BridgeSign in

Privacy Policy

Last updated: 6/17/2026

1. What data we collect

Invoice Bridge collects the minimum data needed to operate:

  • Account data: email address and password hash for authentication. Your email is also used to send one-time verification codes as part of our multi-factor authentication (MFA) flow.
  • Banking data (via Plaid): account balances, transaction history, account numbers (masked), and institution names — only when you explicitly connect a bank account.
  • Invoice data: PDFs you upload for batch processing, extracted vendor names, amounts, and GL accounts.
  • Rent Manager credentials: API credentials you provide to push bills into Rent Manager.

2. How we use Plaid

We use Plaid Inc. to connect to your financial institutions. When you link a bank account:

  • Plaid authenticates directly with your bank; we never see your online banking password.
  • We receive read-only access to balances and transactions — we cannot move money or make changes to your accounts.
  • You can unlink a bank account at any time from the Banking page; all associated data is deleted.

Plaid's privacy practices are governed by their Privacy Policy and End User Privacy Policy.

3. How we store and protect data

All data is stored in an encrypted database (AES-256 at rest) and transmitted over TLS 1.2+ in transit. Access tokens from Plaid are encrypted at the application layer before storage. The application is single-tenant — your data is isolated and accessible only to authenticated users within your organization.

Multi-Factor Authentication (MFA): Invoice Bridge requires MFA for all user sign-ins. When logging in with email and password, a one-time verification code is sent to your registered email address. You must enter this code to complete authentication. This second factor ensures that access to your account requires both something you know (your password) and something you have (access to your email). MFA is enforced before any user can access Plaid Link or connect a bank account.

4. Data Retention and Disposal Policy

Invoice Bridge retains data only as long as necessary to provide the service and comply with legal obligations. Our retention and disposal practices are as follows:

  • Banking data (balances, transactions, account metadata): Retained only while the bank connection is active. Upon unlinking an account, all associated transaction data and balances are deleted within 30 days. Plaid access tokens are revoked and removed immediately upon unlinking.
  • Invoice data (uploaded PDFs, extracted vendor names, amounts, GL accounts): Retained until the user deletes the batch or their account. Users may delete individual batches at any time from the Batches page; deletion is immediate and irreversible.
  • Rent Manager API credentials: Stored encrypted and retained only while the user account is active. Deleted upon account deletion.
  • Authentication data (email, password hash, MFA/OTP records): Retained until the user account is deleted. One-time verification codes are single-use and expire within minutes of being issued. Account deletion requests are fulfilled within 14 business days.
  • System logs and audit data: Retained for 90 days for security and troubleshooting purposes, then automatically purged.

Disposal method: All deletions are performed via secure, hard-delete operations against our database. Data is not recoverable after deletion. Backups are retained for 7 days for disaster recovery; data deleted by users is removed from active backups within that 7-day window.

Policy review: This Data Retention and Disposal Policy is reviewed annually and updated as necessary to comply with evolving privacy laws and business requirements. Users will be notified of material changes.

5. Data sharing

We do not sell, rent, or share your data with third parties for marketing purposes. The only third-party services we use are Plaid (for bank connections) and your own Rent Manager instance (for bill pushing).

6. Your rights

You can:

  • Unlink bank accounts and delete associated transactions at any time.
  • Delete uploaded invoice batches and their extracted data.
  • Contact your administrator to request full account deletion.

7. Contact

For privacy-related questions, contact the administrator of your Invoice Bridge instance.