Privacy Policy

Data We Collect

• Account information such as name, email address, phone number, and company name.
• Usage data such as activity history, system logs, and technical records.
• Documents you upload and data extracted from those documents to provide the service.

Purposes of Data Use

• To provide and improve the performance of our service.
• To support users and resolve issues.
• To maintain security and prevent inappropriate use.
• To comply with applicable laws and regulations.

Data Disclosure

We may share data with service providers necessary for our operations, such as hosting, payment processing, and email delivery. These providers are required to comply with security and privacy standards.

We may also disclose data when required by a legal order or to protect the rights and safety of our users.

Data Retention and Security

We retain data only as long as necessary for its stated purpose and employ technical and organizational measures to protect it, including encryption, access controls, and regular security reviews.

Data Subject Rights

• Request access to or a copy of your personal data.
• Request correction of inaccurate or outdated data.
• Request deletion or restriction of data processing as permitted by law.
• Withdraw consent (where applicable) and object to certain types of processing.

Google Services Integration (Google API Services User Data)

ACCOS connects to Google services so that you can store signed accounting documents into your own Google Drive. Our use of data from your Google account complies with the Google API Services User Data Policy, including the Limited Use requirements.

ACCOS's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Permissions ACCOS Requests from Your Google Account

ACCOS requests only the https://www.googleapis.com/auth/drive.file scope, which allows the application to create, read, update, and delete only the files it creates or that you explicitly open with ACCOS. We cannot see or access any other files in your Google Drive.

Compliance with the Limited Use Policy

ACCOS affirms that data obtained from your Google account via OAuth will:

• Be used only to provide the user-facing features described in this Privacy Policy and the application (storing accounting documents in your Google Drive).
• Not be used to serve advertisements or to build marketing profiles for ACCOS or any third party.
• Not be read by humans, except (a) with your explicit consent, (b) when necessary for security purposes such as investigating abuse, (c) to comply with applicable law, or (d) when the data is aggregated and used for internal operations in a non-identifiable form.
• Not be transferred to third parties except as needed to provide or improve the service, when required by law, or as part of a merger or acquisition with comparable data protection guarantees.
• Not be used to train generalised AI or machine-learning models. Document content is sent to our AI processing provider only at the moment of extraction; under the provider's paid API terms, this data is not used to train or improve the provider's models.

AI Processing of Document Content

ACCOS uses an AI processing provider to classify each document (invoice, receipt, withholding tax certificate, etc.) and extract structured fields (counterparty, amount, tax, line items). Document content is transmitted to the AI provider only at the moment of extraction. ACCOS does NOT retain a copy of the file on its servers after extraction completes — the original file lives only in your own Google Drive. Extracted structured data (text fields, not the original file) is stored in our application database so you can edit it, export it to your accounting software, and audit it later.

ACCOS Inbox — LINE OA Document Intake (Optional Module)

For accounting firms using the optional ACCOS Inbox module, your SME clients can send documents via LINE. The data flow is: (1) LINE delivers the file to ACCOS's webhook; (2) ACCOS uploads the file directly into your own Google Drive (drive.file scope) under a pending folder; (3) AI classifies and extracts the data; (4) the Drive file is moved into the year/month/document-type folder of the correct SME client; (5) any temporary copy on ACCOS's servers is deleted. ACCOS does NOT retain copies of client documents — they reside only in your firm's own Google Drive, under your firm's full control. If the firm's Drive is temporarily unreachable, the file is held in an encrypted short-lived buffer on ACCOS's servers (AES-256-GCM) and uploaded as soon as Drive reconnects, after which the buffer is deleted.

Sub-processors

ACCOS uses the following service providers to operate:

• Google LLC — Google Drive API (storing your files in your own Google account)
• AI processing provider — document classification and data extraction (content is sent only at the moment of extraction and is not used to train models)
• Amazon Web Services — S3 (temporary file storage), ECS/CloudFront (hosting)
• MongoDB Atlas — Application database (documents and user records)
• Stripe — Payment processing (does not receive your Google data)

Revoking Access

You may revoke ACCOS's access to your Google Drive at any time in two ways: (1) Inside ACCOS, navigate to 'Cloud Storage Connection' and click 'Disconnect'; or (2) In your Google Account, visit https://myaccount.google.com/permissions, select ACCOS, and click 'Remove access'. After revocation, ACCOS will no longer be able to access your Google Drive. Files already created remain in your Drive under your control.

Contact Us

If you have questions about this Privacy Policy, please contact our team ataccos@botnlife.co or info@botnlife.co