Privacy Policy
Last Updated: June 27, 2026
This Privacy Policy explains exactly what data Invoice Generator collects, how we use and store it, who we share it with, and the choices you have. We aim to collect only what we need to run the service.
On this page
- 1. Introduction
- 2. Information We Collect
- 3. How We Use Your Information
- 4. How & Where Data Is Stored
- 5. Cookies & Local Storage
- 6. How We Share Your Information
- 7. Sharing Invoices & Client Data
- 8. Data Retention
- 9. Your Rights & Choices
- 10. How We Protect Your Data
- 11. International Data Transfers
- 12. Children's Privacy
- 13. Changes to This Policy
- 14. Contact Us
1. Introduction
Invoice Generator (the "Service") is operated by DynamicAT ("we", "us", or "our") and available at invoice.dynamicat.co. This policy applies to data we handle when you use the Service. It should be read together with our Terms of Service.
2. Information We Collect
We collect the following categories of information — and nothing more than what the features you use require.
Account information
If you create an account, we store:
- Your email address and name.
- Your password, stored only as a securely hashed value (we never store it in plain text). If you sign in with Google, we store a Google account identifier instead of a password and record that Google was your sign-in method.
- Optional profile details you choose to add: company name, phone number, and address.
- Your onboarding status and a record of which "What's New" announcements you have seen.
Invoice and quotation content
When you create documents, we store the data you enter, which can include:
- Document details: type (invoice or quotation), invoice/quotation number, dates, due date, validity date, payment terms, PO number, title, and status.
- Your business details: business name, email, phone, currency, and an uploaded logo.
- Your client's details that you enter: name, email, phone, billing address, and optional shipping address.
- Line items: description, quantity, and rate for each item, plus tax, tax type (regular, IGST, or CGST/SGST), discount, shipping, and amount paid.
- Tax identifiers you choose to add, such as your and your client's GSTIN.
- Payment information you add for your invoices: bank name, account name, account number, SWIFT code, IBAN, UPI ID, and any other payment notes.
- Notes, terms, custom fields, label customizations, the selected theme, and a drawn or uploaded signature.
If you have an account, you can also save reusable defaults, a catalog of products/services (name and rate), and custom themes.
Uploaded files
Logos and signatures you upload are stored as images with our image host (Cloudinary), organized under a folder specific to your account.
Subscription and billing data
If you subscribe to Pro, our payment partner Razorpay processes your payment. We store subscription metadata returned by Razorpay — such as customer, subscription, and plan identifiers, your plan status, the current billing-period end date, and cancellation/grace-period flags. We do not receive or store your card or bank-card details — those are handled directly by Razorpay.
Authentication and security data
To keep you signed in, we issue short-lived access tokens and longer-lived refresh tokens. Refresh tokens are stored in our database and expire automatically. We also use your IP address transiently for rate-limiting and a bot-protection check at sign-up.
Data stored in your browser
The Service uses your browser's local storage (not cookies) to keep things working for you. This includes your access and refresh tokens, a working draft of the invoice you're editing, invoice numbering preferences (counter and prefix), a cached copy of your saved defaults, and your light/dark theme preference. This data stays in your browser and you can clear it from your browser settings.
3. How We Use Your Information
We use the information we collect to:
- Provide the core Service — create, save, and render your invoices and quotations.
- Generate PDF and CSV files of your documents.
- Send emails that you initiate, such as emailing an invoice to a recipient you choose.
- Send account-related emails, such as password-reset links.
- Create and manage your account and your Pro subscription.
- Keep the Service secure and prevent fraud and abuse (including rate-limiting and bot protection).
- Maintain and improve the Service.
We do not use third-party analytics, advertising, or tracking tools, and we do not sell your data.
4. How & Where Data Is Stored
Your data is stored across the following:
- Our database (MongoDB). Account profiles, invoices and quotations, saved defaults, catalog, themes, subscription metadata, and refresh tokens.
- Cloudinary. Logo and signature images you upload.
- Your browser. Drafts, tokens, numbering preferences, and your theme preference, kept in local storage on your device.
We do not run third-party analytics or telemetry within the Service.
8. Data Retention
- We keep your account and document data until you delete it or ask us to delete your account.
- Refresh tokens expire and are removed automatically after their lifetime (about 7 days).
- Password-reset links expire about 1 hour after they are issued.
- We may retain limited information where necessary to comply with legal obligations or resolve disputes.
9. Your Rights & Choices
You have meaningful control over your data:
- Access & edit. View and edit your account details and your documents from within the app.
- Export. Download your documents as PDF and export your invoice list as CSV.
- Delete. Delete individual documents or bulk-delete them, and delete an uploaded logo or signature.
- Revoke sharing. Turn off a public share link at any time.
- Session control. Sign out of one device or all devices.
- Account deletion. Request deletion of your account and associated data by contacting us.
Depending on where you live, you may have additional rights under applicable data-protection law (such as India's Digital Personal Data Protection Act) — including rights to access, correct, or erase your personal data. To exercise any of these rights, contact us using the details below.
10. How We Protect Your Data
We use a range of safeguards to protect your information, including:
- Passwords stored only as securely hashed values.
- Short-lived access tokens and revocable refresh tokens.
- Security headers, rate limiting, and bot protection at sign-up.
- Per-account separation of uploaded files.
- Sensitive credentials and keys kept on our servers only, never exposed to your browser.
No method of transmission or storage is completely secure, so while we work hard to protect your data, we cannot guarantee absolute security.
11. International Data Transfers
Some of our service providers (such as Razorpay, Cloudinary, and Google) may process data on servers located in countries other than your own. Where data is transferred internationally, it remains subject to this Privacy Policy and the providers' own safeguards.
12. Children's Privacy
The Service is not intended for children. We do not knowingly collect personal information from anyone under 13 years of age. If you believe a child has provided us with personal information, please contact us and we will take steps to delete it.
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date at the top of this page. If we make material changes, we may provide additional notice. Your continued use of the Service after changes take effect means you accept the updated policy.
14. Contact Us
If you have questions about this Privacy Policy, or want to exercise your data rights, contact us at azeem.talikoti@gmail.com.