Privacy Policy

Effective date: May 14, 2025

Dirt Simple Solutions LLC (“we,” “us,” or “our”) operates Invoicr at invoicr.us. This policy describes what data we collect, how we use it, and your rights regarding that data.

1. Data We Collect

We collect only what is necessary to operate the service:

  • Account data: Your email address, used for authentication via magic link.
  • Business profile: Your business name, address, and email — entered voluntarily to populate invoices.
  • Client data: Names, contact details, and addresses of your clients, entered by you.
  • Invoice & project data: Invoices, line items, time entries, and projects you create.
  • Usage data: Standard server logs (IP address, browser type, pages visited) retained briefly for security and debugging.

We do not collect payment information. Invoicr generates invoices but does not process payments.

2. How We Use Your Data

  • To authenticate you and maintain your session.
  • To store and display your invoices, clients, and time entries.
  • To generate and deliver PDF invoices.
  • To send transactional emails (magic link sign-in only).
  • To diagnose bugs and maintain service security.

We do not use your data for advertising or sell it to third parties.

3. Third-Party Services

We use the following sub-processors to operate the service:

  • Supabase — database and authentication infrastructure. Your data is stored on Supabase-managed PostgreSQL servers. (Privacy Policy)
  • Resend — transactional email delivery for magic link sign-in emails. (Privacy Policy)
  • Microsoft Azure — cloud hosting for the application server. (Privacy Statement)

4. Data Retention

We retain your data for as long as your account is active. If you request deletion of your account, we will remove your personal data within 30 days, except where we are required to retain it for legal or compliance purposes.

5. Cookies

Invoicr uses a single session cookie to keep you signed in. We do not use tracking, advertising, or analytics cookies.

6. Your Rights

You have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data.
  • Export your data in a portable format.

To exercise any of these rights, email legal@invoicr.us.

7. Data Security

All data is transmitted over HTTPS. Passwords are never stored — authentication uses magic links only. Access to your data is restricted by Row Level Security policies in our database so only you can access your records.

8. Children’s Privacy

Invoicr is not directed at children under 13. We do not knowingly collect data from anyone under 13. If you believe a child has provided us personal data, contact us and we will delete it promptly.

9. Changes to This Policy

We may update this policy from time to time. We will post the updated policy on this page with a revised effective date. Continued use of the service after changes constitutes acceptance of the revised policy.

10. Contact

Questions or concerns? Email us at legal@invoicr.us.