Privacy Policy

Your privacy is our priority. Learn how we protect your data and maintain your trust.

Last updated: August 30, 2025

1. Introduction

Fosro ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our e-invoicing and accounting software platform.

By using Fosro, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our service.

2. Information We Collect

2.1 Personal Information

We collect personal information that you provide directly to us, including:

  • Name and contact information (email address, phone number, physical address)
  • Business information (company name, address, tax identification numbers, business registration details)
  • Payment information (processed securely through our payment providers)
  • Account credentials and profile information
  • Communication preferences and marketing consent
  • Technical information (IP addresses, device information, browser data)

2.2 Business Data

As an accounting platform, we process business data including:

  • Financial records and transactions (income, expenses, bank statements)
  • Invoice and payment data (customer details, payment methods, transaction history)
  • Customer and vendor information (contact details, credit terms, payment history)
  • Product and service details (pricing, descriptions, inventory levels)
  • Tax and compliance information (tax IDs, filing requirements, regulatory data)
  • Employee and payroll information (if applicable)
  • Project and time tracking data
  • Document attachments and file uploads

2.3 Automatically Collected Information

We automatically collect certain information when you use our service:

  • Device information (IP address, browser type, operating system, device identifiers)
  • Usage data (pages visited, features used, time spent, user interactions)
  • Log data (access times, error logs, performance metrics, security events)
  • Cookies and similar tracking technologies (session data, preferences, analytics)
  • Geographic location data (country, region, timezone)
  • Network information (connection type, bandwidth, latency)

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Provision: To provide and maintain our e-invoicing and accounting services
  • Account Management: To create and manage your account, process payments, and provide customer support
  • Communication: To send you important updates, security alerts, and support messages
  • Improvement: To analyze usage patterns and improve our service functionality
  • Security: To detect and prevent fraud, abuse, and security threats
  • Compliance: To comply with legal obligations and regulatory requirements

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

4.1 Service Providers

We work with trusted third-party service providers who assist us in operating our service:

  • Cloud hosting and infrastructure providers (AWS, Google Cloud, Microsoft Azure)
  • Payment processing services (Stripe, PayPal, Square)
  • Email and communication services (SendGrid, Mailgun, Twilio)
  • Analytics and monitoring tools (Google Analytics, Sentry, New Relic)
  • Customer support and helpdesk services
  • Security and fraud detection services
  • Backup and disaster recovery services

4.2 Legal Requirements

We may disclose your information when required by law, court order, or government request, or to protect our rights, property, or safety. This includes:

  • Compliance with tax laws and accounting regulations
  • Response to subpoenas, warrants, or other legal process
  • Investigation of fraud, abuse, or security threats
  • Protection of user safety or public safety
  • Enforcement of our Terms of Service

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction. We will notify you of any such transfer and provide you with options regarding your data.

5. Data Security

We implement comprehensive security measures to protect your data:

  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256) using industry-standard protocols
  • Access Controls: Multi-factor authentication, role-based access controls, and session management
  • Regular Audits: Security assessments, vulnerability testing, and penetration testing
  • Data Backups: Regular encrypted backups with geographic redundancy
  • Employee Training: Security awareness training and background checks for all staff
  • Incident Response: 24/7 monitoring and rapid response to security threats
  • Compliance: SOC 2, GDPR, and industry-standard security certifications

6. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations. Account data is typically retained for 7 years after account closure to comply with accounting and tax regulations.

7. Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal information (subject to legal requirements)
  • Portability: Request a copy of your data in a portable format
  • Objection: Object to certain processing activities
  • Withdrawal: Withdraw consent where processing is based on consent

To exercise these rights, please contact us at [email protected].

8. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

  • Essential Cookies: Required for basic functionality and security
  • Analytics Cookies: Help us understand how you use our service
  • Preference Cookies: Remember your settings and preferences

You can control cookie settings through your browser preferences, though disabling certain cookies may affect service functionality.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with applicable laws.

10. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of our service after such changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: [email protected]

Subject Line: Privacy Policy Inquiry

We will respond to your inquiry within 30 days.

13. Legal Basis for Processing (GDPR)

For users in the European Union, our legal basis for processing your personal information includes:

  • Contract: Processing necessary to provide our services
  • Legitimate Interest: Improving our services and preventing fraud
  • Legal Obligation: Compliance with accounting and tax laws
  • Consent: For optional features and marketing communications

Questions About Your Privacy?

We're committed to transparency and protecting your data. Contact us if you have any questions about our privacy practices.

Contact Support Visit Support Page

Ready to Get Started?

Join thousands of businesses that trust Fosro with their financial data. Start free today.

Create your free account

Free during beta - no credit card needed