Privacy Policy

1. Introduction

Kwata Books ("we," "our," or "us") is operated by Kwata Team. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered bookkeeping and expense tracking platform (with built-in Canadian tax features).

By using Kwata Books, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect your name and email address through your authentication provider. We do not store passwords — authentication is handled by secure third-party providers (Google OAuth and email/password via our authentication provider).

2.2 Receipt and Financial Data

When you upload receipts, invoices, or connect financial integrations, we process and store:

• Receipt and invoice images and PDF documents (stored on our own infrastructure, outside US jurisdiction)
• Extracted financial data including vendor names, amounts, dates, HST/GST numbers, and CRA expense categories
• Business profile information (business name, province, business type)
• Transaction records, payroll data, and dividend records you create or import
• Any manual edits or annotations you make

2.3 Usage Information

We automatically collect certain information about your device and usage patterns, including browser type, access times, and pages viewed. This information is used solely to improve our service and is not sold or shared.

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our bookkeeping and expense tracking services
• Process and organize your receipts, invoices, and financial records
• Generate CRA-compliant reports (T2125, HST returns, CCA schedules)
• Power AI-assisted features including receipt OCR and the Lex AI financial assistant
• Send you service-related communications
• Respond to your inquiries and support requests
• Detect, prevent, and address technical issues or fraud
• Comply with legal obligations

We do not sell your personal information, financial data, or receipt contents to third parties. We do not use your data for advertising.

Marketing email (CASL). We send commercial/marketing email (e.g. product tips, updates, or guides) only with your consent — either express consent you give us, or implied consent from an existing business relationship, in accordance with Canada's Anti-Spam Legislation (CASL). Every marketing email identifies us as the sender and includes a working one-click unsubscribe link, and you can withdraw consent at any time. Service and transactional emails (e.g. billing, security, account notices) are not marketing and may be sent as needed to operate your account.

4. Data Storage and Security

All of your application data — database and receipt files — is hosted on secure servers outside US jurisdiction. Our infrastructure is not subject to the US CLOUD Act, FISA, or Patriot Act. We implement industry-standard security measures including:

• AES-256-GCM encryption for sensitive data at rest (OAuth tokens, Social Insurance Numbers)
• TLS 1.3 encryption for all data in transit
• Regular security assessments (PESNO framework — 98/100 score)
• Access controls: data is isolated per user account (no cross-tenant access)
• Rate limiting and audit logging on all critical operations
• Secure data backup procedures

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

5. Data Retention & Self-Serve Deletion

We retain your account information and financial data for as long as your account is active. You can download or delete your data yourself at any time from Account Settings → Privacy & data.

5.1 Download my data (PIPEDA Principle 9 / CCPA right to know)

One click in Account Settings produces a JSON file containing every record we hold about you — profile, businesses, transactions, receipts, employees, pay stubs, journal entries, financial statements, tax reports, and Lex conversation history. Authentication tokens are deliberately excluded.

5.2 Delete my account (PIPEDA right to erasure / CCPA right to delete)

You have two delete options:

• 30-day grace: we schedule deletion 30 days from the date you click. You can cancel anytime by logging back in or by clicking Cancel scheduled deletion.
• Delete immediately: hard purges your account in real time. No undo.

5.3 Inactivity-based deletion

To keep our data minimal, we auto-delete inactive accounts:

• At 18 months of no login, we send a reminder email.
• At 21 months, we send a final reminder.
• At 24 months, the account is permanently deleted.

A single login at any point clears all warnings and resets the inactivity clock.

5.4 Tax records (CRA 6-year retention)

Some financial records — invoices issued, payroll registers, T4s, T2125 income summaries, HST/GST returns — must be retained for six (6) years per Canada Revenue Agency rules, even after account deletion. These records are stored in an encrypted archive and are not used for any purpose other than legal compliance.

Questions? Email privacy@kwatateam.com.

6. Google Workspace Integration Data

Kwata Books offers optional integrations with Google Drive and Gmail to help you automatically import expense receipts and invoices. These integrations are optional — all core bookkeeping features work without them.

6.1 Google Drive Integration (read-only service account)

To connect Google Drive, you share a specific folder with our Google service account, kwata-books@gen-lang-client-0630004733.iam.gserviceaccount.com. This grants Kwata Books read-only access (drive.readonly) to only that folder — there is no Google sign-in or OAuth token involved for Drive. Specifically:

• What we access: Only files (PDFs and images) inside the folder(s) you explicitly share with the service account. We list files in those folders and download them solely to extract expense data.
• What we do not access: Anything you do not share. The service account can only read folders shared with it — never the rest of your Drive, and never your Google Docs, Google Sheets, or other content.
• Read-only guarantee: We never upload, modify, move, rename, or delete any file in your Google Drive.
• Data extracted and stored: Vendor name, date, amount, and CRA expense category extracted from each receipt are added to your books. The source receipt file is saved to your account's secure document storage as your record.
• No data sharing: Drive data is never shared with third parties or used for any purpose other than your bookkeeping records.
• No OAuth tokens: Because access is granted by folder sharing to a service account, we do not request, receive, or store any Google OAuth tokens for Drive.

6.2 Gmail Integration (gmail.readonly)

When you connect Gmail, we request the https://www.googleapis.com/auth/gmail.readonly scope. This grants us read-only access to your Gmail messages. Specifically:

• What we access: Only emails whose subject line or body contains keywords you explicitly configure (e.g., "invoice", "receipt", "bill"). We only process emails that have PDF or image attachments.
• What we do not access: We do not read personal emails, emails without matching keywords, or emails without attachments. We do not access your contacts, calendar, labels, or any other Gmail data.
• Read-only guarantee: We never send emails, delete emails, mark emails as read, or modify your Gmail in any way.
• Data extracted and stored: Only the PDF/image attachment content is processed for expense extraction. Email subject lines and sender addresses are used only to match keywords — they are not permanently stored.
• No data sharing: Gmail data is never shared with third parties or used for advertising, analytics, or any purpose beyond your bookkeeping records.
• Token storage: Your Google OAuth tokens are encrypted at rest using AES-256-GCM encryption before being stored in our database.

6.3 Revoking Google Access

You are always in control of access, and can revoke it at any time:

• Google Drive: Click Unlink on the Integrations page, or remove the folder share in Google Drive (open the folder → Share → remove kwata-books@…). Either instantly ends our read access — there are no Drive tokens to delete, because none are stored.
• Gmail: Disconnect on the Integrations page — we immediately revoke your Gmail OAuth token at Google and permanently delete it from our database.
• We stop all sync or scanning activity immediately in both cases. Receipts already imported remain in your books.

For Gmail, you can also revoke access directly from your Google Account at myaccount.google.com/permissions — look for "Kwata Books" and remove it.

6.4 Google Data Retention

We do not store raw email content or Drive file content. Only structured expense data (vendor, date, amount, category) extracted from attachments is retained as part of your bookkeeping records. This data is kept for as long as your Kwata Books account is active.

Upon account deletion or integration disconnection, any Gmail OAuth tokens are immediately and permanently deleted, and Drive access ends (unlink the folder / remove the share). Extracted expense records may be retained for the account lifetime unless you request deletion.

7. Third-Party Services

We use the following third-party services to operate our platform. Each has its own privacy policy:

• Google: account sign-in (OAuth); Google Drive read-only service account and optional Gmail receipt import
• Our AI processing provider: powers receipt OCR/categorization and the Lex bookkeeping assistant. Receipt images/text are sent for processing; the provider does not use your data for its own purposes.
• Our PCI-compliant payment processor (Merchant of Record): processes your subscription payments; card data is handled by the processor and never stored on our servers (its name may appear on your card statement).

A current list of the specific service providers we use is available on request — contact privacy@kwatateam.com.

We only share the minimum information necessary for these services to function. We do not sell data to any third party.

8. Your Rights

You have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Export your data in a portable format (CSV, PDF)
• Withdraw consent for data processing
• Disconnect Google integrations at any time with immediate effect

To exercise these rights, please contact us at privacy@kwatateam.com.

9. Canadian Privacy Law Compliance

We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation. Canadian residents may contact our Privacy Officer for any privacy-related concerns.

Your application data is hosted outside US jurisdiction. We comply with PIPEDA and Alberta PIPA requirements that apply to a Canadian business handling personal data of Canadian users, including the requirement to inform you of cross-border processing.

10. Children's Privacy

Kwata Books is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete such information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page, updating the "Last updated" date, and sending an email notification to registered users for significant changes. Your continued use of the service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy, our data practices, or Google API data usage, please contact us at:

Kwata Team — Privacy Officer
Email: privacy@kwatateam.com
Website: kwatateam.com
Address: Alberta, Canada