Privacy Policy

App: Voice Accountant (com.joojooapps.voiceaccountant) Publisher: Joojoo Apps Effective date: 2026-05-16 Last updated: 2026-05-16 Contact: support@voiceaccountant.com

1. Who we are

Voice Accountant is a voice-first bookkeeping app for freelancers and small businesses. You record income and expenses by voice, text, photo, or document, and our AI assistant drafts transaction records for your review. This Privacy Policy explains what data we collect, how we use it, who we share it with, and the choices you have.

By creating an account or using Voice Accountant, you agree to the practices described here. If you do not agree, please do not use the app.

2. Data we collect

We only collect what we need to run the service. The categories below correspond one-to-one with what we declare in the Google Play Data Safety form.

2.1 Account & identity

Email address (if you sign up with email, Google, Apple, Microsoft, or Facebook)
Phone number (if you sign up with phone)
First and last name (collected during onboarding)
Business / company name (optional, collected during onboarding)
Job title (optional, collected during onboarding)

2.2 Address & location

Country, state/province, city, postal code, street address — entered by you during onboarding.
Approximate location — if you grant location permission during onboarding, we use your device's coarse coordinates once to reverse-geocode your address (so we can pre-fill the form). We do not store the raw latitude/longitude on the device beyond that step, and we send only the resolved city/region/postal-code values to our backend.
We never track your location in the background. We never run location services while the app is closed or in the background.

2.3 Financial information you enter

Transaction descriptions, amounts, currencies, dates, categories, and counterparties (vendors, clients).
Bank account metadata you choose to save (bank name, account nickname, last 4 digits, account type). We never collect full account numbers, routing numbers, or online banking credentials.
Company and project metadata (names, tax numbers, addresses) you choose to save.
Invoice numbers, payment method, document type, and other transaction fields you provide.

2.4 Chat content & attachments

Text messages you send to the AI assistant.
Voice recordings you record in the app.
Photos and screenshots you take or upload (typically receipts and invoices).
Documents (PDFs, Office files) you upload as receipts, invoices, bills, or statements.
AI assistant replies (text only).
Transcriptions and structured analysis produced by our AI processor from the audio, image, or document content you upload (see section 4).

2.5 App activity

Number of AI chat messages you've sent (used for the free-tier limit and subscription gating).
Subscription status and expiry, product ID, and Google Play purchase token (so we can validate your subscription).
Activity log entries: login events, key actions, and timestamps — used for audit history.
Crash reports and tagged failure events sent to Sentry (no PII content; see §6).

2.6 Device & technical data

Expo push notification token (so we can deliver subscription, accountant, and announcement notifications).
Server-derived IP address and User-Agent string (logged with activity events for security/audit).
Locale, timezone, and language preferences.

2.7 Data we do not collect

We do not show ads and do not integrate any advertising SDK.
We do not run any user-analytics SDK (Google Analytics, Firebase Analytics, Mixpanel, Amplitude, Segment, etc.). The only telemetry we run is Sentry, scoped to crashes and tagged failure events with PII stripped before send.
We do not collect contacts, calendar, SMS history, call history, or browsing history.
We do not access your background location.
We do not sell your personal data.

3. How we use your data

We use the data in section 2 to:

Authenticate you and keep your account secure (email/phone verification, JWT sessions).
Run the AI bookkeeping assistant: extract transactions from your input, file attachments to the correct records, and answer your questions.
Persist your transactions, attachments, chat history, and profile so they sync across your devices.
Provide reports and CSV/Excel exports of your data.
Process subscription purchases through Google Play and unlock paid features.
Send transactional notifications (verification codes, subscription events, accountant invitations, app announcements).
Detect abuse, debug crashes, and improve reliability.
Comply with legal obligations (tax, anti-fraud, lawful requests).

We do not use your data for marketing profiling. We use Google's paid-tier Gemini API under terms that exclude your content from being used to train Google's foundation models.

4. AI processing

Voice Accountant uses Google's Gemini API to extract structured transactions from your input. When you send a message, voice recording, photo, or document:

The content is uploaded over HTTPS to our backend.
The backend forwards the content (and only the necessary context — your recent transactions, your saved companies / projects / bank accounts, your profile language and timezone) to Google Gemini.
Gemini returns a transcription (for audio), an analysis (for images and documents), and a structured transaction proposal.
We store the returned data on our backend and show it to you for confirmation.

Important:

The AI assistant is informational only. It does not give professional accounting, tax, or legal advice. You must review every transaction before relying on it. See the Terms of Service for the full disclaimer.
Google processes your content under its Gemini API Additional Terms of Service and its Generative AI Privacy Notice. Under the paid tier we use, Google does not train its foundation models on your content.
Google may retain content briefly for abuse detection per its own published policies; we do not control that retention window.

5. Storage & retention

5.1 On your device

Encrypted (iOS Keychain / Android Keystore via expo-secure-store):
- Authentication tokens.
- Account data (email, phone, ID, verification status).
- Chat history (text only) — automatically chunked to fit secure-storage size limits.
- Chat sync metadata.
- Onboarding form values (name, address, location).
Unencrypted (app sandbox, accessible only to the app):
- Voice recordings, photos, and documents waiting to be uploaded.
- UI preferences (theme, intro-seen flag).

5.2 On our servers

MySQL database (managed by us): account info, transactions, attachment metadata, chat messages, activity log.
Amazon Web Services S3 (region ca-central-1, Montreal, Canada): every file you upload is stored under a per-user folder (s3://bucket/{userId}/...) with private ACL and server-side encryption.

5.3 Retention

Data	Retention
Account, profile, transactions, attachments, chat history	While your account is active.
Account data after deletion request	Soft-deleted immediately (you can no longer access it); hard-deleted within 30 days of the request.
S3 attachments after deletion request	Hard-deleted within 30 days of the request.
Server logs (IP, User-Agent, activity events)	90 days, then automatically purged.
Database backups	30 days — soft-deleted records can persist in backups until they age out of the backup rotation.

5.4 Account & data deletion

You can delete your account and all associated data from inside the app: Menu → Delete account.

Deletion:

Immediately marks your user record as deleted and signs you out — you cannot log back in afterwards.
Marks your transactions for purge.
Schedules removal of your S3 folder and all attachments.
Revokes your authentication token.
Removes your transactions, chat history, companies, projects, bank accounts, and profile entries within 30 days.

A web-based deletion request is also available at https://voiceaccountant.com/delete-account — this URL is reachable without signing in, satisfying Google Play's external-deletion-URL requirement.

Some information may be retained beyond deletion only where required by law (e.g. tax records, fraud-prevention records) or to enforce our Terms of Service, in the minimum form necessary.

6. Sharing with third parties

We share data with the following categories of service providers, only as needed to run the service:

Provider	Purpose	Data shared
Google Gemini API	Transcription, image/document analysis, transaction extraction	Message text, voice recordings, photos, documents, your recent transactions and profile context (see §4)
Amazon Web Services (S3, `ca-central-1`)	File storage	Your uploaded files
Google Play Billing	Subscription processing and receipt validation	Purchase token, product ID, your user ID
Twilio	Sending SMS verification codes	Your phone number
Our email delivery provider	Sending verification and notification emails	Your email address and the email body
Expo Push Service → FCM (Android)	Delivering push notifications	Your push token, notification payload
Google / Apple / Microsoft / Facebook (Sign-In)	Authenticating you with your existing provider	Whatever the provider returns to us (email, name, provider ID)
Sentry (sentry.io)	Crash reporting and tagged failure events	Crash stack trace, your numeric user ID, generic event tags (HTTP status codes, IAP error codes). No email, phone, message content, file content, file names, or transaction amounts. Configured with `sendDefaultPii: false`.
Our backend hosting provider	Running our backend (n8n + MySQL)	All server-side data

We do not sell your personal data to anyone. We do not share your personal data with data brokers, advertisers, or user-analytics vendors.

We may disclose data when required by law, valid legal process, to protect our rights and safety, or in connection with a corporate transaction (merger, acquisition), in which case the acquirer would be bound by this Privacy Policy or notify you of changes.

7. International transfers

Your data is primarily processed in Canada (S3 storage in ca-central-1, Montreal) and in the United States (Google Gemini, Sentry, Google Play Billing, Expo Push, AWS regional dependencies). If you are located outside these regions, your data will be transferred internationally. We rely on Google's, AWS's, and our other providers' Standard Contractual Clauses or equivalent safeguards where applicable.

8. Security

We use industry-standard safeguards including:

HTTPS / TLS for all network traffic between the app and our backend.
AWS S3 server-side encryption at rest, private ACL, and per-user folder isolation.
JWT authentication with 30-day expiry; tokens stored in encrypted device storage.
On-device encryption (iOS Keychain / Android Keystore) for authentication tokens, profile data, onboarding data, and chat history.
Server-side ownership checks on every file-download and attachment-fetch request.
Bcrypt password hashing (10 rounds) for accounts using email/password.
Server-side SQL injection hardening and AI-generated-SQL guards.
Soft-delete + hard-delete pipeline for account deletion, with a 30-day grace window.

No method of storage or transmission is 100% secure. If we become aware of a security incident affecting your data, we will notify you as required by applicable law.

9. Children

Voice Accountant is not directed to children under 13 (or the equivalent minimum age in your jurisdiction) and we do not knowingly collect personal data from them. If you believe a child has provided personal data to us, contact us at support@voiceaccountant.com and we will delete it.

10. Your rights

Depending on where you live, you may have the right to:

Access the personal data we hold about you.
Correct inaccurate or incomplete data.
Delete your account and data (see §5.4).
Export your data — every user can already export their transactions to CSV or XLSX from the Reports tab.
Object to or restrict certain processing.
Withdraw consent (e.g. revoke location, camera, microphone, or notification permissions in your device settings).
Lodge a complaint with your data-protection authority (EEA: your local DPA; UK: the ICO; California: the CPPA; Canada: the Office of the Privacy Commissioner of Canada).

To exercise these rights, email support@voiceaccountant.com. We will respond within the timeframe required by applicable law (typically 30 days).

11. Cookies & tracking

The Voice Accountant mobile app does not use cookies. We do not embed third-party analytics, advertising, or fingerprinting SDKs. We do not use the Android Advertising ID.

The voiceaccountant.com website serves only static content (this Privacy Policy, the Terms of Service, and a deletion-request page) and does not set its own analytics cookies.

12. Subscriptions & payments

Paid subscriptions are processed through Google Play Billing on Android. We do not see or store your credit card number, billing address, or other payment instrument details — Google Play handles all of that. We receive only the purchase token, product ID, and subscription state from Google's Developer API for validation. See the Terms of Service for cancellation and refund policy.

13. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the latest version. Material changes will be communicated in-app or by email. Continued use of the app after changes take effect constitutes acceptance.

14. Contact

For privacy questions, deletion requests, or to exercise any of the rights above:

Email: support@voiceaccountant.com
Postal correspondence: available on written request via the email above.