Loading...
Your privacy is fundamental to how we build Autokkeep. This policy explains how we collect, use, and protect your information.
Last updated: May 25, 2026
When you create an account, we collect your name, email address, company information, and billing details. If you contact us for support, we may also collect information included in your correspondence.
To provide our financial operations services, we access your financial data through secure integrations, including bank transactions, invoices, receipts, and accounting records. This data is essential for our core service functionality.
We automatically collect device information, browser type, IP address, usage patterns, and interaction data when you use our platform. This helps us improve performance and user experience.
We use your financial data to perform automated transaction categorization, generate reports, reconcile accounts, monitor financial health, and provide AI-driven financial insights.
Your financial data is never used to train external AI models. Our AI processes your data in real-time for categorization only — it is not stored by our AI provider (OpenAI) and is not used for model training. We may use aggregated, fully anonymized usage metrics (e.g., categorization accuracy rates) to improve our internal algorithms.
We use your contact information to send service notifications, billing updates, security alerts, and — with your consent — product updates and educational content.
When you use the AI Financial Analyst chat feature, your conversation history is stored to maintain context across sessions and improve response quality. This data is associated with your account and entity. You can delete conversation history at any time through the Insights page.
Our AI Health Monitoring system generates alerts about anomalies, duplicate payments, and cash flow changes. These alerts and their associated metadata are stored in your account to provide historical tracking and audit trails.
We use Plaid to securely connect to your bank accounts and retrieve transaction data. Plaid acts as an intermediary and does not store your bank credentials. Their data practices are governed by the Plaid Privacy Policy.
Payment processing is handled by Stripe. Your payment card details are transmitted directly to Stripe and are never stored on our servers. Stripe is PCI DSS Level 1 certified, the highest level of security compliance.
We use OpenAI's API to power our AI financial operations features, including transaction categorization, financial health monitoring, and conversational financial insights. Data sent to OpenAI is processed per their API data usage policy and is not used to train their models.
We retain your data for as long as your account is active and as needed to provide you services. Financial records are retained in accordance with applicable tax and accounting regulations (typically 7 years).
Upon account deletion request, we will remove your personal data within 30 days, except where retention is required by law. Anonymized, aggregated data that cannot be linked back to you may be retained indefinitely.
Encrypted backup copies of data may persist in our backup systems for up to 90 days after deletion before being permanently removed through our automated purge process.
You have the right to request a copy of your personal data in a structured, commonly used format. We will provide this within 30 days of a verified request.
You can request correction of inaccurate data or deletion of your personal data. Certain data may be retained where required by law or for legitimate business purposes.
You may opt out of marketing communications at any time. California residents have the right to opt out of the "sale" of personal information — note that Autokkeep does not sell personal data to third parties.
EU/EEA residents may object to data processing based on legitimate interests. You may also request restriction of processing while we verify the legitimacy of your objection.
Autokkeep is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you are under 18, please do not use the platform or provide any personal data.
If we become aware that we have inadvertently collected personal data from a child under 18, we will take immediate steps to delete such information from our servers. If you believe a child has provided us with personal data, please contact our privacy team.
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. Material changes will be communicated via email or a prominent notice on our platform at least 30 days before taking effect.
Your continued use of the platform after the effective date of any updated Privacy Policy constitutes your acceptance of the revised terms. We encourage you to review this policy periodically to stay informed about how we protect your information.
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Database connections are secured with SSL certificates and rotated regularly.
Our infrastructure is hosted on SOC 2 Type II certified cloud providers with redundant backups, DDoS protection, and 24/7 monitoring. We conduct regular penetration testing and vulnerability assessments.
We implement role-based access controls, multi-factor authentication for all internal systems, and maintain detailed audit logs. Employee access to customer data is strictly limited on a need-to-know basis.
In the event of a data breach, we will notify affected users and relevant authorities within 72 hours as required by GDPR. Our incident response team follows established protocols to contain and remediate security events.
If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact our Data Protection team.
privacy@autokkeep.com