Privacy Policy

BookOS is AI financial management software for individuals, freelancers, creators, landlords, and small businesses. BookOS is software. It is not a CPA firm, accounting firm, law firm, tax advisor, investment advisor, payroll provider, bank, lender, escrow service, or money transmitter.

We collect:

• Account data (name, email, encrypted password, workspace settings).
• Financial data you upload, sync, or enter (transactions, receipts, invoices, vendors, budgets, goals).
• Receipt images and AI-extracted fields.
• Usage analytics and product telemetry.
• Metadata from third-party integrations you authorize (such as bank-feed providers).
• Support communications you send us.

We do not store your bank credentials. Where bank connections exist, they are handled by external aggregator providers you authorize. Payment-method details are handled by our PCI-compliant payment processor, not stored by BookOS. See our subprocessor list for details.

We use data to:

• Provide the BookOS service and AI features you request.
• Generate informational reports and summaries for your review.
• Operate billing, support, security, and fraud prevention.
• Improve the product (in aggregated, de-identified form where possible).
• Comply with legal obligations.

AI features process your data to suggest categorizations, summaries, anomaly flags, and forecasts. AI outputs are informational only and require your review before they take effect. We do not use your financial data to train public foundation models. See our AI Use Policy for details.

We share data with carefully selected vendors that help us operate the service (hosting, storage, AI processing, payments, error monitoring, analytics, receipt scanning). Subprocessors are contractually required to maintain appropriate security and confidentiality. The current list is on our Service providers page. We do not sell your personal information and do not share it for cross-context behavioral advertising.

We retain data for as long as your account is active and for a limited period after termination to satisfy legal obligations and support data-export or restore requests. You can request deletion from your workspace settings or by contacting support, subject to retention obligations.

You may request access, correction, deletion, or export of your personal data subject to applicable law (including GDPR, UK GDPR, CCPA/CPRA, and similar regimes). Contact support to submit a request. See our Privacy Choices page for additional controls.

California residents have the right to know what personal information we collect, request deletion, opt out of the sale or sharing of personal information (we do neither), and not be discriminated against for exercising these rights. To submit a request, contact support.

Financial data is encrypted in transit and at rest. We apply access controls, MFA for sensitive actions, activity logging, vendor review, and incident response. See our Security overview.

Where data is transferred across borders, we rely on standard contractual protections and store data in approved regions.

We use essential cookies to operate the service and optional analytics cookies only when consent is provided where required. See our Cookies notice.

BookOS is not intended for users under 16. We do not knowingly collect personal data from children.

We may update this policy and will notify you of material changes and update the effective date above.

Contact support from your workspace or via our website to submit privacy requests or questions.