StatementConverts

Privacy Policy

Last updated: 4 July 2026

The short version

Your bank statement is processed in memory on our servers and immediately discarded. We never write it to disk, never store the transactions, and never share the contents with any third party. The only data we retain from a conversion is metadata: your filename, detected bank, page count, and whether the statement reconciled — never the transactions themselves.

What we collect

  • Account data: email address, hashed password (if you register), and Google OAuth token (if you sign in with Google).
  • Conversion metadata: filename, page count, bank name, balanced/unbalanced result, timestamp. Never transaction data.
  • Usage data: page count consumed, plan type, payment history.
  • Log data: IP address, timestamps, error messages — retained for 30 days for security and debugging.

What we never collect

  • The contents of your bank statement PDF.
  • Individual transaction data, amounts, descriptions, or balances.
  • Account numbers or sort codes from your statement (these are passed only to the AI for extraction, never persisted).

Third-party processors

  • AI processing: your statement text is processed by our advanced AI models for extraction. Our AI providers are contractually prohibited from using your data to train models.
  • Dodo Payments: handles payment processing. We share only what is necessary (email, amount) to process your transaction.

Your rights

You can request deletion of your account and all associated metadata at any time by emailing hello@statementconverts.com. Under UK GDPR and Australian Privacy Act obligations, we will process your request within 30 days.

Cookies

We use a single session cookie for authentication (if signed in) and Vercel Analytics cookies for aggregate, privacy-preserving usage metrics. We do not use third-party advertising or tracking cookies.

Contact

Questions? Email hello@statementconverts.com.