Policies

Policy and trust center for Invoicycle.

A clear overview of privacy, terms, security, cookies, and data processing expectations for a billing platform handling client and invoice data.

Start free Contact security

Invoicycle workspace

Billing health

Live
Recurring invoices128 active
Outstanding$42,900
Avg collection time5.2 days
Portal payments91% online

Effective May 14, 2026

Privacy policy

Invoicycle collects account profile data, business details, client records, invoice data, portal activity, support messages, and product usage signals needed to provide the service. We use this data to authenticate users, create invoices and PDFs, send reminders, operate client portals, maintain security, improve product reliability, and respond to support requests.

  • Client and invoice data belongs to the account owner and is used only to deliver billing workflows.
  • Payment card and checkout data is handled by connected payment providers, not stored directly in Invoicycle.
  • Users can request export, correction, or deletion of account data by contacting support.

Effective May 14, 2026

Terms of service

Users are responsible for maintaining accurate business, tax, client, and invoice information. Invoicycle provides software for invoice creation, client portals, PDF generation, reminders, analytics, and payment links. It does not provide tax, legal, accounting, or financial advice.

  • Accounts may not be used for fraud, spam, prohibited goods, or unauthorized billing.
  • There is only one free package at this time, with no package renewal.
  • We may suspend access when required for abuse prevention, security, or legal compliance.

Reviewed May 14, 2026

Security overview

Invoicycle uses authenticated dashboard access, token-scoped client portals, server-side PDF generation, environment-managed secrets, and webhook signature checks for payment events. Production deployments should use HTTPS, protected database credentials, and provider-level access controls.

  • Portal links are scoped to a client token and should be rotated if shared with the wrong recipient.
  • Secrets for email, AI, payment, and database providers must never be exposed in browser code.
  • Operational access should be limited to trusted administrators with strong authentication.

Effective May 14, 2026

Cookie notice

Invoicycle uses essential cookies and local browser storage for authentication, session continuity, invoice draft preferences, and saved template choices. Product analytics or support tools may be added only where they are disclosed and configured to respect applicable privacy requirements.

  • Essential storage is required for login state and core app behavior.
  • Template preferences and guest invoice drafts may be saved locally in the browser.
  • Users can clear browser storage, but doing so may remove guest drafts and preferences.

Reviewed May 14, 2026

Data processing

Invoicycle processes customer data through infrastructure and product providers used for hosting, authentication, database storage, email delivery, AI assistance, payment checkout, and error monitoring. Each provider should be configured with the minimum access needed for its role.

  • Invoice emails and reminders may share client names, invoice numbers, amounts, due dates, and payment links with email providers.
  • AI invoice fill and reminders should avoid unnecessary sensitive information in prompts.
  • Payment providers process invoice checkout and payment event data under their own terms.

These launch policies are written for the current v1 product surface. They should be reviewed whenever billing providers, data processors, supported countries, or package terms change.

Have a compliance question?

Send us your security, data, or legal review requirements and we will route them properly.

Start free