Privacy Policy

1. Introduction

Vouchap (“we,” “us,” or “our”) is a service provided by Adaven Consulting, Inc., located in Winnipeg, Manitoba, Canada. We are committed to protecting the privacy and security of your data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our mobile application, web application (e.g. platform.vouchap.com), and marketing website (vouchap.com) (together, the “Service”).

The Service serves two main roles: Firms (accounting and tax professionals who manage clients and projects) and Clients (individuals or businesses invited by a firm to use the secure portal for receipts, document uploads, and shared tax-filing tasks). This policy applies to both.

2. Data We Collect

2.1 Information You Provide

• Account information: Name, email address, and password (and optional profile details) when you register or complete an invite.
• Firm information: If you use the Service as a firm, we may store your firm name, logo, and contact details so clients can recognize your branded invite and portal.
• Client and project data: Data you enter about clients (e.g. labels, assignees, contact names, emails), service orders, tax-filing projects, to-do items, and follow-up notes.
• Financial and document data: Images of receipts and invoices you upload, and any documents you upload in response to document requests (e.g. for tax-filing workflows). We use this to provide receipt tracking, categorization, and secure document handling.

2.2 Information Collected Automatically

• Device and usage information: Device type, operating system, and general usage data to operate, secure, and improve the Service.
• Invite and access logs: When you send or accept Secure Portal invites and when you access shared projects, we store the information needed to link you to the correct firm and client space.

3. How We Process Your Data (OCR & AI)

We use Optical Character Recognition (OCR) and other AI technologies to extract data from receipts and documents you upload (e.g. dates, amounts, vendors, line items).

• Purpose: To provide receipt tracking, categorization, and structured data for your own use and, where applicable, for shared tax-filing workflows with your firm.
• Third-party processing: We may use secure third-party AI providers for this processing. We have arrangements to ensure your data is not used to train their general-purpose or public models.
• Human access: Our personnel do not access your specific financial documents unless you authorize it (e.g. for support or debugging) or we are required by law.

4. Data Storage & Security

• Encryption: Data is encrypted in transit (TLS) and at rest using industry-standard encryption.
• Storage location: Our primary database and application infrastructure are hosted with providers that meet high security standards. We aim to keep data in North America where possible.
• Access control: Access to your data is restricted by role and purpose (e.g. only your firm and invited clients see the data relevant to their relationship).

5. Data Sharing & Third Parties

We share data only with sub-processors necessary to run the Service, such as:

• Supabase: Database and authentication.
• Vercel (or similar): Hosting for our website and web application.
• Payment processors (e.g. Stripe): If you pay for the Service, we use a third party to process payments. We do not store full payment card details.

We do not sell your personal data, receipts, or client information. We may disclose data where required by law (e.g. lawful requests from public authorities).

6. Your Rights (PIPEDA & GDPR)

Under Canadian PIPEDA and, where applicable, EU/UK GDPR, you have the right to:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate data.
• Deletion: Request deletion of your account and associated data (“right to be forgotten” where applicable).
• Portability: Request an export of your data in a machine-readable format where feasible.

To exercise these rights, contact our Privacy Officer at privacy@vouchap.com. We will respond to verified requests within 30 days.

7. Data Retention

We retain your data while your account is active and as needed to provide the Service. After you close your account, we will delete or anonymize your data within a reasonable period (e.g. within 60 days for active systems), unless we must retain it for legal, tax, or regulatory reasons.

8. Contact Us

For questions about this Privacy Policy or our privacy practices: