Privacy Policy

Last updated: April 2026

At Invovate, your privacy is a core design principle, not an afterthought. This Privacy Policy explains what data we collect, how we use it, and your rights when you use the free invoice generator at https://invovate.com.

1. Data We Do Not Collect

Invovate's web app is built so that your invoice data never leaves your device. We do not collect or store:

• Invoice content (client names, line items, amounts, addresses)
• Business information you enter into invoices
• Personal details such as your name, phone number, or postal address
• Financial information or payment details from invoices
• IP addresses linked to invoice activity

2. How the Service Works

The invoice generator runs entirely in your browser:

• All invoice data you enter is processed locally in your browser
• No invoice content is transmitted to our servers
• No account is required for basic use
• Generated PDFs are downloaded directly to your device

For API users, invoice data is processed ephemerally on Cloudflare's edge network to produce the requested output (PDF or JSON). Request payloads are not logged or retained beyond the time needed to generate the response.

3. Data We Do Collect

Account information

If you create an account, we collect your email address and a hashed version of your password. We use your email to send account verification and service communications. We never sell or share your email with third parties for marketing.

API usage data

For authenticated API requests, we log usage counts (calls made, timestamps, endpoint used) to enforce rate limits and allow you to monitor your usage from the dashboard. These logs do not contain your invoice content.

Analytics data

We use Google Analytics via Google Tag Manager to collect anonymous, aggregated data: page views, session duration, browser type, and country. This data does not include invoice content or personally identifiable information. It helps us understand how people use the site so we can improve it.

4. Browser Local Storage

The web app uses your browser's local storage to:

• Save invoice drafts and templates between sessions
• Remember your language and currency preferences
• Store your theme choice (light/dark)

This data lives entirely on your device and can be cleared at any time through your browser settings. We have no access to it.

5. Cookies

We use a minimal set of cookies. See our Cookie Policy for the full list. In summary:

• Essential cookies — required for the site to function
• Preference cookies — remember your language and theme settings
• Analytics cookies — anonymous usage data via Google Analytics
• Advertising cookies — set by Google AdSense, used to show relevant ads

6. Third-Party Services

We use the following third-party services, each with their own privacy policies:

• Google Analytics & Tag Manager — anonymous usage analytics. Google Privacy Policy
• Google AdSense — advertising. Google Privacy Policy
• Cloudflare — hosting, edge network, and DDoS protection. Cloudflare Privacy Policy
• Stripe — payment processing for paid plans. Stripe receives billing details only when you upgrade. Stripe Privacy Policy

7. Data Security

Because we do not store invoice content on our servers, the primary security boundary for your invoice data is your own device. We implement standard security practices for our infrastructure including HTTPS everywhere, hashed passwords (PBKDF2), and JWT-based authentication with short-lived tokens.

8. Your Rights (GDPR & Similar)

If you are based in the European Economic Area or another jurisdiction with data protection laws, you have the right to:

• Access the personal data we hold about you (email and usage logs)
• Request correction of inaccurate data
• Request deletion of your account and associated data
• Object to or restrict processing
• Port your data to another service

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

9. Children's Privacy

Our service is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. If changes are material, we will notify registered users by email. Continued use of the service after changes constitutes acceptance of the revised policy.

11. Contact

Questions about this Privacy Policy or how we handle your data?

Email: [email protected]
Website: https://invovate.com