Privacy Policy
Last updated: March 31, 2026
Acctally ("we", "us", or "our") operates the Acctally platform at acctally.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.
1. Information We Collect
Account Information
When you create an account, we collect:
- Name and email address
- Organization or company name
- Password (stored in hashed form)
Financial Data
To provide our accounting services, we process financial data you choose to provide or import, including:
- Transaction records (income, expenses, payments)
- Invoice and billing data
- Bank and payment provider data (when you connect integrations)
Third-Party Integrations
When you connect third-party services (such as Paystack, Slack, or Google Sheets), we receive and store:
- OAuth access tokens and refresh tokens (encrypted at rest)
- Your email address associated with the third-party account
- Data you explicitly choose to import (e.g., spreadsheet contents, payment records)
We request only the minimum permissions necessary. For example, Google Sheets access is limited to read-only scopes (spreadsheets.readonly and drive.readonly). We never modify your external data.
Usage Data
We automatically collect:
- IP address and browser type
- Pages visited and features used
- Error logs and performance data
2. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve Acctally
- Process your financial data and generate reports
- Authenticate your identity and manage your account
- Communicate with you about your account or our services
- Detect, prevent, and address technical issues and fraud
- Comply with legal obligations
3. Data Sharing
We do not sell your personal information. We share data only in these circumstances:
- Service providers: Cloud hosting (DigitalOcean), email delivery, and error monitoring services that process data on our behalf under strict agreements.
- Legal requirements: When required by law, regulation, or legal process.
- Business transfers: In connection with a merger, acquisition, or sale of assets, with prior notice.
- With your consent: When you explicitly direct us to share data with a third party.
4. Data Security
We implement industry-standard security measures including:
- Encryption in transit (TLS/HTTPS) and at rest
- OAuth tokens encrypted before storage
- Role-based access controls and tenant isolation
- Regular security monitoring and logging
No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
5. Data Retention
We retain your data for as long as your account is active or as needed to provide services. When you delete your account or disconnect an integration, we remove associated data within 30 days, unless retention is required by law.
6. Your Rights
You have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete data
- Delete your account and associated data
- Export your data in a portable format
- Revoke third-party integration access at any time from your settings
To exercise these rights, contact us at privacy@acctally.com.
7. Third-Party Services
Acctally integrates with third-party services like Google, Paystack, and Slack. These services have their own privacy policies governing data they collect. We encourage you to review their policies. Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
8. Cookies
We use essential cookies for authentication and session management. We do not use advertising or tracking cookies.
9. Children's Privacy
Acctally is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children.
10. Sub-processors
Acctally uses the following third-party service providers (sub-processors) to operate the platform. Each sub-processor processes data only as necessary to perform its designated function.
| Sub-processor | Purpose | Location |
|---|---|---|
| DigitalOcean | Application and database hosting | United States |
| Amazon Web Services (S3) | File storage | United States |
| SparkPost (MessageBird) | Transactional email delivery | United States |
| OpenAI | AI assistant (Luca) | United States |
| Cloudflare | DNS, CDN, and bot protection | Global |
| Stripe | Payment processing and billing | United States |
We evaluate sub-processors for their security practices and data handling before engagement. This list is updated when sub-processors change.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date.
12. Contact Us
If you have questions about this Privacy Policy, contact us at:
- Email: privacy@acctally.com
- Website: acctally.com
Know where your money goes
Start with a free trial. No credit card required. Set up in under 5 minutes.
No credit card required