Effective date: July 15, 2026
This policy explains how Alisher Zhanayev, an operator based in Kazakhstan ("we," "us," or "our"), handles personal data through the Statement Converter controlled beta (the "Service"). Contact us at ssupword@gmail.com.
1. Data we process
- Account data, including your email address, authentication identifier, and account timestamps.
- Uploaded bank-statement PDFs and the transaction, balance, review, and reconciliation data produced from them.
- Generated Excel and CSV exports, document status, page count, file size, and retention metadata.
- Limited technical data needed to secure and operate the Service, such as request and job identifiers, timestamps, service outcomes, IP address, browser or device information, and authentication events.
- Information you choose to include when you contact us for support.
2. How we use data
We process this data to:
- authenticate invited beta users and enforce account access;
- validate, convert, reconcile, display, export, and delete your documents;
- secure, maintain, troubleshoot, and improve the Service;
- prevent misuse and respond to support or legal requests; and
- comply with applicable law.
We do not sell personal data. We do not use bank-statement content for advertising. Marketing analytics and session replay are not enabled in the controlled beta.
3. Service providers and disclosures
Railway hosts the application, database, queue, and encrypted object storage. Supabase provides authentication. These providers process data only as needed to provide their services to us. The controlled beta does not send documents to an external OCR or statement-parsing provider, and it does not process payments.
We may disclose data when required by law, to protect the Service or another person, or as part of a business reorganization subject to appropriate confidentiality and legal safeguards. Our staff have no ownership bypass for viewing a beta user's documents.
4. Security
Source documents and generated exports are protected with authenticated application-level encryption before permanent object storage. Access to documents and downloads is checked server-side against the authenticated account. Financial content, access tokens, encryption keys, storage keys, and download URLs are excluded from application logs.
No security measure can eliminate every risk. Please use the Service only for documents you are authorized to process and protect access to your account.
5. Retention and deletion
- A successfully processed beta source PDF is scheduled for deletion after processing.
- A failed source PDF may be retained for retry for no more than one hour.
- Structured results and generated exports are retained for no more than 24 hours.
- You can request immediate document deletion from the product. Account records are separate from document records.
You may contact us to request deletion of your account or other personal data. We may retain limited information when required by law or reasonably necessary for security, fraud prevention, or resolving a dispute.
6. Your choices and rights
Depending on applicable law, you may have rights to learn whether we process your personal data and to request access, correction, blocking, deletion, restriction, or withdrawal of consent. Send a request to ssupword@gmail.com. We may need to verify your identity before acting on a request.
7. International processing
The Service is operated from Kazakhstan and is intended initially for invited users working with US bookkeeping records. Our providers may process data in other countries. Where required, we use contractual or other lawful safeguards for international processing.
8. Children
The Service is a business tool and is not directed to anyone under 18. We do not knowingly invite children to use the controlled beta.
9. Changes and contact
We may update this policy as the Service changes. The effective date at the top identifies the current version. Questions or privacy requests may be sent to Alisher Zhanayev at ssupword@gmail.com. Operator location: Kazakhstan.