Skip to content
Legal

Privacy Policy

Last updated: May 16, 2026

App

Voice Accountant (com.joojooapps.voiceaccountant)

Publisher

Joojoo Apps

Effective date

May 16, 2026

1. Who we are

Voice Accountant is a voice-first bookkeeping app for freelancers and small businesses. You record income and expenses by voice, text, photo, or document, and the AI assistant drafts transaction records for your review. This Privacy Policy explains what data is collected, how it's used, who it's shared with, and the choices available to you.

By creating an account or using Voice Accountant, you agree to these practices. If you do not agree, please do not use the app.

2. Data we collect

Only necessary data is collected. The categories correspond one-to-one with the declarations in the Google Play Data Safety form.

2.1 Account & identity

  • Email address (if signing up with email, Google, Apple, Microsoft, or Facebook)
  • Phone number (if signing up with phone)
  • First and last name (collected during onboarding)
  • Business/company name (optional, collected during onboarding)
  • Job title (optional, collected during onboarding)

2.2 Address & location

  • Country, state/province, city, postal code, street address — entered during onboarding
  • Approximate location — if location permission is granted during onboarding, the device's coarse coordinates are used once to reverse-geocode your address for form pre-filling. Raw latitude/longitude is not stored on the device beyond that step, and only the resolved city/region/postal-code values are sent to the backend.
  • Location is never tracked in the background or while the app is closed.

2.3 Financial information you enter

  • Transaction descriptions, amounts, currencies, dates, categories, and counterparties (vendors, clients)
  • Bank account metadata you save (bank name, account nickname, last 4 digits, account type). We never collect full account numbers, routing numbers, or online banking credentials.
  • Company and project metadata (names, tax numbers, addresses) you save
  • Invoice numbers, payment method, document type, and other transaction fields you provide

2.4 Chat content & attachments

  • Text messages sent to the AI assistant
  • Voice recordings recorded in the app
  • Photos and screenshots taken or uploaded (typically receipts and invoices)
  • Documents (PDFs, Office files) uploaded as receipts, invoices, bills, or statements
  • AI assistant replies (text only)
  • Transcriptions and structured analysis produced by the AI processor from audio, image, or document content uploaded

2.5 App activity

  • Number of AI chat messages sent (used for the free-tier limit and subscription gating)
  • Subscription status and expiry, product ID, and Google Play purchase token (for subscription validation)
  • Activity log entries: login events, key actions, and timestamps — used for audit history
  • Crash reports and tagged failure events sent to Sentry (no PII content; see §6)

2.6 Device & technical data

  • Expo push notification token (for subscription, accountant, and announcement notifications)
  • Server-derived IP address and User-Agent string (logged with activity events for security/audit)
  • Locale, timezone, and language preferences

2.7 Data we do not collect

  • No ads are shown and no advertising SDK is integrated.
  • No user-analytics SDK runs (Google Analytics, Firebase Analytics, Mixpanel, Amplitude, Segment, etc.). Only Sentry telemetry runs, scoped to crashes and tagged failure events with PII stripped before send.
  • Contacts, calendar, SMS history, call history, or browsing history are not collected.
  • Background location is not accessed.
  • Personal data is not sold.

3. How we use your data

The data in section 2 is used to:

  • Authenticate and keep your account secure (email/phone verification, JWT sessions)
  • Run the AI bookkeeping assistant: extract transactions from input, file attachments to the correct records, and answer questions
  • Persist transactions, attachments, chat history, and profile so they sync across devices
  • Provide reports and CSV/Excel exports of your data
  • Process subscription purchases through Google Play and unlock paid features
  • Send transactional notifications (verification codes, subscription events, accountant invitations, app announcements)
  • Detect abuse, debug crashes, and improve reliability
  • Comply with legal obligations (tax, anti-fraud, lawful requests)

Your data is not used for marketing profiling. Google's paid-tier Gemini API is used under terms that exclude your content from being used to train Google's foundation models.

4. AI processing

Voice Accountant uses Google's Gemini API to extract structured transactions from your input. When you send a message, voice recording, photo, or document:

  1. 1The content is uploaded over HTTPS to the backend.
  2. 2The backend forwards the content (and only the necessary context — recent transactions, saved companies/projects/bank accounts, profile language and timezone) to Google Gemini.
  3. 3Gemini returns a transcription (for audio), analysis (for images and documents), and a structured transaction proposal.
  4. 4The returned data is stored on the backend and shown to you for confirmation.

Important

  • The AI assistant is informational only. It does not give professional accounting, tax, or legal advice. Every transaction must be reviewed before you rely on it. See the Terms of Service for the full disclaimer.
  • Google processes content under its Gemini API Additional Terms of Service and Generative AI Privacy Notice. Under the paid tier used, Google does not train its foundation models on your content.
  • Google may retain content briefly for abuse detection per its published policies; this retention window is not controlled by Voice Accountant.

5. Storage & retention

5.1 On your device

Encrypted (iOS Keychain / Android Keystore via expo-secure-store):

  • Authentication tokens
  • Account data (email, phone, ID, verification status)
  • Chat history (text only) — automatically chunked to fit secure-storage size limits
  • Chat sync metadata
  • Onboarding form values (name, address, location)

Unencrypted (app sandbox, accessible only to the app):

  • Voice recordings, photos, and documents waiting to be uploaded
  • UI preferences (theme, intro-seen flag)

5.2 On our servers

  • MySQL database (managed by the company): account info, transactions, attachment metadata, chat messages, activity log
  • Amazon Web Services S3 (region ca-central-1, Montreal, Canada): every uploaded file is stored under a per-user folder (s3://bucket/{userId}/...) with a private ACL and server-side encryption

5.3 Retention

Data Retention
Account, profile, transactions, attachments, chat history While the account is active
Account data after a deletion request Soft-deleted immediately (no further access); hard-deleted within 30 days of request
S3 attachments after a deletion request Hard-deleted within 30 days of request
Server logs (IP, User-Agent, activity events) 90 days, then automatically purged
Database backups 30 days — soft-deleted records can persist in backups until aged out of the backup rotation

5.4 Account & data deletion

Your account and all associated data can be deleted from inside the app: Menu → Delete account. Deletion:

  • Immediately marks your user record as deleted and signs you out — you cannot log back in afterwards
  • Marks transactions for purge
  • Schedules removal of the S3 folder and all attachments
  • Revokes your authentication token
  • Removes transactions, chat history, companies, projects, bank accounts, and profile entries within 30 days

A web-based deletion request is available at voiceaccountant.com/delete-account — reachable without signing in, satisfying Google Play's external-deletion-URL requirement.

Some information may be retained beyond deletion only where required by law (e.g. tax records, fraud-prevention records) or to enforce the Terms of Service, in the minimum form necessary.

6. Sharing with third parties

Data is shared with the following service providers, only as needed to run the service:

Provider Purpose Data shared
Google Gemini API Transcription, image/document analysis, transaction extraction Message text, voice recordings, photos, documents, recent transactions and profile context (see §4)
Amazon Web Services (S3, ca-central-1) File storage Uploaded files
Google Play Billing Subscription processing and receipt validation Purchase token, product ID, user ID
Twilio Sending SMS verification codes Phone number
Email delivery provider Sending verification and notification emails Email address and email body
Expo Push Service → FCM (Android) Delivering push notifications Push token, notification payload
Google / Apple / Microsoft / Facebook (Sign-In) Authenticating with an existing provider Whatever the provider returns (email, name, provider ID)
Sentry (sentry.io) Crash reporting and tagged failure events Crash stack trace, numeric user ID, generic event tags (HTTP status codes, IAP error codes). No email, phone, message content, file content, file names, or transaction amounts. Configured with sendDefaultPii: false.
Backend hosting provider Running the backend (n8n + MySQL) All server-side data

Personal data is not sold to anyone. Personal data is not shared with data brokers, advertisers, or user-analytics vendors.

Data may be disclosed when required by law, valid legal process, to protect rights and safety, or in connection with a corporate transaction (merger, acquisition), in which case the acquirer would be bound by this Privacy Policy or notify you of changes.

7. International transfers

Data is primarily processed in Canada (S3 storage in ca-central-1, Montreal) and in the United States (Google Gemini, Sentry, Google Play Billing, Expo Push, AWS regional dependencies). If you are located outside these regions, your data will be transferred internationally. Standard Contractual Clauses or equivalent safeguards from Google, AWS, and other providers are relied upon where applicable.

8. Security

Industry-standard safeguards include:

  • HTTPS/TLS for all network traffic between app and backend
  • AWS S3 server-side encryption at rest, private ACL, and per-user folder isolation
  • JWT authentication with 30-day expiry; tokens stored in encrypted device storage
  • On-device encryption (iOS Keychain / Android Keystore) for authentication tokens, profile data, onboarding data, and chat history
  • Server-side ownership checks on every file-download and attachment-fetch request
  • Bcrypt password hashing (10 rounds) for email/password accounts
  • Server-side SQL injection hardening and AI-generated-SQL guards
  • Soft-delete + hard-delete pipeline for account deletion, with a 30-day grace window

No storage or transmission method is 100% secure. If a security incident affecting your data is discovered, you will be notified as required by applicable law.

9. Children

Voice Accountant is not directed to children under 13 (or the equivalent minimum age in your jurisdiction) and personal data from children is not knowingly collected. If you believe a child has provided personal data, contact support@voiceaccountant.com and it will be deleted.

10. Your rights

Depending on where you live, you may have the right to:

  • Access the personal data held about you
  • Correct inaccurate or incomplete data
  • Delete your account and data (see §5.4)
  • Export your data — every user can already export transactions to CSV or XLSX from the Reports tab
  • Object to or restrict certain processing
  • Withdraw consent (e.g. revoke location, camera, microphone, or notification permissions in device settings)
  • Lodge a complaint with a data-protection authority (EEA: your local DPA; UK: ICO; California: CPPA; Canada: Office of the Privacy Commissioner of Canada)

To exercise these rights, email support@voiceaccountant.com. A response will be provided within the timeframe required by applicable law (typically 30 days).

11. Cookies & tracking

The Voice Accountant mobile app does not use cookies. Third-party analytics, advertising, or fingerprinting SDKs are not embedded. The Android Advertising ID is not used.

The voiceaccountant.com website serves only static content (this Privacy Policy, Terms of Service, and deletion-request page) and does not set its own analytics cookies.

12. Subscriptions & payments

Paid subscriptions are processed through Google Play Billing on Android. Credit card numbers, billing addresses, or other payment instrument details are not seen or stored — Google Play handles all of that. Only the purchase token, product ID, and subscription state are received from Google's Developer API for validation. See the Terms of Service for the cancellation and refund policy.

13. Changes to this policy

This Privacy Policy may be updated from time to time. The "Last updated" date at the top reflects the latest version. Material changes will be communicated in-app or by email. Continued use of the app after changes take effect constitutes acceptance.

14. Contact

For privacy questions, deletion requests, or to exercise any rights above:

Email: support@voiceaccountant.com

Postal correspondence: available on written request via the email above