Privacy Policy
Last updated: March 12, 2026
1. Introduction
InvoicePortalX ("we," "our," or "us") respects your privacy and protects your personal information. This Privacy Policy explains the data we collect when you visit invoiceportalx.com, submit a consultation request, and use the InvoicePortalX Service.
2. Data We Collect
2.1 Information You Provide
When you contact us, request pricing, request a launch plan, or otherwise interact with us, we may collect the information you choose to provide, including:
- Contact and company details: company name, your name, email address, country, and role
- Project and qualification details: company size, monthly invoice volume, current billing or back-office system, timeline, and whether you are interested in deeper automation
- Additional information: comments or other information you include in your message
- Form security information: CAPTCHA verification data and anti-spam fields used to protect the form from abuse
2.2 Information Automatically Collected
When you visit the website or interact with the enquiry flow, we and our service providers may automatically collect limited technical and usage information, such as:
- Device and browser data: browser type, operating system, device type, screen resolution, and user agent string
- Log and request data: IP address, referrer, pages viewed, timestamps, and request metadata
- Security data: signals used to detect spam, bots, abuse, or suspicious activity
- Site interaction data: limited event data about key interactions on the site, such as opening the pricing/enquiry modal, progressing through the form, and submitting or attempting to submit the form
- Analytics data: aggregated website usage information described in Section 13
3. How We Use Your Data
We use personal information to:
- Respond to enquiries and requests: review consultation requests, prepare pricing or launch recommendations, and communicate with you
- Provide and support the Service: set up, operate, secure, and support the portal and related services you request
- Operate and improve the website: understand how the site is used, troubleshoot issues, and improve performance, usability, and reliability
- Prevent abuse and protect the site: detect spam, bots, fraud, misuse, and unauthorized access attempts
- Meet legal and business obligations: comply with applicable laws, enforce our terms, maintain business records, and protect our rights
4. Legal Bases for Processing
Where privacy laws require us to identify a legal basis for processing personal information, we generally rely on one or more of the following:
- Consent: where you choose to submit information to us or request that we contact you
- Contract: where processing is necessary to provide requested services or take steps before entering into a contract
- Legitimate interests: to operate, secure, improve, and market our website and services in a proportionate way
- Legal obligations: where we need to comply with applicable laws, regulations, or lawful requests
5. Data Protection
5.1 Security Measures
Industry-standard security measures protect your data:
- Encryption: HTTPS/TLS encryption transmits all data
- CAPTCHA/Abuse Protection: we use Cloudflare Turnstile and related checks to prevent spam and abuse
- Secure Infrastructure: Cloudflare Pages/Workers infrastructure and security controls power the site
5.2 Data Retention
We retain personal information only as long as needed. Typical retention periods:
- Website visitor data and analytics: Deleted automatically after 30 days of collection
- Enquiry and consultation requests: Retained for 12 months from submission, then deleted unless you become a customer
- Customer account data: Retained for the duration of your subscription plus 12 months after termination, unless law requires longer retention
- Security and fraud prevention logs: Retained for up to 12 months for audit and compliance purposes
Request deletion anytime by emailing us (see Section 12). We retain limited records when law requires or for legitimate business purposes such as security and fraud prevention.
6. Your Rights and Choices
Depending on where you live and the privacy laws that apply, you may have rights to access, correct, delete, restrict, object to, or receive a copy of your personal information. Some rights apply only in certain circumstances.
To exercise any available rights, contact us at hello [at] invoiceportalx [dot] com. We may need to verify your identity before acting on a request.
7. How We Share Information
We do not sell personal information. We may share information in the following situations:
- Service providers: with vendors that help us operate the website, handle security, host infrastructure, process form submissions, provide analytics, or process billing, such as Cloudflare and, for paid hosted plans, Stripe
- Business transactions: in connection with a proposed or completed merger, acquisition, financing, reorganisation, or sale of assets
- Legal or safety reasons: where reasonably necessary to comply with law, enforce our terms, protect our rights, or prevent harm, fraud, or abuse
- With your direction or consent: where you ask us to share information or clearly authorize us to do so
8. Read-Only Nature of Service
InvoicePortalX is a read-only customer AR self-service portal. We do not:
- Modify or write directly to your accounting, ERP, or invoicing system by default
- Replace your source-of-truth accounting or back-office platform
- Process payments or handle financial transactions
- Alter your source-of-truth financial data
9. International Data Transfers
We and our service providers may process personal information in countries other than the country where you are located. Those countries may have different data protection laws. Where required, we use contractual, organisational, and technical safeguards designed to protect personal information when it is transferred internationally.
10. Children's Privacy
The website and Service are intended for business users and are not directed to children. We do not knowingly collect personal information from children. If you believe a child has provided personal information to us, please contact us so we can take appropriate action.
11. Data Breach Notification
If we become aware of a security breach, unauthorized access, or loss of personal information that materially affects your privacy, we will:
- Notify you without unreasonable delay, and where required by law, within the timeframe specified by applicable privacy regulations (typically 30 days)
- Describe the nature of the breach, the data affected, and steps you can take to protect yourself
- Provide contact details for further information and complaints
Notifications will be sent via email or other contact methods we have on record. In some cases, we may inform you through public notice if contact details are unavailable or if regulatory requirements specify public notification.
12. Changes to This Policy
We may update this privacy policy periodically. We post the new policy and update the "Last updated" date to notify you of material changes.
13. Contact Us
Questions, requests, or privacy concerns (including data deletion or breach reporting)? Contact:
InvoicePortalX -
Email: hello [at] invoiceportalx [dot] com
13. Analytics and Site Measurement
We use Cloudflare Web Analytics and limited first-party event tracking to understand how the site is used, improve the enquiry flow, and monitor site performance. This may include page views, referrer information, timestamps, browser and device details, and key site interaction events.
We use these tools in a proportionate way and do not use them to make solely automated decisions about individuals.
14. Additional Rights for EEA, UK, and Similar Jurisdictions
If you are located in the EEA, UK, or another jurisdiction with similar privacy protections, you may also have the right to lodge a complaint with your local supervisory authority or regulator. We encourage you to contact us first so we can try to resolve your concern directly.