Skip to main content

Privacy Policy

Effective date: March 15, 2026

1. Introduction

LobsterBooks LLC (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data when you use our AI-powered bookkeeping platform.

2. Information We Collect

Account Information

When you create an account, we collect your email address, password (hashed), company name, entity type, country, tax identification number (optional), and region.

Financial Data

To provide bookkeeping services, we process data you upload or enter, including transactions, invoices, bills, receipts, journal entries, customer and supplier information, and chart of accounts data.

Receipt Images

When you upload receipts, we process the images using AI to extract vendor, amount, date, and category information. Receipt images are stored securely and associated with your account.

Usage Data

We collect anonymized usage analytics including pages visited, features used, and general interaction patterns to improve the Service.

Security Event Data

Our automated security systems scan content processed by the Service (including uploaded documents, receipt images, transaction descriptions, and chat messages) for patterns associated with AI manipulation or abuse. When potentially malicious content is detected, we may log the event details (threat type, severity, timestamp, IP address, user agent) and preserve a copy of the original content for security investigation. This data is stored securely, accessible only to our security team, and retained for up to 12 months or as required by law.

Payment Information

Payment details (credit card numbers, billing addresses) are collected and processed directly by Stripe. We do not store your full payment card details on our servers.

Audit & Activity Logs

We maintain comprehensive audit logs of all accounting operations performed in your account, including record creation, modification, deletion, and status changes. Audit logs include: the action performed, fields changed, timestamp, and the source of the action (web dashboard, AI assistant, Telegram, API). Audit logs are retained for the life of your account and for up to 7 years after account deletion for compliance purposes.

AI Assistant Conversations

When you use the AI assistant (via the web dashboard chat widget or Telegram), your messages and the assistant's responses are stored in your account. Conversation history is retained until you manually clear it or delete your account.

AI Usage & Token Tracking

We track your AI feature usage, including the number of input and output tokens consumed per API call, the AI model used, and monthly aggregate consumption. This data is used for billing (token overage charges) and to enforce plan limits.

Categorization Learning Data

The Service learns from your categorization decisions to improve accuracy over time. When transactions are categorized (either by AI or manually), the merchant-to-account mapping, confidence score, and frequency of use are stored as categorization rules within your tenant. This learning is specific to your account and is never shared with other users.

Telegram & Messaging Data

If you use LobsterBooks via Telegram, we store your Telegram chat ID to associate messages with your account. Messages you send (transaction descriptions, receipt images, slash commands) are processed by our servers. Financial summaries and chart images are sent back through Telegram's API. We do not control Telegram's data practices — see Telegram's Privacy Policy for how they handle message data.

Bank Connectivity Data (Plaid)

If you connect a bank account via Plaid (available on Pro plans), Plaid accesses your bank credentials through their secure interface — we never see your bank login credentials. Plaid provides us with: account names, balances, and transaction history. We store Plaid item identifiers in your profile to maintain the connection. See Plaid's End User Privacy Policy for full details.

3. How We Use Your Information

  • Provide the Service: Process your financial data, generate reports, categorize transactions, and manage invoices and bills
  • AI Processing: Use your transaction data and receipt images for automated categorization and data extraction
  • AI Learning: Improve categorization accuracy based on your historical patterns (tenant-specific, never shared)
  • Account Management: Authenticate your identity, manage your subscription, and communicate about your account
  • Billing: Calculate and charge AI token overage fees based on usage tracking
  • Communications: Send emails on your behalf (invoices, payment reminders, team invitations) via platform or your own SMTP
  • Improve the Service: Analyze usage patterns to enhance features and user experience
  • Security: Detect and prevent fraud, abuse, and unauthorized access
  • Legal Compliance: Fulfill legal obligations and respond to lawful requests

4. Third-Party Services

We use the following third-party services to operate LobsterBooks:

Supabase — Authentication and database hosting. Your account data and financial records are stored in Supabase-managed PostgreSQL databases with row-level security (RLS) ensuring tenant isolation.
Stripe — Payment processing for subscriptions. Stripe handles all payment card data per PCI DSS standards. See Stripe's Privacy Policy.
Anthropic (Claude AI) — Powers our AI features including transaction categorization, receipt OCR, natural language transaction parsing, and the Claw AI assistant. The following types of data may be sent to Anthropic's API for processing:
  • Transaction categorization: Transaction descriptions and amounts (merchant names and PII are redacted before sending)
  • Receipt OCR: Receipt images you upload (may contain merchant names, amounts, and purchase details)
  • AI assistant: Your conversation messages and the results of data lookups you request
  • Natural language parsing: Text you enter when creating transactions via chat

All data sent to Anthropic is transmitted over encrypted HTTPS/TLS connections. Anthropic retains API request data for up to 30 days for trust and safety purposes, after which it is automatically deleted. Your data is not used to train Anthropic's AI models. See Anthropic's Privacy Policy for full details.

Groq — Alternative AI provider for fast text categorization. When enabled, transaction descriptions (with PII redacted) may be sent to Groq's API for processing. See Groq's Privacy Policy for details.
PostHog — Anonymized product analytics to understand how features are used and improve the Service. No financial data is sent to PostHog.
Plaid — Bank account linking and transaction synchronization (Pro plan). Plaid connects directly to your financial institutions to import account information and transactions. We receive: account names, balances, and transaction history. We store Plaid connection identifiers in your profile. See Plaid's End User Privacy Policy.
Telegram — Messaging integration for chat-based bookkeeping. Your Telegram chat ID, messages, receipt images, and command inputs are transmitted through Telegram's servers. Financial summaries and chart images are sent back as replies. See Telegram's Privacy Policy.
Railway — Application hosting platform. Our API server runs on Railway's infrastructure. Your financial data, receipt images, and uploaded attachments are processed on Railway-hosted servers. See Railway's Privacy Policy.
Sentry — Error monitoring and crash reporting. When errors occur, diagnostic data (including request context and user identifiers, but not financial data) is sent to Sentry for debugging. See Sentry's Privacy Policy.

5. Data Storage & Security

Your data is stored in Supabase-managed infrastructure. We implement multiple layers of security:

  • Tenant isolation: Row-level security policies ensure each user can only access their own data
  • Encryption: Data is encrypted in transit (TLS) and at rest. Sensitive fields like SMTP passwords use AES-256-GCM encryption
  • Authentication: JWT-based authentication with secure token handling
  • MFA/2FA: Optional TOTP-based two-factor authentication for account access
  • Access controls: API endpoints enforce authentication and authorization on every request
  • Rate limiting: Per-IP, per-tenant, and per-tier request throttling to prevent abuse
  • AI input scanning: Automated prompt injection detection on all content before AI processing
  • CSRF protection: Cross-site request forgery prevention on all state-changing operations

6. Data Retention

We retain your data for as long as your account is active. Specific retention periods:

  • Financial data (transactions, invoices, bills, payments): Life of account + 30 days after deletion
  • Audit logs: Life of account + up to 7 years after deletion (tax/compliance requirements)
  • AI assistant conversations: Until manually cleared or account deletion
  • Receipt images: Life of account + 30 days after deletion
  • Security event data (injection detection logs and evidence): Up to 12 months, regardless of account status
  • Categorization rules: Life of account + 30 days after deletion
  • AI token usage records: 24 months for billing dispute resolution

If you delete your account, we will delete your personal and financial data within 30 days, except for: (a) audit logs retained for compliance, (b) security event data retained per our security monitoring policy, and (c) any data we are required to retain by law.

7. Data Breach Notification

In the event of a data breach affecting your personal or financial information, we will:

  • Notify affected users via email within 72 hours of becoming aware of the breach
  • Provide details about the nature of the breach, types of data affected, and steps we are taking
  • Notify relevant regulatory authorities as required by applicable law
  • Offer guidance on steps you can take to protect yourself

We maintain incident response procedures and regularly test our security controls to minimize breach risk.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of your personal data
  • Export: Download your financial data at any time using the built-in export feature
  • Correction: Update or correct inaccurate data through your account settings
  • Deletion: Request deletion of your account and associated data
  • Portability: Receive your data in a machine-readable format (CSV export)
  • Restrict Processing: Request that we restrict processing of your data while a dispute about accuracy or legal basis is resolved
  • Object: Object to processing of your data based on our legitimate interests. We will cease processing unless we demonstrate compelling legitimate grounds

To exercise these rights, contact us at privacy@lobsterbooks.com.

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Categories of Personal Information Collected

  • Identifiers (name, email, phone, tax ID)
  • Financial information (transaction data, bank account details via Plaid, invoice records)
  • Commercial information (purchase history, billing records)
  • Internet/electronic activity (usage analytics, IP addresses, device information)
  • Professional information (company name, industry, entity type)
  • Inferences (AI-generated categorizations, spending patterns)

Your California Rights

  • Right to Know: Request disclosure of the categories and specific pieces of personal information we collect
  • Right to Delete: Request deletion of your personal information, subject to legal exceptions
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out of Sale: We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

To exercise these rights, contact us at privacy@lobsterbooks.com or use the data export/deletion features in your account settings. We will verify your identity before processing requests. You may designate an authorized agent to make requests on your behalf.

10. International Users & GDPR

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, the following additional provisions apply:

Legal Basis for Processing

  • Contract performance: Processing your financial data to provide the bookkeeping Service
  • Legitimate interests: Security monitoring, fraud prevention, service improvement
  • Consent: Marketing communications, optional analytics (you may withdraw consent at any time)
  • Legal obligation: Tax record retention, regulatory compliance

International Data Transfers

Your data is processed and stored in the United States via our service providers (Supabase, Railway, Anthropic, Stripe). These transfers are necessary to perform our contract with you. Where required, we rely on Standard Contractual Clauses (SCCs) or other approved transfer mechanisms.

Additional EEA/UK Rights

  • Right to lodge a complaint with your local data protection supervisory authority
  • Right to data portability (receive your data in a structured, machine-readable format — available via CSV export)
  • Right to erasure (right to be forgotten), subject to legal retention requirements

Data Controller

LobsterBooks LLC is the data controller for your personal data. For team members invited by an account owner, the account owner is the data controller and LobsterBooks LLC acts as a data processor.

Contact for data protection inquiries: privacy@lobsterbooks.com.

11. Cookies & Tracking

We use essential cookies for authentication and session management. These cookies are strictly necessary for the Service to function and do not require consent.

Our analytics provider (PostHog) collects anonymized usage data. PostHog may use cookies or similar technologies. We configure PostHog to anonymize IP addresses. No financial data is sent to PostHog.

We do not use cookies for advertising, retargeting, or cross-site tracking. We do not sell your data to advertisers or data brokers.

12. Children's Privacy

LobsterBooks is not directed at individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. The “Effective date” at the top indicates when the policy was last revised.

14. Contact

For privacy-related questions or concerns, contact us at privacy@lobsterbooks.com.