Privacy Policy

Last updated: March 2, 2026

1. Introduction

NiceFin ("we", "our", "us") provides an online invoicing platform for freelancers and small businesses. This Privacy Policy explains how we collect, use, and protect your personal data when you use our service at nicefin.app.

2. Data We Collect

We collect the following categories of data:

  • Account data: your email address and display name, collected during registration.
  • Company data: company name, tax identification number (CUI/CIF), trade registry number, address, and bank account details that you provide when setting up your company profile.
  • Client data: names, addresses, tax IDs, and contact information of your clients, entered by you for invoicing purposes.
  • Invoice data: invoice content including line items, amounts, tax rates, and payment terms.
  • Product/service data: descriptions, prices, and tax rates of products or services you create.
  • Usage data: login timestamps and basic analytics to improve the service.

3. Authentication

We use a passwordless "magic link" authentication system. When you sign in, we send a one-time verification code to your email address. We do not store passwords. Authentication sessions are maintained via secure, HTTP-only cookies that expire after 30 days.

4. How We Use Your Data

  • To provide and operate the invoicing service.
  • To authenticate your identity and manage your account.
  • To generate invoices and PDF documents on your behalf.
  • To send transactional emails (verification codes, account notifications).
  • To improve and maintain the platform.

5. Multi-Tenancy and Data Isolation

NiceFin supports multiple companies per account. Each company's data (clients, invoices, products, bank accounts) is logically isolated. Users can only access data belonging to companies they are members of. Team members invited to a company can access that company's data according to their assigned role (Owner, Admin, or Member).

6. Data Storage and Security

Your data is stored in a PostgreSQL database hosted on secure infrastructure. We use encrypted connections (HTTPS/TLS) for all data in transit. Access to production systems is restricted to authorized personnel only.

7. Cookies

We use essential cookies only:

  • Authentication cookie: maintains your login session (30-day expiry).
  • Company selection cookie: remembers your last selected company (30-day expiry).

We do not use advertising or third-party tracking cookies.

8. Data Sharing

We do not sell, rent, or share your personal data with third parties for marketing purposes. We may share data only when required by law or to protect our legal rights.

9. Your Rights (GDPR)

If you are in the European Economic Area, you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data ("right to be forgotten").
  • Export your data in a portable format.
  • Object to or restrict processing of your data.

To exercise any of these rights, contact us at privacy@nicefin.app.

10. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law (e.g., invoice records for tax compliance).

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the platform.

12. Contact

For questions about this Privacy Policy or your data, contact us at privacy@nicefin.app.

Rejoining the server...

Rejoin failed... trying again in seconds.

Failed to rejoin.
Please retry or reload the page.

The session has been paused by the server.

Failed to resume the session.
Please retry or reload the page.