Data Processing Addendum
Last updated: 2026-06-24
1. Roles
For account data (your name, email, billing) Booksyro is the Controller. For data you upload or sync about your customers, suppliers, or counterparties (e.g. names on invoices), Booksyro acts as Processor and you are the Controller.
2. Scope of processing
- Subject matter: automated bookkeeping (extraction, categorisation, reporting).
- Duration: for the term of your account, plus retention periods set in the Privacy Policy.
- Nature & purpose: storage, transformation, AI-based extraction and categorisation, presentation of reports and exports.
- Data subjects: the Controller (you) and any third parties named on documents you upload (e.g. customers, vendors, employees).
- Categories of data: contact details, financial transaction data, document images, derived metadata. Booksyro does not require special-category data (Art. 9 GDPR) and you agree not to upload such data without a lawful basis.
3. Processor obligations
- Process personal data only on documented instructions from the Controller, including this Addendum and configured in-app actions.
- Ensure persons authorised to process data are bound by confidentiality.
- Implement appropriate technical and organisational measures (TLS in transit, encryption at rest, RLS in the database, least-privilege access, audit logging).
- Assist the Controller with data subject requests, DPIAs, and breach notifications.
- Notify the Controller without undue delay (and within 72 hours where feasible) on becoming aware of a personal data breach affecting Controller data.
- At end of services, delete or return all Controller data, save where retention is required by law.
4. Sub-processors
The Controller authorises Booksyro to engage the sub-processors listed below and any future ones disclosed by updating this page at least 14 days before they begin processing. Sub-processors are bound by data protection terms equivalent to those in this Addendum.
| Sub-processor | Purpose | Data | Region |
|---|---|---|---|
| Supabase | Hosting, authentication, file storage, transactional email infrastructure, and managed Postgres database | All app data | EU |
| Gemini | AI extraction, categorisation, anomaly detection, monthly summaries | Document and transaction text/images sent for inference (not retained for training) | Routed via EU; some upstream model providers operate globally under SCCs |
| Stripe | Subscription billing and payment processing | Email, name, billing address, payment metadata (Stripe handles full card data) | EU / US under SCCs |
| Plaid | Bank account connection and transaction sync (when you enable it) | Account names, balances, transactions; bank credentials handled by Plaid, not Booksyro | EU / US under SCCs |
| Mailgun | Delivery of transactional and authentication email | Email address, message content | EU |
5. International transfers
Where any sub-processor transfers data outside the EEA, the transfer is covered by the European Commission's Standard Contractual Clauses (2021/914) or an adequacy decision. Booksyro will provide a copy of relevant clauses on request.
6. Security measures
Technical
- TLS 1.2+ in transit, AES-encrypted storage at rest.
- Row-level security in the database scoped to
auth.uid(). - Password hashing by the auth provider (bcrypt/argon2).
- Signed URLs for private file access.
- Automated dependency and security scans.
Organisational
- Least-privilege access for staff; production access is logged.
- Documented incident response procedure.
- Backups encrypted and rotated within 30 days.
7. Audit rights
On reasonable written request and no more than once per year (more often if required by a supervisory authority), Booksyro will make available information necessary to demonstrate compliance with this Addendum, including third-party audit reports of sub-processors where available.
8. Liability
Liability under this Addendum is subject to the limitations set out in the Terms of Service.
9. Contact
For any data protection matter: admin@booksyro.com.
Booksyro, Denmark.