Privacy, in plain language
What we receive, what we do with it, and what we never do — no legalese, and nothing we can't back up in code.
What we receive
When you convert a statement, we receive the file you upload — a PDF, JPG, or PNG — and, if the PDF is encrypted, the password you type to open it. That's the only statement content you give us.
You can use the free tier with no account and no email address at all. If you create an account for a paid plan, we also receive your email address (to sign you in) and, through our payment processor, the fact that you subscribed — never your card number.
What happens to your file
The moment parsing completes, the uploaded file is deleted from disk — in the same step that produces your result, not on a schedule later.
The extracted numbers live in server memory only long enough for you to export them: five minutes after your first download, immediately if you click Clear, or a hard sixty-minute limit no matter what. Nothing is written to a database or object storage, and nothing survives a server restart.
Your results are visible only to the browser session — or the signed-in account — that uploaded the statement. Anyone else who guesses a job's address gets the same 404 as a job that never existed. Our automated test suite checks the files are actually gone at each stage on every release.
Passwords
A PDF password is used in memory for that one conversion, never written to disk, never logged, and handed to our parsing process through a private in-process channel — never as a command-line argument, so it's never visible in a process list.
One honest exception: while we wait for you to enter or correct a password, the still-encrypted file stays on disk for up to ten minutes, then it's purged like everything else.
Accounts, cookies, and what we store
Every visitor gets exactly one cookie on the free tier: an anonymous usage-limit cookie — a random ID plus a cryptographic signature — that counts how many pages you've converted today. It contains nothing about you or your files. If you sign in, you also get a session cookie so you stay signed in between visits.
If you create an account, we store three things and only three things: your email address, your billing IDs from our payment processor, and a monthly page count. Card numbers stay with the payment processor — we never see or store them. Your statements and their extracted numbers are never written to that account database; the deletion lifecycle above applies to every conversion, signed in or not.
Who we share data with
We don't sell or rent your data to anyone. We rely on a small number of named service providers to run the product, and share only what each one needs:
Stripe processes payments — when you subscribe, your card details go directly to Stripe's hosted checkout and never touch our servers. Fly.io hosts the application on servers in the United States. Our email provider delivers your sign-in link when you request one. If you choose "Continue with Google", Google confirms your email to us. That's the complete list.
What we don't do
We don't train any AI model on your files. Parsing happens entirely inside our own server process — your statement's contents are never sent to a third-party API.
We don't run analytics or advertising trackers on the site, and our application logs never include statement contents or passwords. After the deletion timers above, there is nothing left to sell, share, or retain.
Your rights
You can delete your account at any time from your account page. Deletion is immediate and permanent: it cancels any active subscription and hard-deletes your record — email, billing IDs, and usage count included. There's nothing to recover afterward, which is the point.
Since we hold no statement data and only the three account fields listed above, a request to see or correct your data is answered by your account page itself. For anything else, email us at the address below.
Children's privacy
SoFlo360 Statements is a tool for handling business and personal financial statements and is not directed at children. We don't knowingly collect information from anyone under 13.
Changes to this policy
If how we handle your data changes, this page changes in the same release — the /security page and this policy are kept true in code, not aspirational. The date below reflects the last substantive change.
Contact
Questions about any of this? Email us at support@statementbalance.com.
Last updated July 11, 2026.