Last updated: March 2026

1. What We Collect

When you use StatementCSV, we collect only what is necessary to provide the service:

Email address (if you create an account)
Payment information (processed by Stripe — we never see your card details)
Uploaded files (processed temporarily, as described below)

2. How We Handle Your Files

Your bank statement files are processed in server memory to extract transaction data. We do not store your uploaded files on disk or in any database. Files are discarded immediately after processing. We do not read, analyse, or use your financial data for any purpose other than generating your CSV export.

In some cases, where our standard parser cannot fully extract your transactions, the text content of your statement may be sent to a third-party AI service (Groq) for processing. This is done solely to extract transaction data and improve your results. The AI provider does not store your data or use it for model training. No file is ever uploaded to the AI service — only the extracted text content is sent.

3. Data Security

All data is transmitted over encrypted HTTPS connections. We use industry-standard security practices to protect your information. Payment processing is handled entirely by Stripe, a PCI-DSS Level 1 certified payment processor.

4. Third-Party Services

We use the following third-party services:

Stripe — payment processing
Vercel — hosting and infrastructure
Resend — transactional email delivery
Groq — AI-assisted transaction extraction (only when standard parsing is insufficient; no data is stored by Groq)

These services have their own privacy policies and handle data in accordance with their terms.

5. Cookies

We use essential cookies only: a session cookie to maintain your login if you create an account, and a usage counter to manage free preview limits. We do not use tracking cookies or third-party advertising cookies. We use Umami for privacy-friendly, cookieless analytics.

6. Data Retention

Uploaded files: deleted immediately after processing. Account data (email): retained while your account is active. Payment records: retained as required by law and Stripe's policies.

7. Your Rights

You can request deletion of your account and associated data at any time by contacting us at support@statementcsv.app. Under GDPR, you have the right to access, correct, or delete your personal data.

8. Changes

We may update this policy from time to time. We will notify registered users of significant changes via email.

9. Contact

For privacy-related questions, contact us at support@statementcsv.app.

Privacy Policy