Start Free Trial

Privacy Policy

Last Updated: March 4, 2026

1. Introduction

Nifty AI (“Nifty AI,” “we,” “us,” or “our”) provides AI-powered bookkeeping automation software that extracts, categorizes, verifies, and synchronizes financial documents with accounting platforms such as Xero.

This Privacy Policy explains how we collect, use, disclose, and safeguard personal data when you access our website, platform, and related services (collectively, the “Services”).

By using the Services, you agree to the practices described in this Privacy Policy.

2. Data Controller and Processor Roles

Depending on the context:

 

    • You (the customer organization) act as the Data Controller for financial and personal data processed within your bookkeeping workflows.

    • Nifty AI acts as a Data Processor when processing financial documents and personal data on your behalf.

    • For account registration, billing, and platform operations, Nifty AI acts as an independent Data Controller.

If required, a separate Data Processing Agreement (DPA) may govern controller–processor responsibilities.

3. Information We Collect

3.1 Information You Provide

We may collect:

 

    • Name

    • Email address

    • Business name

    • Account login credentials (via OAuth)

    • Billing and payment information

    • Customer support communications

3.2 Information Collected Automatically

When you use our Services, we may collect:

 

    • IP address

    • Browser type and device information

    • Login timestamps and activity logs

    • Usage analytics

    • Error diagnostics and performance data

3.3 Financial and Accounting Data

When you connect email accounts or accounting platforms, we may process:

 

    • Invoices, bills, and receipts

    • Transaction amounts and currencies

    • Vendor and customer names

    • Chart of accounts information

    • Tax codes and payment status

    • Extracted metadata and classification results

We process only the data necessary to provide bookkeeping automation services.

We do not sell financial data.

4. How We Use Your Information

We use personal data to:

 

    • Provide AI-powered document extraction and bookkeeping automation

    • Synchronize with accounting platforms (e.g., Xero)

    • Authenticate users securely via OAuth

    • Maintain audit logs and workflow traceability

    • Improve categorization and matching accuracy

    • Monitor security and prevent fraud

    • Provide customer support

    • Comply with legal and regulatory obligations

We do not use financial document content for advertising purposes.

5. Legal Basis for Processing (UK GDPR / EU GDPR)

If you are located in the UK or European Economic Area, we rely on:

 

    • Performance of a contract (providing Services)

    • Legitimate interests (improving platform performance and security)

    • Legal obligations

    • Consent, where required

6. Data Sharing

We may share data with:

6.1 Service Providers

Trusted third-party vendors that assist with:

 

    • Cloud infrastructure and hosting

    • Payment processing

    • Security monitoring

    • Error tracking

    • Email delivery

These providers are contractually required to protect your data and use it only for authorized purposes.

6.2 Connected Platforms

When you authorize integrations (such as Gmail, Outlook, or Xero), data is exchanged according to the permissions you grant via OAuth authentication.

We do not access data beyond the approved scopes.

6.3 Legal Compliance

We may disclose data if required to:

 

    • Comply with legal obligations

    • Respond to lawful government requests

    • Enforce agreements

    • Protect rights, safety, or security

7. Data Security

We implement appropriate technical and organizational safeguards, including:

 

    • Encryption in transit (TLS)

    • Encryption at rest

    • OAuth 2.0 secure authentication

    • Role-based access control

    • Entity-level data isolation

    • Audit trail logging

    • Access monitoring and anomaly detection

While we use industry-standard protections, no system can guarantee absolute security.

8. Data Retention

We retain data:

 

    • For the duration of your active account

    • As required by tax, accounting, or legal obligations

    • As necessary to resolve disputes or enforce agreements

Upon account termination, data may be deleted or anonymized unless retention is legally required.

You may request deletion of your account and associated data, subject to compliance obligations.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

 

    • Access your personal data

    • Correct inaccurate data

    • Request deletion

    • Restrict or object to processing

    • Request data portability

    • Withdraw consent where applicable

To exercise your rights, contact:
info@niftyitsolution.com

We may verify your identity before fulfilling requests.

10. International Data Transfers

Your information may be transferred to and processed in countries outside your residence.

Where required, we implement appropriate safeguards such as contractual protections or approved transfer mechanisms.

11. Audit Trail and Workflow Transparency

To support bookkeeping integrity and compliance, Nifty AI maintains audit logs that record:

 

    • Extraction decisions

    • Categorization logic

    • Posting actions

    • User approvals and corrections

    • Status synchronization events

These logs are used solely for transparency, compliance, and operational integrity.

12. Cookies and Tracking

We use cookies and similar technologies to:

 

    • Maintain secure sessions

    • Improve platform functionality

    • Analyze product usage

    • Enhance user experience

For more details, please see our Cookie Policy.

13. Children’s Data

Our Services are intended for business use and are not directed at individuals under 18 years of age.

We do not knowingly collect personal data from minors.

14. Data Breach Notification

In the event of a data breach affecting personal data, we will:

 

    • Investigate and mitigate the incident

    • Notify affected customers where legally required

    • Comply with applicable breach reporting laws

15. Changes to This Privacy Policy

We may update this Privacy Policy periodically.

The “Last Updated” date at the top reflects the latest revision.

Continued use of the Services after updates constitutes acceptance of the revised policy.

16. Contact Information

If you have questions about this Privacy Policy or your data:

Nifty AI
Email: info@niftyitsolution.com

Bangladesh Office: Level 11, Tropical Noor Tower, 40 Kazi Nazrul Islam Ave, Dhaka – 1215, Bangladesh

USA Office: 1309 Coffeen Ave Sheridan, WY82801, United States

Malaysia Office: Unit 3.07, Level 3, KL Gateway Mall, 2, Jalan Kerinchi, Kampung Kerinchi, 59200 Kuala Lumpur, Malaysia