Legal

Privacy Policy

Last updated: 2026-02-18

1. Data controller

The data controller for Numwisely is Visualsofjulius OY (Business ID: FI29419016), located in Aura, Finland.

Contact for privacy matters and data subject requests: contact@visualsofjulius.com

2. Personal data we process

  • Account and authentication data (email, user identifiers, session/authentication tokens).
  • Financial records you upload or create (expenses, income, invoice and client data).
  • Business profile and invoicing settings (company details, banking fields, templates).
  • Operational metadata (timestamps, source file links, processing mode, audit logs).
  • Support and communication data when you contact us.

3. Purposes and lawful bases

  • Deliver and operate the service (contract performance under GDPR Article 6(1)(b)).
  • Comply with legal obligations (for example accounting and regulatory obligations under Article 6(1)(c)).
  • Protect service security, prevent abuse, and improve reliability (legitimate interests under Article 6(1)(f)).
  • Run optional AI-assisted processing only with explicit consent records where required (Article 6(1)(a)).

4. Processors and data sharing

We use trusted processors to provide infrastructure and product features. Depending on your usage, data may be processed by providers for database/authentication, email delivery, OCR extraction, AI-assisted extraction, and optional integrations.

  • Infrastructure and authentication services.
  • Document extraction and processing services.
  • Email sending providers for invoice delivery.
  • Optional third-party integrations you enable (for example workspace sync).

5. International data transfers

Data is primarily processed within the EEA where possible. If data is transferred outside the EEA, we use appropriate GDPR safeguards, such as European Commission Standard Contractual Clauses and supplementary measures where needed.

6. Retention periods

  • Account and profile data: retained while your account is active.
  • Transaction and invoice records: retained for service functionality and legal obligations.
  • Consent and audit records: retained to demonstrate compliance and service integrity.
  • Data is deleted or anonymized when no longer required for the original purpose.

7. Your GDPR rights

Subject to applicable law, you have rights to access, rectify, erase, restrict processing, object to processing, and receive your data in a portable format. You can also withdraw consent when processing is based on consent.

To exercise your rights, contact contact@visualsofjulius.com. We may request verification to protect your data.

8. Security

We use technical and organizational safeguards appropriate to the risk, including access controls, authenticated access, logging, and secure infrastructure practices.

9. Complaints authority

If you believe your data has been processed unlawfully, you can file a complaint with the Office of the Data Protection Ombudsman in Finland (Tietosuojavaltuutetun toimisto):tietosuoja.fi.

10. Policy updates

We may update this policy when legal, technical, or operational requirements change. We will publish the updated version with a revised date on this page.