Privacy

Last updated: 3 June 2026

This Privacy Policy explains how Trueform GmbH ("Billow," "we," "us," or "our") collects, uses, discloses, and protects your personal data when you use our website and services (the "Service"). Because we serve users globally, this policy is designed to comply with the Swiss Federal Act on Data Protection (nFADP), the EU/EEA and UK General Data Protection Regulation (GDPR), and applicable United States privacy laws.

1. Data Controller

The controller responsible for your personal data is:

Trueform GmbH Flawilerstrasse 30, 9500 Wil SG, Switzerland ping@billow.so

For any questions about this policy or how we handle your personal data, contact us at ping@billow.so.

2. Personal Data We Collect

Information you provide: account details such as name, email address, password, and any content you submit.
Content you upload: invoices, receipts, documents, and client or contact details you add to your workspace. This content may include personal data relating to your own clients and contacts.
Sign-in data: if you sign in with Google, we receive your name, email address, and Google account identifier from Google.
Automatically collected data: IP address, device and browser type, log data, and aggregated, anonymous usage information collected through our website analytics.
Payment data: if you make purchases, payment details are processed by our third-party payment provider; we do not store full card numbers.
Sensitive data: we do not intentionally collect sensitive personal data (including genetic or biometric data) unless you provide it and we have a lawful basis to process it.

3. Why We Process Your Data and Our Legal Basis

We process personal data to provide and maintain the Service, process transactions, communicate with you, improve our offerings, ensure security, and comply with legal obligations.

Where the GDPR applies, our legal bases are: performance of a contract with you; your consent (which you may withdraw at any time); our legitimate interests (such as securing and improving the Service); and compliance with legal obligations. Under the Swiss nFADP, we process personal data lawfully, fairly, and for the specific purposes described above.

AI processing. When you upload invoices or other documents, we use an EU-based AI provider (Mistral AI, France) to perform optical character recognition and to extract structured data such as amounts, dates, and counterparties. This processing happens entirely within the EU; we do not send your content to AI providers outside the EU. Extracted data may contain errors, and you remain responsible for reviewing it before relying on it. We do not use this processing to make decisions producing legal or similarly significant effects about you without human involvement.

4. How We Share Your Data

We do not sell your personal data. We may share it with:

Service providers acting on our behalf (e.g., hosting, analytics, payment processing) under appropriate data processing agreements;
Authorities or third parties where required by law or to protect our rights;
A successor entity in connection with a merger, acquisition, or asset sale.

Where you connect a Stripe account to collect payment on invoices you issue, payment and transaction data relating to your own clients is processed by Stripe in its role as payment processor.

5. International Data Transfers

Most of your personal data stays within the EU or Switzerland. We host the application and store your account data, uploaded documents, and generated files on infrastructure located in the EU (Frankfurt, Germany). Our AI processing, product analytics, and error monitoring providers are also EU-based. A limited number of providers are located in the United States; for those transfers we rely on the EU Standard Contractual Clauses with the Swiss addendum and, where available, the recipient's certification under the EU–US Data Privacy Framework.

The providers we currently rely on are:

Laravel Cloud — application hosting (EU, Frankfurt)
Amazon Web Services (S3) — storage of uploaded documents and generated files (EU, Frankfurt)
Mistral AI — AI document OCR and data extraction (EU, France)
PostHog — product analytics (EU)
Sentry — error and performance monitoring (EU, Germany)
Viral Loops — waitlist management on our marketing site; data stored on EU servers (provider established in Canada, a country the European Commission recognises as providing adequate protection)
Stripe — payment processing (United States; SCC and EU–US Data Privacy Framework)
Loops — transactional and lifecycle email (United States; SCC and EU–US Data Privacy Framework)
Google — sign-in with Google (United States; SCC and EU–US Data Privacy Framework)
UserJot — feedback and support boards (United States; SCC and data processing addendum)
Framer — marketing website hosting and anonymous analytics (United States; marketing site only)

You may request a copy of the relevant safeguards by contacting us at ping@billow.so.

6. Cookies and Analytics

We use a small number of strictly necessary cookies to keep you signed in and to remember your preferences (for example, your theme). These are essential for the Service to function.

Marketing website. Our marketing website uses Framer's built-in analytics, which collect aggregated, anonymous usage data and do not identify individual visitors.

In the application. We use PostHog (hosted in the EU) to understand how the product is used and to improve it. When you are signed in, these analytics are associated with your account. We do not use analytics for advertising or profiling, and we do not sell or share usage data with third parties for those purposes.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this policy or to comply with legal obligations, after which it is deleted or anonymized.

When you close your account, your workspace data remains available for export and recovery for 30 days, after which it is permanently deleted from our active systems. Records we are legally required to keep, such as issued invoices retained for tax and accounting purposes, may be held for the applicable statutory retention period.

8. Your Rights

Depending on your location, you have the right to:

Access the personal data we hold about you and obtain a copy;
Rectify inaccurate or incomplete data;
Erase your data ("right to be forgotten");
Restrict or object to certain processing;
Data portability — receive your data in a structured, machine-readable format;
Withdraw consent at any time, without affecting prior lawful processing.

US residents: depending on your state (e.g., California, Colorado, Virginia), you may have additional rights, including the right to know what personal data we collect, to delete it, to opt out of "sale" or "sharing" of personal data, and not to be discriminated against for exercising these rights. We do not sell your personal data.

To exercise any of these rights, contact us at ping@billow.so. You also have the right to lodge a complaint with a supervisory authority — in Switzerland, the Federal Data Protection and Information Commissioner (FDPIC); in the EU/EEA, your local data protection authority.

9. Security

We take reasonable technical and organizational measures to protect your personal data. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

10. Children's Privacy

The Service is not directed to children under 18, and we do not knowingly collect their personal data. If you believe a child has provided us data, contact us and we will delete it.