Legal
Effective date: June 12, 2026
We collect the minimum needed to run the service: your account details, the read-only accounting data you connect, and — only if you consent — privacy-focused analytics on the website. We never sell data, never run advertising trackers, and never move money.
The controller is David Leme Tiba, doing business as Composenz (contact: david@composenz.com). For accounting data of your companies, you are the controller and Composenz acts as processor under the Data Processing Addendum.
Account data: name, email, password (stored only as a strong hash), two-factor settings.
Connected accounting data (read-only): chart of accounts, journals, invoices, bills and related records from the QuickBooks/Xero organisations you authorise — only the objects needed to consolidate and narrate your group.
Billing data: handled by Paddle, our merchant of record. We never see full card numbers.
Website analytics: only after you accept the consent banner, we use PostHog to understand which pages help visitors. If you decline, nothing loads.
Support email: the messages you send us.
Feedback and complaints: if you choose to send feedback or a complaint through the in-product widget, we store the free-text message you write, a topic label (for example bug, billing, complaint or praise) and an indicative sentiment (positive, neutral or negative). Obvious personal details such as email addresses and card numbers are removed before the message is saved; the message itself is then encrypted at rest and can be read only by the controller.
To provide the service (consolidating your group and delivering briefs — performance of contract). To secure the service (fraud and abuse prevention — legitimate interest). To improve the website (analytics — consent). To meet legal obligations (tax and accounting records via Paddle).
To handle feedback and complaints you choose to send us: we process the message you write on the basis of your consent — you tick a box confirming you want to send it — and we rely on legitimate interest to review topics and sentiment so we can improve the product. You can withdraw consent at any time.
We use a short list of infrastructure providers under data processing agreements — hosting, database, payments, email, analytics. The current list, with purposes and locations, is on the Subprocessors page. We notify customers before adding or replacing subprocessors that handle accounting data.
Account and accounting data are kept while your account is active. Close your account and we delete your data within 30 days of request, except records we must keep by law (e.g. billing). Your books always remain intact in your own accounting platforms — we only ever held a read-only copy.
Feedback and complaints sent through the product are kept for up to 365 days from the date you send them, after which they are deleted. You can ask us to delete a message sooner, or exercise the rights in section 7 over it — email david@composenz.com and we erase it.
Depending on where you live (including under GDPR, UK GDPR, CCPA and Brazil's LGPD) you may have rights to access, correct, export, delete or restrict processing of your personal data, and to withdraw consent at any time. Email david@composenz.com — we respond within 30 days and don't discriminate against you for exercising rights.
You can also complain to your local data protection authority.
Our infrastructure providers operate primarily in the United States and Europe. Where data leaves your jurisdiction, transfers rely on recognised safeguards such as standard contractual clauses, as detailed in each provider's DPA.
Material changes to this policy are announced by email and on the changelog before they take effect.
Email us and a human answers within one business day. david@composenz.com
