InvoiceSABack to home

Privacy Policy

Last updated: 16 March 2026

1. Who we are

InvoiceSA ("we", "us", "our") is an invoicing web application operated from South Africa. Our website is invoicesa.co.za. This policy explains how we collect, use, store, and protect your personal information when you use our service.

2. Information we collect

We collect the following information when you use InvoiceSA:

  • Account information: email address, password (hashed), business name, and business details you provide in your profile.
  • Invoice and quote data: customer names, email addresses, phone numbers, line items, amounts, and payment terms that you enter when creating invoices and quotes.
  • Payment information: subscription plan and billing status. Payment processing is handled by PayFast — we do not store your card details.
  • Usage data: pages visited, features used, and anonymised analytics via Google Analytics (with cookie consent).

3. How we use your information

  • To provide the InvoiceSA service — creating, sending, and managing invoices and quotes.
  • To send transactional emails (invoice delivery, quote delivery, payment reminders) on your behalf.
  • To process your subscription payments via PayFast.
  • To improve our service and fix issues.
  • To communicate important service updates.

4. Third-party services

We use the following third-party services to operate InvoiceSA:

  • Supabase: database hosting and authentication. Your data is stored securely in Supabase-managed infrastructure.
  • PayFast: payment processing for subscriptions. PayFast handles all card and bank account details under their own privacy policy.
  • Resend: transactional email delivery (invoices, quotes, reminders).
  • Vercel: application hosting.
  • Google Analytics: anonymised website usage analytics (only with your cookie consent).

5. Data storage and security

Your data is stored in secure, managed database infrastructure provided by Supabase. All data is transmitted over HTTPS. We use row-level security (RLS) to ensure that each user can only access their own data. Passwords are hashed and never stored in plain text.

6. Data sharing

We do not sell, rent, or share your personal information with third parties for marketing purposes. We only share data with the third-party service providers listed above, solely to operate the InvoiceSA service. We may disclose information if required by South African law or a valid court order.

7. Your rights

Under the Protection of Personal Information Act (POPIA), you have the right to:

  • Access the personal information we hold about you.
  • Request correction of inaccurate information.
  • Request deletion of your account and associated data.
  • Object to the processing of your personal information.

To exercise any of these rights, contact us at hello@invoicesa.co.za.

8. Cookies

We use essential cookies for authentication and session management. Analytics cookies (Google Analytics) are only enabled with your explicit consent via our cookie banner.

9. Data retention

We retain your data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days. We may retain anonymised, aggregated data for analytics purposes.

10. Children

InvoiceSA is designed for business use and is not intended for children under 18. We do not knowingly collect data from children.

11. Changes to this policy

We may update this privacy policy from time to time. We will notify you of significant changes by email or via a notice on our website.

12. Contact us

If you have questions about this privacy policy or how we handle your data, contact us at hello@invoicesa.co.za.