GDPR Compliance

Last updated: March 19, 2026

1. Introduction

Send-Bills.com is committed to complying with the General Data Protection Regulation (GDPR) and protecting the rights of data subjects in the European Union and EEA. This notice outlines how we handle personal data and your rights under GDPR.

2. Data Controller

Send-Bills.com operates as the Data Controller for personal information collected through our free invoice generator service. We are responsible for determining how and why personal data is processed.

3. Legal Basis for Processing

We process personal data based on the following legal grounds:

• Consent: We obtain your explicit consent before processing certain types of personal data, such as for marketing communications or optional analytics.
• Legitimate Interest: We process data to maintain our service, prevent fraud, ensure security, and improve our website functionality.
• Contract: Processing may be necessary to fulfill contractual obligations when you use our service or create an account.

4. Your Rights Under GDPR

As a data subject, you have the following rights:

• Right to Access: You have the right to request a copy of personal data we hold about you.
• Right to Rectification: You have the right to request correction of inaccurate or incomplete personal data.
• Right to Erasure: You have the right to request deletion of your personal data (the "right to be forgotten").
• Right to Restrict Processing: You have the right to request that we limit how we use your personal data.
• Right to Data Portability: You have the right to request and receive your personal data in a structured, commonly used, and machine-readable format.
• Right to Object: You have the right to object to certain types of processing, including direct marketing.
• Right to Withdraw Consent: If we process data based on your consent, you can withdraw that consent at any time.
• Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection authority if you believe we have violated your rights.

5. How to Exercise Your Rights

To exercise any of your GDPR rights, please email us at data-protection@send-bills.com with your request. Include relevant details about your request and any supporting documentation. We will respond to your request within 30 days or inform you if we need additional time to process your request.

6. Data Processing Activities

We process the following categories of personal data:

• Invoice Data: Business names, addresses, item descriptions, and payment amounts. This data is processed locally in your browser and never stored on our servers.
• Account Data: If you create an account, we collect your name, email address, and authentication information. This data is retained for the duration of your account.
• Usage Data: Analytics information including pages visited, time spent on site, browser type, and device type. This is retained for up to 26 months.
• Log Data: IP addresses, browser type, referring pages, and timestamps. Server logs are typically retained for 30 days.

7. International Data Transfers

Some of our service providers, including Firebase and Google Cloud, are located outside the EU. We rely on the EU-US Data Privacy Framework and Standard Contractual Clauses to ensure adequate safeguards for transferring personal data internationally.

8. Data Protection Officer

For questions about data protection practices or to contact our Data Protection Officer, please email data-protection@send-bills.com.

9. Cookies and Consent

We use cookies to enhance your browsing experience and measure website performance. Please refer to our Cookie Policy for detailed information about how we use cookies and how to manage your cookie preferences.

10. Changes to This Notice

We may update this GDPR notice from time to time to reflect changes in our practices or legal requirements. We will post any significant changes on this page and update the "Last updated" date. We encourage you to review this notice periodically.