kiira
EN BM
Early access
Legal / Privacy

Privacy Policy

Last updated: 15 April 2026

1. Who is the controller

The data controller is AYO SOLUTION APS (CVR DK12345678), Denmark. Contact: [email protected].

2. What we collect

  • Account data — name, email, phone, business details.
  • Bookkeeping data — the invoices, receipts, sales summaries, and messages you send us.
  • Usage data — logs, device and browser information, and basic analytics.
  • Payment data — processed by our payment providers; we do not store card numbers.

3. Why we process it

To run the service, keep your books, respond to support requests, prevent fraud, comply with legal obligations (including tax-related record-keeping in your jurisdiction), and improve the product.

4. Legal basis (GDPR)

We rely on performance of a contract (to deliver the service), legal obligation (to meet record-keeping rules), and legitimate interests (security, anti-fraud, product improvement). Where required, we ask for consent — e.g. for optional marketing emails.

5. AI processing

When you forward a message, receipt, or voice note into WhatsApp, we pass the content to a large language model (our sub-processor) to draft a bookkeeping entry. The model does not train on your data. Drafts are shown to you for review before they are booked.

6. Sub-processors

We use vetted providers for hosting, email delivery, payments, WhatsApp messaging, OCR, and AI inference. A current list is available on request.

7. Retention

We keep account and bookkeeping data for as long as your account is active, and for the period required by applicable accounting and tax law afterwards. You can request deletion of non-mandatory data at any time.

8. Your rights

You have the right to access, correct, export, and (where applicable) delete your personal data, to object to or restrict processing, and to lodge a complaint with your supervisory authority. Under Malaysia's PDPA you have equivalent rights of access and correction.

9. Security

Data is encrypted in transit and at rest. Access is restricted to staff who need it. We keep audit logs of sensitive actions.

10. International transfers

Some sub-processors are based outside the EU/EEA and Malaysia. Where required, we rely on Standard Contractual Clauses or equivalent safeguards.

11. Changes

We'll update this policy if our practices change. Material changes will be notified in-app or by email.

12. Contact

Privacy questions: [email protected].

AYO SOLUTION APS
CVR DK12345678