Legal

Legal documents and policies for CheckStream.

Privacy Policy

Last updated: September 23, 2025

1. Introduction

Welcome to CheckStream ("we", "us", "our"). We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application and services (collectively, the "Service"). By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect information that is essential to providing and improving our Service. The types of information we collect are:

  • Account Information: When you register for an account, we collect personal information such as your name and email address.
  • Information from Third-Party Services: If you connect your QuickBooks account, we use OAuth to access certain data. This includes your company information, customer lists, and invoice data. We only access the information necessary to provide the Service.
  • Check and Payment Data: When you process a check through our Service, we collect an image of the check and extract the relevant data from it, such as payee name, amount, date, and memo line. This extracted data is stored in a structured format (JSON).
  • Usage Data: We may collect information about how you access and use the Service, such as IP address, browser type, and pages visited. We plan to use services like Google Analytics for this purpose.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To Provide and Maintain the Service: To process checks, extract data, and record payments in your connected QuickBooks account.
  • To Manage Your Account: To communicate with you about your account, including for billing, updates, and security alerts.
  • To Improve Our Service: To understand how our users interact with the Service so we can enhance functionality and user experience.
  • To Provide Customer Support: To respond to your requests, questions, and comments.

4. Data Sharing and Third-Party Services (Sub-processors)

We do not sell your personal information. We may share your information with trusted third-party service providers (sub-processors) who perform services on our behalf, but only as necessary to provide the Service.

  • QuickBooks: Our Service's core functionality relies on reading and writing data to your connected QuickBooks account as authorized by you.
  • Stripe, Inc.: For processing payments for our Service. We do not store your credit card information directly; it is securely handled by Stripe. You can view their privacy policy here.
  • AI Service Providers (e.g., OpenRouter): For AI-powered extraction of data from check images. When you upload a check, the image is securely routed via a service like OpenRouter to an underlying large language model.
    Our Commitment to Data Privacy: We will only use AI models from providers who have strict, explicit policies prohibiting the use of customer data submitted via their API for the purpose of training their AI models. Your data is processed solely for the purpose of providing the extraction service and is never used to improve the underlying models.
  • Hosting Provider: Our application and your data are hosted on secure servers located within the United States.

We may also disclose your information if required by law, such as to comply with a subpoena or other legal process.

5. Data Storage, Security, and Retention

We implement reasonable administrative, technical, and physical security measures to protect your information from unauthorized access, use, or disclosure. This includes using encryption for data in transit (SSL/TLS).

Check images you upload are stored indefinitely using secure storage solutions (e.g., Active Storage) to provide you with a historical record. The data extracted from these checks is also retained. We retain your account information for as long as your account is active or as needed to provide you with the Service and comply with our legal obligations.

6. Your Rights and Choices

Our Service is intended for users located in the United States. In accordance with applicable laws, such as the California Consumer Privacy Act (CCPA), you have certain rights regarding your personal information.

  • Right to Access: You have the right to request a copy of the personal information we hold about you.
  • Right to Deletion: You have the right to request that we delete your personal information, subject to certain legal exceptions.

To exercise these rights, please contact us at privacy@checkstream.ai. We will respond to your request in accordance with applicable law.

7. Children's Privacy

Our Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top. We encourage you to review this Privacy Policy periodically for any changes.

9. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at: privacy@checkstream.ai.