Legal
Privacy Policy
Last updated: 14 May 2026
This Privacy Policy explains what data we collect when you use All Day Books, how we use it, who we share it with, and the rights you have over it. We are the data controller for the personal data described here.
1. Who we are
All Day Books (“we”, “us”, “our”). Contact: hello@alldaybooks.co.uk.
2. What we collect
- Account information — email address, full name, business type, default currency, VAT status.
- Financial records you give us — transactions, invoices, receipts, mileage logs, MTD submissions, and the metadata around them.
- Chat messages — the conversations you have with our AI agent, including any attachments such as receipt photos and audio you record for voice input.
- Device and usage information — IP address, device type, operating system, app version, crash logs, and basic interaction analytics so we can fix bugs and improve the product.
- Push notification tokens — if you opt in to notifications, so we can deliver MTD reminders and chat alerts.
3. How we use it
We process your data to:
- Provide the bookkeeping, invoicing and MTD features;
- Generate AI responses, categorisations and tax estimates on your behalf;
- Send you product-critical and transactional emails;
- Detect abuse, fraud and security incidents;
- Improve the product and fix defects.
4. Legal bases (UK GDPR)
- Contract — providing the Service you signed up for.
- Legitimate interests — securing the platform, preventing fraud, improving the product. We balance these against your rights.
- Consent — for push notifications, optional voice input, and any marketing communications.
- Legal obligation — where we must keep records for tax, accounting, or to comply with HMRC requirements.
5. Where your data lives
Your data is stored in EU-region Supabase infrastructure (Postgres 15 + encrypted storage). AI responses are generated using Anthropic's Claude API; the content of your chat messages is transmitted to Anthropic for the purpose of producing a reply and is not used by Anthropic to train models when accessed via the commercial API.
6. Sub-processors we use
- Supabase — database, authentication, storage (EU region).
- Anthropic — Claude API for AI features (US; data transfers under SCCs).
- Resend — transactional emails (invoice sends, chasers).
- Apple Push Notification service / Firebase Cloud Messaging — push delivery.
7. How long we keep it
We keep your records for as long as your account is active. UK tax law requires sole traders to retain records for at least five years after the 31 January submission deadline of the relevant tax year; we retain accordingly. You can delete your account at any time, which removes your data from our active systems within 30 days and from backups within 90 days.
8. Your rights
You have the right to access, correct, delete, export, restrict, and object to our processing of your personal data, and to lodge a complaint with the UK Information Commissioner's Office (ICO). Email hello@alldaybooks.co.uk to exercise any of these rights. You can also export everything we hold from Account → Settings → Export my data.
9. Children
The Service is not intended for users under 18 and we do not knowingly collect data from them.
10. Cookies
The marketing site uses only essential cookies. We do not run third-party advertising trackers. The mobile app does not use cookies.
11. Changes to this policy
We'll update this page when our practices change and highlight material changes in-app or by email.
12. Contact
Privacy questions or rights requests: hello@alldaybooks.co.uk.