Privacy Policy

Last updated: June 2026

1. Who We Are

Sabe Interactive Limited is the data controller for DueTrack.

ICO Registration Number: ZB039952

Registered Address: Bedford iLab, Priory Business Park, Bedford, MK44 3RZ

Contact: hello@duetrack.co.uk

2. What Data We Collect

We collect the following categories of personal and business data:

Account data: your name, email address, and business name.

Invoice data: PDF files you forward to us, and extracted fields including supplier name, invoice number, invoice date, due date, amount, and currency.

Usage logs: records of system events (invoices received, emails sent, etc.) used for service operation and security.

Billing data: your subscription is handled by Stripe. We do not store your card details.

3. How We Use Your Data

Legal basis under UK GDPR:

Contract performance: to provide the DueTrack service you have signed up for.

Legitimate interests: to maintain security, prevent fraud, and improve the service.

4. Third-Party Processors

We use the following third-party processors to deliver the service:

  • Neon — hosts our PostgreSQL database storing your account and invoice data
  • Cloudflare R2 — stores your invoice PDF files securely
  • Anthropic — processes invoice PDFs to extract data using AI (Claude)
  • Postmark — sends reminder and notification emails; receives forwarded invoices
  • Stripe — processes subscription payments
  • Vercel — hosts and runs the DueTrack application

Important: Invoice PDFs are sent to Anthropic for AI-powered data extraction. Please do not forward invoices containing sensitive personal data beyond standard business invoice fields (supplier name, amounts, dates).

5. Data Retention

When you delete your account, all your data — including account details, invoice records, and stored PDFs — is deleted immediately and permanently.

Stripe may retain billing records in accordance with their own privacy policy and applicable law.

6. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

  • Right of access — to obtain a copy of the data we hold about you.
  • Right to rectification — to have inaccurate data corrected.
  • Right to erasure — to request deletion of your data.
  • Right to restriction — to restrict how we process your data.
  • Right to data portability — to receive your data in a structured, machine-readable format.
  • Right to object — to object to processing based on legitimate interests.

To exercise any of these rights, please contact us at hello@duetrack.co.uk. We will respond within one month.

7. Cookies

We use session cookies solely to keep you logged in to DueTrack. We do not use tracking, analytics, or advertising cookies.

8. Changes to This Policy

If we make material changes to this Privacy Policy, we will notify you by email before the changes take effect.

9. Complaints

If you are unhappy with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

We would, however, appreciate the opportunity to address your concerns first — please contact us at hello@duetrack.co.uk.