Last updated 16 July 2026
Suitekore Invoices (“Suitekore,” “we,” “us”) operates the invoicing platform at invoices.suitekore.com (“the Service”). This page explains what data we collect, how we use it, and your rights.
When you sign up we store your email address and a bcrypt-hashed password. We also store the company name you provide and any optional profile information you add (logo, address, bank details for invoice templates).
You enter your clients’ names, contact details, building addresses, service descriptions, and monthly charges into the app. This data is used to generate invoices and to send email on your behalf. It belongs to you and is not shared with anyone except as required to operate the Service.
When a client pays an invoice via Stripe Checkout, the payment is processed by Stripe on your connected Stripe account. Suitekore does not handle card numbers or bank details. Stripe’s privacy policy applies to the payment flow: see stripe.com/privacy.
We use Resend to deliver invoice PDFs, reminders, and verification emails. Recipient email addresses and email content are transmitted to Resend solely to send the messages you request. See resend.com/legal/privacy-policy.
If you choose to use the AI invoice command feature, the sentence you type and a limited shortlist of saved client, contact, and site or job names are transmitted to OpenRouter and a selected model provider so the Service can prepare an invoice draft. We do not send billing email addresses, bank details, invoice history, or payment data for this feature. AI suggestions are not sent to clients and do not create an invoice until you approve the draft.
Our servers log standard HTTP data (IP address, user agent, request path) for troubleshooting and abuse prevention. We do not use analytics scripts, tracking cookies, or advertising pixels on the marketing site or inside the application.
The application sets a session cookie (httpOnly, secure, sameSite=lax) to keep you signed in. This cookie is essential for the Service to function and does not track you across sites. We do not use non-essential cookies.
Your data is used strictly to:
We do not sell, rent, or share your data with third parties for their own purposes. We do not use your client or invoice data for advertising, training machine-learning models, or any purpose beyond operating the Service.
Your data is stored in a PostgreSQL database on a VPS in an IONOS data centre. The database is not publicly accessible; it accepts connections only from the application container. Passwords are hashed with bcrypt (cost 12). API access is authenticated and tenant-scoped. We enforce HTTPS, HSTS, a Content Security Policy, and frame-ancestor restrictions on every page. Daily database backups are stored on the same host.
Your account data, client records, and invoices are retained for as long as your account is active. If you delete your account (contact us below), we remove your data from the live database within 30 days. Backups may retain data for up to 90 days before rotation.
You have the right to:
To exercise any of these rights, email us at the address below. We will respond within 30 days.
The Service relies on the following sub-processors:
For privacy questions or data requests, email admin@suitekore.com.