← Back

Privacy Policy

Last updated: February 2026

1. Overview

SoloLith ("we", "us", "our") is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights regarding your data.

2. Data We Collect

  • Account data: Name, email address, password (hashed), business name
  • Business data: Projects, invoices, time entries, expenses, contracts, quotes — all entered by you
  • Payment data: Stripe Connect account ID (we never store card numbers — payments are handled by Stripe)
  • Bank data: Bank account metadata via Plaid (institution name, account names, transaction data)
  • Usage data: API requests, webhook events (logged for debugging)

3. How We Use Your Data

  • To provide and operate the Service
  • To send invoices and email notifications on your behalf
  • To generate AI-powered summaries (commit data sent to OpenAI)
  • To process expense receipt OCR (receipt images sent to OpenAI)
  • To sync bank transactions (via Plaid)
  • To communicate with you about your account

We do not sell your data to third parties. We do not use your business data for advertising.

4. Third-Party Services

We use the following third-party services to operate SoloLith:

  • Neon — PostgreSQL database hosting
  • Vercel — Application hosting and deployment
  • Stripe — Payment processing
  • LemonSqueezy — Subscription billing
  • Resend — Transactional email delivery
  • OpenAI — AI changelog generation and receipt OCR
  • Plaid — Bank account connection and transaction sync

Each of these services has its own privacy policy governing how they handle data.

5. Data Storage and Security

Your data is stored in a PostgreSQL database hosted by Neon in the US (AWS us-east-2). Passwords are hashed using bcrypt and never stored in plain text. We use HTTPS for all data in transit. API tokens are stored as hashed values.

6. Data Retention

We retain your data for as long as your account is active. When you delete your account, your data is permanently deleted from our database. Backups may retain data for up to 30 days after deletion.

7. Your Rights

You have the right to:

  • Access all data associated with your account
  • Export your data (projects, invoices, time entries)
  • Delete your account and all associated data at any time via Settings
  • Request correction of inaccurate data

8. Cookies

SoloLith uses session cookies for authentication only. We do not use tracking cookies or third-party advertising cookies.

9. Children's Privacy

SoloLith is not intended for use by anyone under the age of 18. We do not knowingly collect data from minors.

10. Changes to This Policy

We may update this policy from time to time. We will notify users of material changes by email or by posting a notice in the app. Continued use of the Service after changes constitutes acceptance.

11. Contact

For privacy-related questions or data requests, contact us at jachin_dev@jachin.dev.

Jachin DevLegal