Privacy Policy

Last updated: May 27, 2026

NarrateAI ("we", "our", or "us") operates the NarrateAI service at getnarrateai.com. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.

1. Information We Collect

Account information: When you register, we collect your email address and company name.

Financial data: To generate reports, we process financial data you provide by uploading CSV or Excel files, or by connecting your QuickBooks or Xero account via OAuth. This data includes profit & loss statements, balance sheets, and cash flow statements.

Billing information: Payments are processed by Stripe. We store only a Stripe customer ID and subscription ID — we never see or store your full card number.

Usage data: We collect standard server logs including IP address, browser type, pages visited, and timestamps to operate and improve the service.

2. How We Use Your Information

  • To authenticate you and provide the NarrateAI service
  • To generate AI-powered financial report narratives from your financial data
  • To process subscription payments via Stripe
  • To sync financial data from QuickBooks or Xero when you authorise those connections
  • To improve the service and diagnose technical issues
  • To send transactional emails (account confirmations, billing receipts)

We do not sell your data. We do not use your financial data for advertising or training AI models.

3. Third-Party Services

We use the following sub-processors to operate NarrateAI:

  • Supabase — database and authentication (data stored in the US)
  • Anthropic (Claude AI) — AI narrative generation. Your financial data is sent to Anthropic's API to generate report text. Anthropic does not train models on API data. See anthropic.com/privacy.
  • Stripe — payment processing. See stripe.com/privacy.
  • Intuit (QuickBooks) — when you connect QuickBooks, we access your accounting data via OAuth with only the permissions you grant.
  • Xero — when you connect Xero, we access your accounting data via OAuth with only the permissions you grant.
  • Vercel — cloud hosting and deployment infrastructure.

4. Data Retention

Generated reports are retained according to your plan: 7 days (Free), 90 days (Starter), or indefinitely (Pro). You may delete individual reports at any time from your dashboard. When you delete your account, all associated data is permanently removed within 30 days.

QuickBooks and Xero OAuth tokens are stored only while your integration is connected. You can disconnect at any time from Settings → Integrations, which immediately deletes your stored tokens.

5. Security

All data is transmitted over HTTPS. Financial data is stored encrypted at rest in Supabase. We use Supabase Row Level Security (RLS) so each user can only access their own data. OAuth tokens for QuickBooks and Xero are stored encrypted.

6. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data via Settings
  • Delete your account and all associated data by contacting us
  • Export your reports as PDF or Word documents
  • Disconnect QuickBooks or Xero integrations at any time

To exercise any of these rights, contact us at support@getnarrateai.com.

7. Cookies

We use session cookies solely for authentication purposes. We do not use tracking cookies or third-party advertising cookies.

8. Children's Privacy

NarrateAI is a business service not directed at children under 13. We do not knowingly collect data from children.

9. Changes to This Policy

We may update this policy from time to time. We will notify registered users by email of material changes. Continued use of the service after changes constitutes acceptance.

10. Contact

For privacy questions or data requests, contact us at:
support@getnarrateai.com
NarrateAI · getnarrateai.com