1. Introduction

Welcome to Biolev ("Company," "we," "us," or "our"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, including our website, applications, and QuickBooks integrations (collectively, the "Services").

By accessing or using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.

2. Information We Collect

2.1 Information You Provide to Us

We collect information that you voluntarily provide when using our Services:

• Account Information: Name, email address, company name, phone number, and billing information when you create an account
• QuickBooks Data: Financial data, transaction records, customer information, and other business data you authorize us to access through QuickBooks integration
• Communication Data: Information you provide when contacting our support team or communicating with us
• Payment Information: Credit card details, billing address, and payment history (processed through secure third-party payment processors)
• Profile Information: User preferences, settings, and customization choices

2.2 Information Automatically Collected

When you access our Services, we automatically collect certain information:

• Usage Data: Pages visited, features used, time spent on Services, and interaction patterns
• Device Information: IP address, browser type, operating system, device identifiers, and mobile network information
• Log Data: Server logs, error reports, and diagnostic information
• Cookies and Tracking: Information collected through cookies, web beacons, and similar technologies
• Location Data: General geographic location based on IP address

2.3 Information from Third Parties

We may receive information from third-party sources:

• QuickBooks: Financial and business data accessed through authorized QuickBooks OAuth integration
• Authentication Providers: Information from single sign-on services if you choose to use them
• Business Partners: Information from partners who help us provide or improve our Services
• Publicly Available Sources: Information from public databases to verify business information

3. How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Delivery

• Provide, maintain, and improve our Services
• Process transactions and manage your account
• Sync and analyze QuickBooks data as requested
• Generate reports, analytics, and insights
• Customize your experience and provide personalized features

3.2 Communication

• Send service-related notifications and updates
• Respond to your inquiries and provide customer support
• Send important account and security notifications
• Provide newsletters and marketing communications (with your consent)

3.3 Business Operations

• Process payments and manage subscriptions
• Detect, prevent, and address fraud and security issues
• Comply with legal obligations and enforce our Terms of Service
• Conduct research and analysis to improve our Services
• Monitor and analyze usage patterns and trends

3.4 Product Development

• Develop new features and functionality
• Test and improve existing features
• Understand user needs and preferences
• Conduct internal research and analytics

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We share information with trusted third-party service providers who assist us in operating our Services:

• Cloud hosting and infrastructure providers
• Payment processing services
• Customer support and communication tools
• Analytics and monitoring services
• Security and fraud prevention services

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 QuickBooks Integration

With your authorization, we access and sync data with your QuickBooks account through Intuit's OAuth 2.0 protocol. This data exchange is governed by both our Privacy Policy and Intuit's Privacy Statement.

4.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity, subject to this Privacy Policy.

4.4 Legal Requirements

We may disclose your information when required by law or to:

• Comply with legal processes, court orders, or government requests
• Enforce our Terms of Service and other agreements
• Protect our rights, property, or safety and that of our users
• Prevent fraud, security breaches, or illegal activities

4.5 With Your Consent

We may share your information for other purposes with your explicit consent.

5. Data Security

We implement industry-standard security measures to protect your information:

5.1 Technical Safeguards

• Encryption: Data is encrypted in transit using TLS/SSL and at rest using AES-256 encryption
• Access Controls: Strict access controls and authentication requirements for our systems
• Secure Infrastructure: Services hosted on secure, SOC 2 compliant cloud infrastructure
• Regular Audits: Periodic security audits and vulnerability assessments
• Monitoring: 24/7 monitoring for security threats and anomalies

5.2 Organizational Safeguards

• Employee training on data protection and security practices
• Confidentiality agreements with all personnel
• Incident response procedures for security breaches
• Regular security policy reviews and updates

5.3 Security Limitations

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, and you use our Services at your own risk.

6. Data Retention

We retain your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

6.1 Retention Periods

• Account Data: Retained while your account is active and for a reasonable period after account closure
• Financial Records: Retained for 7 years or as required by applicable law
• QuickBooks Data: Retained as long as you maintain the QuickBooks integration, plus a reasonable backup period
• Usage and Analytics Data: Typically retained for up to 2 years
• Marketing Data: Retained until you opt out or request deletion

6.2 Deletion Requests

You may request deletion of your data by contacting us at privacy@biolev.com. We will process your request within 30 days, subject to legal retention requirements.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

7.1 Access and Portability

• Request access to your personal information
• Receive a copy of your data in a portable format
• Request information about how we process your data

7.2 Correction and Updates

• Correct inaccurate or incomplete information
• Update your account information and preferences

7.3 Deletion and Erasure

• Request deletion of your personal information
• Close your account and remove associated data

7.4 Consent Withdrawal

• Withdraw consent for data processing where applicable
• Opt out of marketing communications
• Revoke QuickBooks integration authorization

7.5 Objection and Restriction

• Object to certain types of data processing
• Request restriction of processing in certain circumstances

7.6 Exercising Your Rights

To exercise these rights, contact us at privacy@biolev.com. We will respond to your request within 30 days. You may also have the right to lodge a complaint with a data protection authority.

8. Cookies and Tracking Technologies

8.1 What We Use

We use cookies, web beacons, pixels, and similar technologies to:

• Remember your preferences and settings
• Authenticate your account and maintain your session
• Analyze usage patterns and improve our Services
• Personalize content and features
• Deliver targeted advertising (with your consent)

8.2 Types of Cookies

• Essential Cookies: Required for the Services to function properly
• Performance Cookies: Help us understand how users interact with our Services
• Functional Cookies: Remember your preferences and choices
• Marketing Cookies: Used for advertising and marketing purposes (with consent)

8.3 Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may limit functionality of our Services.

9. Third-Party Links and Services

Our Services may contain links to third-party websites, applications, or services that are not operated by us. This Privacy Policy does not apply to third-party services.

We are not responsible for the privacy practices of third parties. We recommend reviewing the privacy policies of any third-party services you access.

Third-Party Integrations:

• QuickBooks (governed by Intuit's Privacy Statement)
• Payment processors
• Analytics providers
• Cloud service providers

10. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

If we become aware that we have collected information from a child without parental consent, we will take steps to delete that information promptly.

If you believe we have collected information from a child, please contact us immediately at privacy@biolev.com.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from your jurisdiction.

We take appropriate safeguards to ensure your information receives adequate protection in accordance with this Privacy Policy, including:

• Using Standard Contractual Clauses approved by the European Commission
• Ensuring third-party processors comply with applicable data protection laws
• Implementing appropriate technical and organizational security measures

12. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request disclosure of personal information collected, used, and shared
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of the sale of personal information (we do not sell personal information)
• Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise these rights, contact us at privacy@biolev.com or call our toll-free number. We will verify your identity before processing your request.

13. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), UK, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

• Right of access to your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent
• Right to lodge a complaint with a supervisory authority

Legal Basis for Processing: We process your data based on:

• Contract performance (providing Services you requested)
• Legitimate interests (improving Services, security, fraud prevention)
• Legal compliance (meeting regulatory requirements)
• Consent (where required and provided by you)

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

We will notify you of material changes by:

• Posting the updated Privacy Policy on our website with a new "Last Updated" date
• Sending an email notification to your registered email address
• Displaying a prominent notice on our Services

Your continued use of our Services after the effective date of changes constitutes acceptance of the updated Privacy Policy.

We encourage you to review this Privacy Policy periodically.

15. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

• Email: privacy@biolev.com
• Support: support@biolev.com
• Legal: legal@biolev.com
• Website: https://biolev.com/privacy

Data Protection Officer: For GDPR-related inquiries, contact our Data Protection Officer at dpo@biolev.com.