Privacy Policy
Effective date: September 26th, 2024
At DualEntry, we take your privacy seriously. Please read this Privacy Policy to learn how we treat your personal data. By using or accessing our Services in any manner, you acknowledge that you accept the practices and policies outlined below, and you hereby consent that we will collect, use and disclose your information as described in this Privacy Policy.
Remember that your use of DualEntry's Services is at all times subject to our Website Terms of Use, or our Enterprise Terms of Use (as applicable), which incorporates this Privacy Policy. Any terms we use in this Policy without defining them have the definitions given to them in the Terms of Use.
You may print a copy of this Privacy Policy by clicking here.
As we continually work to improve our Services, we may need to change this Privacy Policy from time to time. We will alert you of material changes by placing a notice on the DualEntry website, by sending you an email and/or by some other means.
What this Privacy Policy Covers
This Privacy Policy covers how we treat Personal Data that we gather when you access or use our Services. βPersonal Dataβ means any information that identifies or relates to a particular individual and also includes information referred to as βpersonally identifiable informationβ or βpersonal informationβ under applicable data privacy laws, rules or regulations. This Privacy Policy does not cover the practices of companies we donβt own or control or people we donβt manage.
Personal Data
Categories of Personal Data We Collect
This chart details the categories of Personal Data that we collect and have collected over the past 12 months:
| Category of Personal Data (and Examples) | Business or Commercial Purpose(s) for Collection | Categories of Third Parties With Whom We Disclose this Personal Data |
|---|---|---|
| Profile or Contact Data such as first and last name, email, username, phone number and mailing address. |
|
|
| Payment Data such as billing name, billing email and billing company. |
|
|
| Device/IP Data such as IP address, IP-address-based location data, device ID, domain server and type of device/operating system/ browser used to access the Services. |
|
|
| Web Analytics such as web page interactions, referring webpage/source through which you accessed the Services, non-identifiable request IDs, statistics associated with the interaction between device or browser and the Services and browsing or search history. |
|
|
| Other Identifying Information that You Voluntarily Choose to Provide such as emails, letters, and texts you send us. |
|
|
Our Commercial or Business Purposes
We collect and use Personal Data to provide and maintain our Services, authenticate users, process payments, respond to support requests, improve product performance, and protect our systems from abuse, fraud, and unauthorized access.
We may also use Personal Data to communicate service updates, deliver transactional notices, conduct analytics, measure usage trends, and inform product roadmap decisions that improve reliability and user experience.
Legal Bases for Processing
Where applicable, we process Personal Data based on consent, contractual necessity, legitimate interests, and legal obligations. The legal basis used depends on the nature of the data and the context in which it is collected.
If consent is the basis for processing, you may withdraw consent at any time, subject to legal or operational limitations described in this policy.
Other Permitted Purposes
In certain circumstances, we may process Personal Data to comply with legal obligations, enforce contractual terms, resolve disputes, detect security incidents, and protect the rights, property, or safety of our users, our company, and the public.
Where required by law, we rely on an appropriate legal basis for processing, including consent, performance of a contract, legitimate interests, and compliance with legal requirements.
Sensitive Data Handling
We do not intentionally collect sensitive categories of personal information unless necessary for a clearly disclosed purpose and permitted by applicable law.
When such data is processed, we apply heightened access controls and limit retention to what is necessary for the authorized purpose.
Categories of Sources of Personal Data
We collect Personal Data directly from you, automatically from your interactions with our Services, and from third-party sources such as analytics providers, payment processors, identity providers, and business partners.
When your organization provides your account, we may also receive account and profile information from administrators or authorized representatives to enable your access and support enterprise account management.
How We Disclose Your Personal Data
Service Providers
We disclose Personal Data to trusted service providers that perform functions on our behalf, such as infrastructure hosting, payment processing, customer support tooling, email delivery, analytics, and security monitoring.
Legal and Compliance Disclosures
We may also disclose Personal Data in connection with legal requests, business transfers, or where disclosure is necessary to investigate policy violations, enforce agreements, or protect users and our Services. We do not sell Personal Data in exchange for money.
Business Transfers
If we are involved in a merger, acquisition, financing, or sale of assets, Personal Data may be disclosed as part of that transaction, subject to applicable confidentiality and legal safeguards.
Tracking Tools, Advertising, and Opt-Out
We and our partners use cookies and similar technologies to operate core features, remember preferences, analyze traffic, and measure the effectiveness of product and marketing campaigns.
Types of Cookies
Essential cookies are required for authentication and security. Performance and analytics cookies help us understand how users interact with the Services. Functional cookies remember settings such as language and session preferences.
Depending on your location, you may be presented with cookie controls that allow you to accept or reject non-essential cookies. You can also manage cookies through your browser settings.
Session Replay Technology
We may use session replay and heatmap tools to better understand usability issues, diagnose errors, and improve navigation and interface clarity. These tools are used for service improvement and are subject to technical and contractual safeguards.
Sensitive fields are masked where technically feasible, and replay access is limited to authorized personnel with a business need.
Information about Interest-Based Advertisements
Third-party partners may use cookies and identifiers to provide ads based on your activity across websites and services. You can opt out of certain targeted advertising through industry tools and your device or browser privacy settings.
Opting out does not eliminate all advertising; it may still include non-personalized ads.
Do Not Track and Browser Signals
At this time, our Services may not respond uniformly to all browser-based Do Not Track (DNT) signals due to lack of a consistent industry standard.
You can still manage preferences through browser settings, cookie controls, and third-party opt-out mechanisms where available.
Data Security
Security Safeguards
We maintain administrative, technical, and physical safeguards designed to protect Personal Data against unauthorized access, disclosure, alteration, and destruction. These measures include encryption in transit, role-based access controls, security monitoring, and periodic system hardening reviews.
Access to sensitive systems is restricted to authorized personnel with a legitimate business need, and privileged operations are logged to support auditability and incident response readiness.
Security Limitations
No security program can guarantee absolute protection. Despite our safeguards, attack methods evolve and residual risk remains in any internet-connected service.
Users should also protect their own credentials by using strong unique passwords, enabling available security controls, and reporting suspicious activity promptly.
Incident Response
We maintain incident detection and response procedures that include investigation, containment, remediation, and post-incident review. Where required by law, we notify affected users and authorities within applicable timelines.
Data Retention
Retention Periods
We retain Personal Data for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. Retention timelines vary based on the category of data, account type, and operational or regulatory requirements.
Certain records, such as billing artifacts, compliance logs, and support history, may be retained for extended periods where required by law or legitimate business needs.
Deletion and De-Identification
When Personal Data is no longer necessary for the purposes described in this policy, we delete, aggregate, or de-identify it according to our retention standards and applicable legal obligations.
Backup and archival systems may require additional time to fully cycle deletions, but retained copies remain protected and access-restricted during that process.
Retention Requests and Exceptions
You may request deletion or correction of certain personal information, subject to legal, contractual, and operational exceptions.
Where requests cannot be fulfilled immediately, we will document the basis for retention and apply restrictions to further processing where appropriate.