Cashent (“we”, “our”, “the platform”) is a cloud-based business management application that helps organizations manage invoices, expenses, clients, employees, inventory, and financial reporting. This Privacy Policy explains what data we collect, how we use it, and your rights regarding your information.
By creating an account or using Cashent, you agree to this policy.
2. Who This Applies To
•Organization administrators — who create and manage an organization account
•Team members (employees) — who are added to an organization by an administrator
•Visitors — who access the platform without an account
3. What Data We Collect
3.1 Account & Organization Data
•Organization name
•Administrator name, email address, and password (stored as a bcrypt hash — never in plain text)
•Team member names, usernames, and passwords (hashed)
•Financial reports: profit & loss, balance sheet, aging data (computed from the above)
3.3 Activity & Audit Data
A log of all create, edit, and delete actions performed within your organization, including which user performed the action and when. This is used for accountability and audit trails.
3.4 AI Assistant Data
When you use the AI Assistant feature, your message and a snapshot of your organization's business data (clients, invoices, employees, expenses, products) is sent to Anthropic's API to generate a response. This includes names, amounts, and identifiers from your account. See Section 6 for details.
3.5 Technical Data
•IP address and browser information (for security and session management)
•Session tokens stored in encrypted HTTP-only cookies
•Error logs (no personal data, used for debugging)
4. How We Use Your Data
Purpose
Data Used
Providing the service (invoices, reports, etc.)
All business data you enter
Authentication and security
Email, hashed password, session token
AI assistant responses
Business data snapshot + your message
Audit trail / accountability
Action logs per user
Improving the platform
Anonymized usage patterns
We do not use your financial data for advertising, profiling, or any purpose outside of operating the service.
5. Data Storage & Security
•All data is stored in a secured cloud database with encrypted connections (TLS/SSL)
•Passwords are hashed using bcrypt and are never stored or transmitted in plain text
•All communication between your browser and our servers uses HTTPS
•Session tokens expire after 6 months of inactivity and are invalidated on logout
•Access to your organization's data is strictly isolated — no other organization can access your data
6. Third-Party Services
Anthropic (AI Assistant)
When you use the AI Assistant, your query and a context snapshot of your business data is sent to Anthropic to power responses. This may include client names, invoice amounts, employee salaries, and expense records.
•You can avoid sharing data with Anthropic by not using the AI Assistant feature
•AI-generated action requests (e.g., bulk updates) are only executed after your explicit confirmation
Database Hosting
Your data is stored with a cloud database provider. Data is encrypted at rest and in transit. We do not authorize the hosting provider to use your data for any purpose other than storage.
No Other Third Parties
We do not sell, rent, or share your data with advertisers, analytics platforms, or any other third parties beyond those listed above.
7. Data Retention
•Your data is retained for as long as your account is active
•If you request account deletion, your organization's data (clients, invoices, employees, expenses, etc.) will be permanently deleted within 30 days
•Activity logs are retained for 12 months for security purposes, then deleted
•Backups may retain data for up to 30 additional days after deletion before being fully purged
8. Employee Data & Admin Responsibility
Organization administrators have full access to all data within their organization, including employee salaries, advances, and personal details. Administrators are responsible for:
•Informing their employees that their data is managed within Cashent
•Ensuring they have the right to enter and process employee personal data
•Managing team member access levels appropriately
Team members (non-admin users) do not have visibility into other employees' personal or financial data unless granted permission by an administrator.
9. Your Rights
Depending on your location, you may have the following rights:
•Access: Request a copy of the data we hold about you
•Correction: Request correction of inaccurate data
•Deletion: Request deletion of your account and all associated data
To exercise any of these rights, contact us at info@cashent.app.
10. Cookies
Cashent uses a single session cookie to keep you logged in. This cookie is:
•HTTP-only — not accessible by JavaScript
•Secure — only sent over HTTPS
•Session-based — with a 6-month expiry
We do not use tracking cookies, advertising cookies, or third-party analytics cookies.
11. Changes to This Policy
We may update this policy as the platform evolves. When we make significant changes, we will notify administrators by email or via an in-app notice. Continued use of the platform after changes constitutes acceptance of the updated policy.
12. Contact
For privacy-related questions, data requests, or concerns: