AI Bookkeeper - Automated Bookkeeping with AI

Last Updated: 11/5/2025

Available for Enterprise customers

1. Definitions

Controller: The customer subscribing to AI Bookkeeper services
Processor: AI Bookkeeper Inc.
Personal Data: Data uploaded and processed by the service

2. Scope of Processing

The Processor shall process Personal Data only on documented instructions from the Controller, including with regard to transfers of personal data to third countries or international organizations.

3. Security Measures

The Processor implements:

Encryption of data in transit (TLS 1.3+)
Encryption of data at rest (AES-256)
Regular security audits and penetration testing
Access controls and authentication (MFA required)
SOC 2 Type II compliance

4. Sub-processors

Current sub-processors include:

Amazon Web Services (infrastructure)
Stripe (payment processing)
OpenAI (AI processing)

5. Data Subject Rights

The Processor shall assist the Controller in responding to requests from data subjects exercising their rights under GDPR/CCPA.

6. Data Breach Notification

The Processor shall notify the Controller without undue delay (within 48 hours) after becoming aware of a personal data breach.

7. Audits and Inspections

Enterprise customers have the right to conduct audits of the Processor's data processing activities upon reasonable notice.

8. Data Deletion

Upon termination of services, the Processor shall delete or return all personal data within 30 days, unless legal retention is required.

9. Contact for DPA

To execute a DPA for your Enterprise account, contact dpa@ai-bookkeeper.app

Data Processing Agreement