Last updated: March 2026

This Privacy Policy explains how SerenAI Ltd, trading as Get Paid App, collects, uses, stores, and protects your personal information when you use the Get Paid App, our website (https://get-paid.app), and related services.

By using our website or the Get Paid App, you agree to the practices described in this Privacy Policy.

Who We Are

This website and app are owned and operated by SerenAI Ltd, trading as Get Paid App, registered in England and Wales (Company Number: 17072969), with a registered office in North London, United Kingdom.

If you have any questions about this Privacy Policy or how we handle your data, please contact us through our contact page.

Data Controller

The Data Controller responsible for your information is SerenAI Ltd. We determine the purposes and methods of processing any personal data collected through this website or the Get Paid App.

What Data We Collect

On Our Website

When you use our website we may collect:

  • Contact information — such as your name, email address, and business details when you submit our contact form.
  • Technical data — including your IP address, browser type, and device information, collected automatically for analytics and security.
  • Usage data — such as the pages you visit and how you interact with our website.

In the Get Paid App

Get Paid is a local-first application. The vast majority of your data never leaves your device. Below is a full description of every category of data the App may access or store.

Information You Enter Directly

  • Business name, address, phone number, email address, and logo (displayed on invoices).
  • Customer names, addresses, phone numbers, and email addresses.
  • Invoice details: line items, quantities, prices, tax rates, discounts, deposits, due dates, payment status, and notes.
  • Products and service descriptions saved for reuse.
  • Payment records and payment method preferences.

This information is stored exclusively on your device using Apple’s CoreData framework. It is never uploaded to our servers.

Location Data

If you enable the Mileage Tracker or “Save Location on Invoice” feature, the App requests access to your device location.

  • Mileage Tracker: GPS coordinates are used to calculate travel distance and time for job costing. This data is stored locally and can be added to an invoice as a line item.
  • Invoice location stamp: your approximate location at the time of creating or completing an invoice may be recorded on that invoice for your own records.

Location data is never transmitted to our servers and is never shared with third parties. You can disable location access at any time in your iPhone Settings.

Camera and Photo Library

The App may request access to your camera or photo library solely to allow you to add your business logo to invoices. The image is stored on your device only and is never uploaded to our servers.

Contacts

If you use the “Import Customer” feature, the App requests read-only access to your Contacts to allow you to quickly populate customer details. Contact data is copied into the App’s local database and the original contact is not modified. We do not sync, upload, or share your contacts.

Face ID / Touch ID (Biometric Data)

If you enable the Biometric Lock feature, the App uses Apple’s LocalAuthentication framework to verify your identity using Face ID or Touch ID before unlocking the App. We do not access, store, or transmit your biometric data at any time. Authentication is handled entirely by iOS.

Diagnostic Logs

If you choose to send a Diagnostic Report (Settings → Support → Send Diagnostic Report), the App generates a plain-text log of recent app events, errors, and performance data. This log contains no personal information, no customer data, and no invoice content. It is only sent if you explicitly tap Send and choose to share it via your email app.

App Preferences (UserDefaults)

The App stores your preferences and settings (such as theme colour, notification preferences, and enabled features) locally in iOS UserDefaults. This data never leaves your device.

Device Storage Information

The App periodically checks available storage on your device to warn you if storage is running low. This check is performed locally — the result is displayed to you only and is never transmitted.

Data We Do NOT Collect

Get Paid does not collect, process, or store any of the following:

  • Advertising identifiers (IDFA) or any tracking identifiers.
  • Behavioural analytics or usage telemetry.
  • Financial account numbers, bank details, or payment card numbers.
  • Passwords or authentication credentials.
  • Any data from third-party data brokers.

We do not track you across other apps or websites. We do not sell, rent, or trade your personal information to any third party.

Legal Basis for Processing Data

We process your personal data under the following legal bases as defined by the UK GDPR:

  • Consent — when you voluntarily submit your information (e.g. via our contact form).
  • Contractual necessity — when data is required to provide the App’s invoicing functionality or to support you as a user.
  • Legal obligation — when we are required to retain information for tax, record-keeping, or legal purposes.
  • Legitimate interest — for improving user experience, website security, and service reliability.

Third-Party Services

Get Paid integrates with the following third-party services. These are all optional and only active if you choose to use the relevant feature.

Apple App Store and StoreKit (subscriptions)

Subscription payments are processed entirely by Apple via the App Store. We never receive or handle your payment card details. Apple’s privacy policy applies: https://www.apple.com/legal/privacy/

Payment processing (Square)

If you enable the “Pay Now” button on invoices, your customers are directed to Square’s own payment page. Get Paid does not process or store any payment card information. Square’s privacy policy applies to transactions completed on their platform.

Email (Mail app)

When you send an invoice or backup file, the App opens your device’s Mail app (or another email app you have configured). The email is composed and sent by your email client — Get Paid does not have access to your email account credentials.

Cookies

Our website uses cookies to enhance functionality and security. If you leave a comment on our site, you may choose to save your name, email, and website in cookies for convenience. These cookies last for one year. You can disable cookies in your browser settings, though doing so may affect website functionality. For full details, see our Cookie Policy.

Embedded Content from Other Websites

Pages on this site may include embedded content (e.g. videos, images, or articles). Embedded content from other websites behaves exactly as if you had visited that website directly. These sites may collect data about you, use cookies, or monitor your interaction with the content.

How We Use Your Data

We use your information for the following purposes:

  • To respond to contact form enquiries or feedback.
  • To provide customer and technical support.
  • To improve our website and app performance.
  • To process App Store subscriptions via Apple.
  • To comply with UK legal and regulatory obligations.
  • To ensure security and prevent spam or abuse.

Who We Share Your Data With

We do not sell, rent, or trade your personal information. We may share limited data with trusted third-party services strictly for operational purposes, such as:

  • Our web hosting provider, for secure storage of website data.
  • Email service providers, for delivering messages and notifications.
  • Apple Inc., solely in connection with App Store subscription billing.
  • Analytics providers (e.g. basic server logs) to monitor traffic and improve performance.

All third-party services we use comply with UK GDPR and maintain appropriate security standards.

Data Storage and Security

In the App: all data you enter is stored locally on your device in Apple’s CoreData database. We do not operate any servers that store your personal invoicing data.

  • Device encryption: your data benefits from iOS device encryption when your device is locked.
  • Biometric lock: you can add an additional layer of protection by enabling Face ID / Touch ID lock in the App settings.
  • Backups: if you use the built-in backup feature, backup files are sent to your own email address and stored by your email provider. Security of that storage is governed by your email provider.

On our website: all website data is stored on secure UK or EU servers protected by firewalls and SSL encryption (HTTPS). Access is restricted to authorised personnel only.

In the event of a data breach in which any user data is compromised, we will notify affected users without undue delay, in accordance with applicable law (including UK GDPR).

How Long We Retain Your Data

  • Contact form submissions are stored for up to 12 months.
  • Analytics and log data are retained for security and diagnostic purposes for up to 90 days.
  • If you leave a comment on our website, the comment and metadata are stored indefinitely to help with spam detection.

In the App, your data remains on your device for as long as the App is installed. You can permanently delete all App data by going to My Account → Danger Zone → Reset All App Data. Uninstalling the App will also remove all locally stored data.

Your Rights Under UK GDPR

Under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, you have the following rights:

  • The right to access the personal data we hold about you.
  • The right to correct inaccurate or incomplete data.
  • The right to request deletion of your data (“right to be forgotten”).
  • The right to restrict processing or object to data use in certain circumstances.
  • The right to request a copy of your data in a portable format.

In the App, you have direct and immediate control — you can view, edit, and delete any record at any time, or use Reset All App Data to wipe everything. To exercise your rights in relation to our website or other data, please contact us through our contact page. We will respond within 30 days as required by law.

Apple Platform Privacy

Get Paid complies with Apple’s App Store Review Guidelines and includes a Privacy Manifest (PrivacyInfo.xcprivacy) declaring all privacy-sensitive API usage. The App declares the following required-reason APIs:

  • UserDefaults — used to store your app settings and preferences on-device only.
  • File Timestamps — used when managing backup files and diagnostic logs.
  • Disk Space — used to warn you when your device storage is running low.

The App does not use the Advertising Identifier (IDFA) and does not participate in Apple’s App Tracking Transparency framework.

Get Paid uses Apple Intelligence to provide on-device text rewriting suggestions for line item descriptions. This feature is processed entirely on your device — no text is sent to SerenAI Ltd or any external server. Apple’s privacy policy governs how Apple Intelligence handles data on your device.

International Data Transfers

We store and process website data within the United Kingdom or European Union. Because all App data is stored locally on your device, no cross-border transfers to our servers take place in relation to your invoicing data. If you use Square for payment processing, Square’s data transfer and privacy policies apply. If website data is ever transferred outside the UK or EU, we ensure appropriate safeguards such as Standard Contractual Clauses (SCCs) are in place.

Children’s Privacy

Get Paid is a professional invoicing tool intended for use by adults running a business. Our website and App are not designed for children under 13. We do not knowingly collect personal information from minors. If you believe a child has provided data to us, please contact us immediately through our contact page and we will take appropriate steps to remove it.

Policy Updates

We may update this Privacy Policy periodically to reflect legal changes or improvements to our services. Any updates will be posted on this page with a revised “Last updated” date. Continued use of the App or website after changes are posted constitutes your acceptance of the updated policy.

Contact for Data Requests

For privacy or data protection enquiries, please reach us via our contact page.

We do not display our email address publicly to reduce spam. Alternatively, you can write to us at our registered business address in North London, UK.

Summary

Your privacy matters to us. We collect only what is necessary, store it securely, and give you full control over your data. The Get Paid App stores all your invoicing data locally on your device only — it is never sent to our servers. We comply with the UK GDPR and the Data Protection Act 2018.

Scroll to Top