Does Folio sell my data?

No. We do not sell, rent, or share your data with third parties for advertising or marketing purposes. Your data is used solely to operate the Folio service.

How can I delete my data?

You can request complete data deletion at any time by contacting privacy@getfolio.pages.dev. We will delete all account data, client records, and uploaded documents within 30 days, except where retention is required by law.

Home

Legal

Privacy Policy

How we collect, use, store, and protect data — yours and your clients'.

Last updated: May 12, 2026

1. Who we are

Folio ("Folio", "we", "us", "our") is a client portal product for accounting professionals. Our registered address and data controller contact is privacy@getfolio.pages.dev.

2. What data we collect

Account data. When you sign up we collect your name, email address, and workspace details. We use this to operate your account and communicate with you about the service.

Client data. You may enter your clients' names, email addresses, and phone numbers to send them document requests. This data is processed on your behalf as a data processor under GDPR. You are the data controller for your clients' data.

Uploaded files. Documents your clients upload through magic link portals are stored in Cloudflare R2 (encrypted at rest) and are accessible only to you and members of your workspace.

Usage data. We collect standard server logs including IP addresses, browser type, and pages visited for security and performance purposes. We do not sell this data.

Payment data. We do not store card numbers. Subscription billing is handled by Polar. If you connect Stripe for client invoicing, your Stripe credentials are encrypted at rest and used solely to create payment links on your behalf.

3. How we use your data

We use data to: operate and improve the Folio service; send you transactional emails about your account and requests; respond to support queries; comply with legal obligations; and detect and prevent fraud or abuse.

We do not use your data for advertising. We do not sell or rent your data to third parties.

4. Legal bases (GDPR)

Where GDPR applies, we process personal data under: contract (to deliver the service you subscribed to); legitimate interests (security, fraud prevention, service improvement); and legal obligation (where required by law).

Client data you enter is processed under your instruction as a data processor. See our Data Processing Agreement for details.

5. Data storage and transfers

Folio is built on Cloudflare's global infrastructure. Data may be stored and processed in the EU, United States, or other regions where Cloudflare operates. All transfers are covered by appropriate safeguards including Standard Contractual Clauses.

6. Retention

We retain account data while your subscription is active and for 30 days after cancellation to allow recovery. Uploaded documents are retained until you delete them or close your account. Workspace and audit data may be retained for up to 7 years to comply with financial record-keeping obligations.

7. Your rights

Under GDPR and applicable law, you have the right to access, correct, export, or delete your personal data. To exercise any right, contact privacy@getfolio.pages.dev. We will respond within 30 days. If you believe we have mishandled your data, you have the right to lodge a complaint with your local data protection authority.

8. Cookies

We use only strictly necessary cookies for session authentication. We do not use tracking or advertising cookies. No third-party analytics scripts are loaded on client portal pages.

9. Children

Folio is not directed at persons under 16. We do not knowingly collect data from minors.

10. Changes to this policy

We will notify you by email of material changes at least 14 days before they take effect. Continued use of the service after that date constitutes acceptance.

11. Contact

Questions about this policy: privacy@getfolio.pages.dev