Privacy Policy

Last updated: April 2025

1. Who we are

Inuio is operated by Inuio Limited, based in New Zealand. We provide automated invoice chasing and ESG emissions reporting tools for NZ and AU businesses. Contact us at hello@inuio.co.nz.

2. What data we collect

  • Account data: your name, email address, and company name when you sign up.
  • Xero data: invoice details, contact names, and email addresses synced from your Xero account to enable invoice chasing and emissions calculations.
  • Company profile data: logo, address, phone, and website you optionally provide for ESG report branding.
  • Usage data: basic logs of actions taken within the app for security and debugging purposes.

3. How we use your data

  • To provide and operate the Inuio services you have signed up for.
  • To send invoice chase emails on your behalf to your customers.
  • To calculate your carbon emissions from your Xero bill data.
  • To send you transactional emails (account, billing, trial expiry).
  • To notify our team of new signups for onboarding purposes.

We do not sell your data to third parties. We do not use your data for advertising.

4. Invoice PDFs

When chasing an invoice, we fetch the original PDF from Xero, attach it to the chase email, and immediately delete it from our servers. Invoice PDFs are never stored by Inuio.

5. Third-party services

We use the following third-party services to operate Inuio:

  • Xero — accounting data integration.
  • SendGrid — transactional email delivery.
  • Stripe — payment processing. We do not store card details.

6. Data retention

We retain your account data for as long as your account is active. If you close your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or compliance purposes.

7. Your rights

Under the New Zealand Privacy Act 2020, you have the right to access, correct, or request deletion of your personal information. To exercise these rights, email us at hello@inuio.co.nz.

8. Security

We use industry-standard security practices including HTTPS encryption, OAuth2 for third-party connections, and restricted access to production systems. Xero tokens are encrypted at rest.

9. Changes to this policy

We may update this policy from time to time. We will notify you of material changes by email. Continued use of our services after changes take effect constitutes acceptance of the updated policy.

10. Contact

Privacy questions or requests? Email us at hello@inuio.co.nz.