Legal
Last updated 18 July 2026
This page explains what bank2tally (operated by Shuraim Abdul Aziz, "we", "us") does with your data.
The bank statement PDF you upload is processed entirely in memory to generate your Tally XML or Excel file. It is never written to disk and never stored — once your download completes, it's gone. We keep only metadata about the conversion (date, file name, bank, number of transactions) so your account has a history — never the transaction contents themselves.
We store your email address, a hashed password (we never see or store your password in plain text), and your usage/credit balance. This is held in a managed Postgres database (Supabase) with restricted access.
Payments are handled entirely by Paddle.com Market Limited, our merchant of record. We never see or store your card details — Paddle collects and processes them directly. Paddle shares with us only what's needed to grant your purchased credits (email, purchase amount, transaction ID).
We use a session cookie to keep you signed in, and a short-lived cookie to track your one free trial conversion before you create an account. No third-party tracking or advertising cookies.
We use Supabase (database hosting), Render (application hosting), Paddle (payments), and Resend (transactional email) to run bank2tally. Each processes the minimum data needed for their function under their own privacy policies.
You can request a copy of your account data or ask us to delete your account and associated data at any time by emailing us.
Questions about this policy: shuraimabdulaziz.2022@gmail.com