Privacy Policy

Last updated: March 11, 2026 — Effective immediately for all accounts.

1. Who We Are

EZDocPro is an AI-powered accounting, bookkeeping, and document management platform operated by ABCD Systems ("we," "us," or "our"). Our registered contact is support@ezdocpro.com.

This Privacy Policy governs the collection, use, storage, and sharing of information when you use EZDocPro, including the core accounting platform and any activated Add-Ons (Legal Documents, Medical Billing).

2. Information We Collect

2.1 Account & Identity Data

  • Name, email address, company name, and phone number provided at registration
  • Billing address and payment method details (processed via Square; we do not store raw card numbers)
  • Employee profiles added by account administrators (name, job title, department, HR roles)

2.2 Business & Financial Data

  • Documents, invoices, receipts, and statements uploaded for AI extraction
  • Bank account information and transaction data synced via Plaid (read-only access)
  • Chart of accounts, journal entries, budgets, payroll records, and reports you create

2.3 Legal Documents (Add-On)

  • Legal document content you generate, edit, or accept through the Legal Add-On
  • Accepted (frozen) documents are archived to Backblaze B2 encrypted object storage
  • AI prompts and generation metadata are logged for compliance auditing

2.4 Medical Billing (Add-On)

  • Patient encounter descriptions and billing codes entered by authorized staff
  • Billing session records, claim data, and code search queries
  • No Protected Health Information (PHI) beyond what you choose to enter is collected or transmitted to third-party AI services without anonymization

2.5 Usage & Technical Data

  • IP address, browser type, and access timestamps (server logs)
  • Feature usage patterns and page interaction data (anonymized analytics)
  • API call metadata for rate limiting and abuse prevention

3. How We Use Your Information

  • Service delivery: Providing AI document extraction, bank sync, payroll, reporting, and Add-On features you've activated
  • Billing: Processing subscription payments and usage-based charges via Square
  • AI processing: Documents and descriptions are sent to Google Gemini API for extraction and AI-assisted features. Data is transmitted over HTTPS and not used to train Google's models under our API agreement
  • Security: Fraud detection, authentication, and access control enforcement
  • Legal compliance: Responding to lawful requests and maintaining audit trails
  • Product improvement: Aggregated, anonymized usage data to improve features

4. Data Sharing & Third Parties

We do not sell your personal or business data. We share data only with:

Partner Purpose Data Shared
SquarePayment processingBilling details only
PlaidBank account syncBank credentials (encrypted token only)
Google GeminiAI extraction & generationDocument content (anonymized where possible)
Backblaze B2Encrypted document archiveAccepted legal documents (encrypted at rest)
BrevoTransactional emailEmail address + message content
GoDaddyWeb hosting infrastructureAll data (hosted on their servers)

5. Data Security

  • All connections are encrypted via HTTPS/TLS 1.2+
  • Passwords are hashed using bcrypt (never stored in plain text)
  • Database credentials and API keys are stored in server-level environment configs, not in public code
  • Accepted legal documents are stored with Object Lock enabled on Backblaze B2 (immutable, server-side encryption)
  • Plaid bank tokens are encrypted at rest; we never store your banking username or password
  • Role-based access control (RBAC) limits data access by employee HR role and plan permissions

6. Data Retention

  • Active account data: Retained indefinitely while your account is active
  • Cancelled accounts: Data retained for 90 days after cancellation, then purged from live systems
  • Accepted legal documents (B2 archive): Retained per your company's document retention policy; you may request deletion via support
  • Server logs: 30-day rolling retention
  • Backup snapshots: 7-day rolling backups for disaster recovery

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access a copy of the personal data we hold about you
  • Correct inaccurate data in your account settings or by contacting us
  • Delete your account and associated data (subject to legal retention requirements)
  • Port your data via CSV/JSON export from your account settings
  • Opt out of non-essential communications at any time

To exercise any right, email support@ezdocpro.com with subject line "Privacy Request."

8. HIPAA Notice (Medical Billing Add-On)

If you use the Medical Billing Add-On, you are responsible for ensuring your use of EZDocPro complies with HIPAA where applicable. EZDocPro:

  • Does not function as a covered entity or business associate under HIPAA by default
  • Recommends that users do not enter identifying patient data (names, SSNs, DOBs) in free-text fields sent to AI services
  • Provides a Business Associate Agreement (BAA) upon written request for qualifying enterprise customers

9. Cookies

EZDocPro uses session cookies for authentication and preferences only. We do not use third-party advertising cookies or tracking pixels. You may disable cookies in your browser, but this will prevent login.

10. Changes to This Policy

We may update this policy periodically. Material changes will be notified via email to the account owner. Continued use of EZDocPro after changes constitutes acceptance of the revised policy.

11. Contact

Questions about this Privacy Policy: support@ezdocpro.com
ABCD Systems — support@abcdsystems.com

© 2026 ABCD Systems / EZDocPro. All rights reserved.
Terms of Service Back to Home