Privacy Policy
Last updated: July 1, 2026
cashboard (the “Service”) is an internal bookkeeping tool operated by Global Consulting Ina Varazhbianava-Maroz(“we”, “us”). It aggregates our own company bank accounts — balances and transactions — to support accounting, reconciliation and reporting. This policy explains what data the Service handles and how.
Who we are (data controller)
The Service is operated by Global Consulting Ina Varazhbianava-Maroz, a business established and operating under the laws of Poland, with its registered place of business at Gołębia 6/43, 90-340 Łódź, Poland (tax identification number NIP 7282823608). For any data-protection matter, contact eb5guide.hq@gmail.com.
Data we process
- Account & sign-in data: your email address and a hashed password. Users are created inside the system by an administrator; there is no public sign-up.
- Bank account information:accessed through Enable Banking (a licensed Account Information Service Provider) with your explicit consent given on your bank’s own screen — account identifiers (name, IBAN, currency), balances, and transaction details (amounts, dates, counterparties, references and remittance text).
- Documents you add: invoices and related files you upload, and any contract links you attach.
- Technical data: standard server logs from our hosting provider.
How we use it
Data is used solely to operate the Service: to display balances and cash flow, match counterparties, attach invoices, and produce reports. We do not sell your data or use it for advertising.
Bank access & consent
Bank connections are established under PSD2 through Enable Banking Oy, which holds the required AISP licence. Access is read-only (Account Information only — we never initiate payments) and is granted for a limited consent period (up to 90 days), after which you re-authorise. You can withdraw consent at any time with your bank or by disconnecting the account.
Service providers
- Enable Banking Oy— licensed AISP that connects to your bank and relays account data.
- Vercel— application hosting and file storage (Vercel Blob).
- Prisma / PostgreSQL— managed database where account and transaction records are stored.
Retention
Records are kept for as long as the account is active and as needed for bookkeeping and legal obligations. You can request deletion of your user account and associated data.
Security
Connections use TLS in transit, passwords are stored only as bcrypt hashes, database access is over verified TLS, and the application is protected by authentication. No system is perfectly secure, but we take reasonable measures appropriate to financial data.
Your rights
Subject to applicable law (including the GDPR where relevant), you may request access to, correction of, or deletion of your personal data, and you may withdraw consent for bank access. To exercise these rights, contact us at eb5guide.hq@gmail.com.
Changes
We may update this policy; material changes will be reflected by the “Last updated” date above.
Contact
Questions about this policy or your data: eb5guide.hq@gmail.com.