At Autherise, we are committed to protecting your privacy and ensuring the security of your personal and business data. This Privacy Policy explains how we collect, use, and safeguard your information.
This Privacy Policy describes how Autherise Inc. (A Delaware corporation, trading as "Autherise", "we", "us", or "our") collects, uses, and protects your personal information when you use our VAT compliance platform and related services.
The Autherise platform is powered and supported by CapEdge Technologies, LLC and operated by Autherise Inc. Autherise Inc. operates in various territories and countries via its subsidiaries and partners.
Autherise Inc. is the data controller responsible for your personal data. We are registered in the State of Delaware, United States.
This policy applies to all users of our website, platform, and services, including visitors, trial users, and paying subscribers. It covers data collected through our web application, mobile applications, APIs, and any other services we provide.
We comply with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant privacy regulations.
We collect information you provide directly, such as when you:
We automatically collect certain information when you use our services through cookies, analytics tools, and similar technologies.
We may receive information from:
Under GDPR, we process your personal data based on the following legal grounds:
Processing is necessary to provide our services to you, including VAT calculations, return generation, and compliance management.
We are required to process certain data to comply with tax regulations, anti-money laundering laws, and other legal requirements.
We process data for legitimate business purposes, including fraud prevention, service improvement, and marketing (where you have not opted out).
For certain processing activities, such as marketing communications and non-essential cookies, we rely on your explicit consent, which you can withdraw at any time.
When you authorize us to submit VAT returns on your behalf, we share the necessary information with relevant tax authorities in the applicable jurisdictions.
We work with trusted third-party service providers who process data on our behalf:
We do not sell your personal information to third parties for marketing purposes.
In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity, subject to the same privacy protections.
We may disclose data when required by law, court order, or government request.
Your data may be transferred to and processed in countries outside your country of residence, including the United States and other jurisdictions where our service providers operate.
When transferring data internationally, we ensure appropriate safeguards are in place:
For transfers from the European Economic Area to the United States, we rely on Standard Contractual Clauses and other approved mechanisms to ensure adequate protection.
We retain your data only as long as necessary for the purposes described in this policy and as required by law.
Tax authorities in various jurisdictions require businesses to retain financial records for extended periods. We help you comply with these requirements by securely storing relevant data.
When data is no longer needed, we securely delete or anonymize it. You can request deletion of your data subject to legal retention requirements.
We implement industry-standard security measures to protect your data from unauthorized access, disclosure, alteration, or destruction.
In the event of a data breach that affects your personal data, we will notify you and the relevant supervisory authorities within 72 hours as required by GDPR.
If you are in the European Economic Area (EEA) or UK, you have the following rights under GDPR:
You can request a copy of the personal data we hold about you.
You can request correction of inaccurate or incomplete personal data.
You can request deletion of your personal data, subject to legal retention requirements.
You can request your data in a structured, commonly used, machine-readable format.
You can request that we limit how we use your data in certain circumstances.
You can object to processing based on legitimate interests or for direct marketing purposes.
You have the right not to be subject to decisions based solely on automated processing.
To exercise any of these rights, please contact us at legal@autherise.com. We will respond within 30 days.
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
You can request disclosure of the categories and specific pieces of personal information we have collected about you.
You can request deletion of your personal information, subject to certain exceptions.
We do not sell personal information. However, if this changes, you will have the right to opt out.
We will not discriminate against you for exercising your privacy rights.
You may designate an authorized agent to make requests on your behalf with proper verification.
Our services are designed for businesses and are not intended for individuals under the age of 18.
We do not knowingly collect personal information from children. Users must be at least 18 years old to create an account.
If we become aware that we have collected personal information from a child, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us.
Our platform may contain links to third-party websites, services, or integrations. This Privacy Policy does not apply to those third parties.
We are not responsible for the privacy practices of external websites. We encourage you to review the privacy policies of any third-party sites you visit.
When you connect third-party services (such as accounting software), those services may collect and process data according to their own privacy policies.
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements.
We will notify you of material changes by:
Changes become effective when posted unless otherwise specified. Your continued use of our services after changes take effect constitutes acceptance of the updated policy.
We encourage you to periodically review this Privacy Policy to stay informed about how we protect your data.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Autherise Inc.
A Delaware corporation
Trading as: Autherise
Platform powered by: CapEdge Technologies, LLC
Autherise Inc. operates in various territories and countries via its subsidiaries and partners.
Privacy Inquiries: legal@autherise.com
General Support: hello@autherise.com
We aim to respond to all privacy-related inquiries within 30 days. Complex requests may require additional time, and we will keep you informed of any delays.
If you are in the EEA or UK and are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.