Privacy Policy

Effective date: June 14, 2026  ·  Presidium Services LLC d/b/a BAD — Books Always Done

1. Who We Are

BAD — Books Always Done ("we", "us", "our") is an automated accounting and bookkeeping service operated by Presidium Services LLC, a Florida limited liability company. Our service is available at booksalwaysdone.com. If you have questions about this policy, contact us at support@getbad.app.

2. Information We Collect

Information you provide

  • Account information — name, email address, and password (or OAuth identity from Google or Microsoft) when you register.
  • Company profile — business name, address, currency, fiscal year settings, and contact information you enter during setup.
  • Financial records — chart of accounts, journal entries, bank transactions, invoices, bills, payee and customer records, and any other accounting data you create or import through the service.
  • Emailed bank statements — when you email a bank statement PDF or ask a financial question to your unique intake address, we store and process that email and its attachments to deliver the service.

Information collected through integrations

  • Bank connection data (via Plaid) — if you connect a bank account, Plaid Technologies, Inc. handles credential authentication directly with your bank. We receive and store read-only access to your bank account details and transaction history. We never see your bank username or password.
  • Telegram — if you connect the Telegram assistant, we store your Telegram user ID and the content of messages you send to the bot in order to respond to your questions.

Information collected automatically

  • IP address, browser type, and device type, logged for security and audit purposes.
  • Session data stored server-side (referenced by a cookie) to keep you logged in.

3. How We Use Your Information

  • To create and manage your account and company profile.
  • To classify your bank transactions, reconcile accounts, and generate accounting reports.
  • To process emailed bank statements — extract transaction data, import it, and send you a confirmation email.
  • To answer plain-English financial questions you send via email or Telegram using an AI assistant.
  • To process payments via Stripe (we never see or store your full card number).
  • To send service notifications such as statement processing confirmations, trial reminders, and account alerts.
  • To detect fraud and maintain the security of the platform.

We do not sell your data. We do not use your financial records or accounting data to train AI models.

4. AI Processing

Transaction classification, statement extraction, and natural-language Q&A features are powered by Anthropic's Claude API. To deliver these features, we send relevant portions of your financial data (such as transaction descriptions and amounts, or your question text) to Anthropic's servers. Anthropic processes this data solely to generate a response; it is not used to train Anthropic's models. Anthropic's privacy policy governs their handling of this data.

AI-generated classifications and answers may contain errors. You are responsible for reviewing the accuracy of your books before relying on them for tax filings, audits, or other legal purposes.

5. Third-Party Services

  • Plaid Technologies, Inc. — bank account connection and transaction data aggregation. Plaid's End User Privacy Policy governs how they handle your bank credentials and data.
  • Anthropic — AI processing for transaction classification and financial Q&A. Financial data is shared only to deliver the requested feature.
  • Stripe — payment processing. Stripe's privacy policy governs card data. We receive only a payment confirmation token.
  • Email provider (SMTP) — used to deliver statement processing confirmations, trial reminders, and account notifications. Email addresses are shared only to send the message.
  • Telegram — if you connect the assistant bot, messages pass through Telegram's servers. Telegram's privacy policy applies.
  • Google / Microsoft — if you sign in via OAuth, we receive your name and email from those providers per their terms.

6. Data Retention

We retain your account data and financial records for as long as your account is active. If you close your account, we will delete your data within 30 days, except where we are required to retain records by applicable law.

7. Security

We use HTTPS for all data in transit. Your financial data is stored on encrypted servers with access restricted to authenticated account holders. Bank connections through Plaid use read-only tokens — we cannot initiate transactions on your behalf. No security measure is 100% foolproof; if you discover a security issue, please contact us immediately at support@getbad.app.

8. Your Rights

You may request a copy of your data, correction of inaccurate data, or deletion of your account by emailing support@getbad.app. We will respond within 30 days.

California residents (CCPA): Under the California Consumer Privacy Act, California residents have the right to know what personal information we collect, to request deletion of that information, and to opt out of the sale of personal information. We do not sell personal information. To exercise your rights, email support@getbad.app with the subject line "CCPA Request."

9. Children

BAD is not directed at children under 13. We do not knowingly collect data from anyone under 13.

10. Changes to This Policy

We may update this policy. We will notify you by email or a notice on the site at least 14 days before material changes take effect. Continued use after that date constitutes acceptance.

11. Contact

Presidium Services LLC d/b/a BAD — Books Always Done
Florida, USA
support@getbad.app