Privacy Policy
Last updated: 2026-06-22
Balence ("we", "us", "our") is operated by Balence AI Sweden AB, org.nr 559561-9163. This policy describes how we collect, use, and protect your personal data when you use our service.
1. What Data We Collect
Account Data
- Name and email address
- Workspace name and role
- Authentication data (managed by Clerk)
Financial Documents
- Invoices, receipts, credit notes, and other documents uploaded to the platform
- Extracted data: supplier names, organisation numbers, amounts, dates, account codes
Communication
- Messages sent in client portal threads
- Document request responses
Email Data
- Emails sent to workspace catch-all addresses for invoice processing
- Sender email address, subject, and PDF attachments
Bank Data
- Bank account numbers, names, and IBANs
- Account balances and transaction history
Tax Data
- Employer declarations (AGD), VAT declarations, and tax account balances from Skatteverket
Usage Data
- Log data (IP address, browser type, timestamps)
2. How We Use Your Data
| Purpose | Legal Basis (GDPR) |
|---|---|
| Providing the service (including document processing, integrations, and notifications) | Performance of contract (Art. 6(1)(b)) |
| AI-powered data extraction | Legitimate interest (Art. 6(1)(f)) |
| Improving the service | Legitimate interest (Art. 6(1)(f)) |
When Balence processes data on behalf of an accounting firm (the data controller), the firm's legal basis applies. Balence acts as a data processor under their instructions.
3. AI Processing
We use AI to extract structured data from uploaded documents.
- All processing happens within EU data centers
- No human review of your documents
- AI providers do not use your data for model training
- Extracted data is stored only within your workspace
4. Where Your Data Is Stored
All financial data and documents are stored and processed within the EU (database, files, email, AI, bank data, tax data).
Authentication is provided by Clerk, Inc. (US, EU-US Data Privacy Framework certified). Only identity data (name, email) is processed by Clerk — no financial data.
See our DPA for the full list of sub-processors and their locations.
5. Who We Share Data With
We never sell your data. We share data only with:
- Sub-processors necessary to provide the service (see our DPA for the full list)
- Third-party integrations you connect (Fortnox, bank via PSD2, Skatteverket)
- Authorities if required by Swedish or EU law
6. Data Retention
- Active accounts: Data retained while the workspace is active
- Deleted workspaces: Data deleted within 90 days
- Client portal users: Data retained as long as the workspace maintains the client relationship
- Documents: Retained in accordance with Swedish bookkeeping requirements (Bokföringslagen) where applicable
7. Your Rights
Under GDPR, you have the right to:
- Access your personal data
- Rectify inaccurate data
- Erase your data ("right to be forgotten")
- Restrict processing
- Data portability — receive your data in a structured format
- Object to processing based on legitimate interest
Workspace members and client users: Contact your accounting firm first, as they are the data controller for your financial data. For account-level requests, contact us directly.
8. Cookies
We use essential cookies only for authentication and session management. We do not use tracking or advertising cookies.
9. Security
We implement appropriate technical and organizational measures to protect your data, including encryption in transit and at rest, role-based access controls, and data isolation between workspaces.
10. Changes
We may update this policy. Significant changes will be communicated via email or in-app notification.
11. Contact
Balence AI Sweden AB
Email: philip@trybalence.com
Website: trybalence.com
You may also contact the Swedish Authority for Privacy Protection (IMY): imy.se