Privacy Policy

Last updated: May 17, 2026

Bank2XL ("we", "us", "the Service") provides a Chrome extension and web app that converts PDF bank statements to Excel, CSV, QBO, OFX, and QFX files. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

The short version: Your uploaded PDFs are processed in memory. By default, we also keep a copy in an encrypted debug vault for 24 hours so the team can investigate failed extractions and improve accuracy — then the file is automatically deleted. You can opt out of that retention per upload via a checkbox in the extension Settings, in which case nothing is ever written to disk. We do not sell or share your data, and do not train AI on your content. We use a third-party AI provider (Google Gemini via OpenRouter) for the conversion — they do not retain or train on your content under our API terms.

1. Information we collect

1.1 Files you upload

When you upload a PDF bank statement, we receive the file and process it to extract its content. We use the file solely to produce the requested output (Excel, CSV, QBO, OFX, QFX, or JSON).

1.2 Account information

During the public beta, we do not maintain an account database. Bank2XL is free, with no signup and no credit card. The only emails we hold are: (a) support / privacy / security emails you send us, kept while the thread is active and then archived per our retention schedule; and (b) launch-notification waitlist emails — if you click "Get notified when the extension launches" on the homepage, we store your email solely to send the Chrome Web Store install link and product updates. You can unsubscribe at any time by replying to any such email. Once paid plans launch (we’ll announce 30 days in advance), subscribers will provide an email address and have their payment processed by Stripe (or a similar PCI-compliant processor) — we will never store full card numbers ourselves.

1.3 Usage data

We record basic technical information for service health and abuse prevention: timestamps of conversions, number of pages processed, success/failure status, and your IP address (truncated). We do not record the contents of your statements in this telemetry.

1.4 Chrome extension permissions

The Chrome extension requests the minimum permissions needed:

storage — to remember your settings, recent conversions, and free-tier counter locally on your device.
downloads — to save the converted Excel file to your device.

The extension also declares a single host permission for https://api.bank2xl.app/* so it can send your file to our converter API. It does NOT request access to your browsing history, all websites, or any banking sites. It only acts on files you explicitly hand it.

2. How we use your information

Purpose	Data used
Convert your PDF to spreadsheet	The uploaded file, held in memory during conversion. By default, also kept for 24h in an encrypted on-disk debug vault, then auto-deleted. Tick the opt-out box in extension Settings to skip the vault.
Enforce the daily free-tier quota and prevent abuse	A random per-install identifier (UUID, generated by the extension, stored on your device) and a truncated client IP. Counters reset daily at 00:00 UTC.
Service reliability and fraud prevention	Usage logs (timestamps, page counts, truncated IP). No file content.
Improve the model (aggregate only)	De-identified accuracy metrics (e.g., reconciliation rate) — never file content.
Future: authenticate and bill paid plans (not active during the public beta)	Email address and Stripe customer ID, only after a user signs up for a paid plan.

We do not use your statement content to train AI models. We do not sell your data to advertisers, brokers, or any third party.

3. Third-party providers

To run the Service we share limited information with:

Provider	Purpose	What they receive
OpenRouter (LLM router)	Send a rasterized page image to the LLM. We route via OpenRouter's Zero Data Retention tier for upstream providers that honour it.	One image per statement page; no metadata
Google (Gemini API)	OCR + extraction (called via OpenRouter). Per Gemini API additional terms, paid-tier inputs and outputs are not used to improve Google products.	The image content for inference only; not retained per Google API terms
Datalab (Chandra OCR)	Fallback OCR for low-quality scans. Datalab's privacy policy documents their managed-platform zero-data-retention posture for API customers.	Rasterized page images for inference; no statement metadata
Cloudflare	Edge TLS, CDN, DDoS protection, bot management for bank2xl.app and api.bank2xl.app	Request metadata (URL, method, IP, user agent) for routing and abuse mitigation
PostHog (EU instance, eu.i.posthog.com)	Product analytics on the marketing site (bank2xl.app)	Page views, anonymous distinct ID stored in a first-party cookie. Never receives statement content or uploaded files.
Future: Stripe	Payment processing — not active during the public beta	Email, billing address, card details (held by Stripe). No payment data collected until paid plans launch.

Each provider operates under its own privacy policy. We choose providers with strict no-training and no-retention defaults for content data.

4. Retention

Uploaded PDF files: kept for up to 24 hours by default, then auto-deleted. Held in an encrypted on-disk vault (root-only, mode 0700) for debugging accuracy issues; an hourly sweeper deletes anything older than 24h. Tick the opt-out checkbox in extension Settings to skip the vault entirely — in that case the file is held in memory only and never written to disk. To request immediate deletion of a specific upload, email privacy@bank2xl.app with the job ID.
Generated Excel/CSV outputs: returned to your browser, not stored. Result pages stay reachable only while the conversion is in memory; once the server restarts or the in-memory entry is evicted, the result is gone.
Account information: not collected during the public beta. There is no signup flow and no Stripe billing record. When paid plans launch, account email + Stripe customer ID will be retained while the account is active and deleted within 30 days of account closure, subject to legal / tax obligations.
Aggregate telemetry (timestamps, page counts, success/failure, truncated IP prefix, never file content): may be retained indefinitely for product reliability and abuse prevention.
Per-install identifier (the UUID the extension generates on first run): used solely for daily rate limiting; counters reset at 00:00 UTC and we don’t join this UUID to any other identifier on our side.

5. Security

We use TLS for all data in transit. Files at rest are encrypted with AES-256. Access to production systems is restricted to a small number of engineers with two-factor authentication. We follow industry-standard practices but cannot guarantee absolute security; please use the Service only with statements you are willing to upload to a cloud SaaS.

6. Your rights

You can at any time:

Request a copy of any personal information we hold about you (during the beta this is typically limited to support-email history and any vaulted upload that hasn’t aged out yet).
Request immediate deletion of any specific upload by emailing privacy@bank2xl.app with the job ID; we delete within one business day.
Withdraw consent for processing — uninstall the extension and any cached identifiers are gone from your device. Server-side counters age out at 00:00 UTC.
Skip the 24h debug retention entirely by ticking the opt-out checkbox in the extension Settings page.

Residents of California (CCPA), the EU/UK (GDPR), and other jurisdictions with similar laws have additional statutory rights. Contact us at privacy@bank2xl.app to exercise them. We do not sell personal information under any definition of "sell" in CCPA.

7. Children

The Service is not directed at children under 13 (or 16 in the EU). We do not knowingly collect data from children. If you believe a child has used the Service, contact us and we will delete the associated account.

8. Changes

We may update this Policy. Material changes will be announced via email to account holders and via a banner on the landing page. Continued use of the Service after a change constitutes acceptance.

9. Contact

Bank2XL
Email: privacy@bank2xl.app
Operator: Dmitry Ivanov, Montenegro