Privacy Policy (v2026-01)

Effective Date: Jan 15, 2026

1. Who We Are

Fatbaby LLC (“Conto,” “we,” “our,” or “us”) provides an AI-enabled platform that helps U.S. tax professionals manage and collect client documents. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information.

2. Scope & U.S.-Only Service

Conto is intended for use solely within the United States. By using the Service, you consent to your information being stored and processed in the United States, including by U.S.-hosted service providers (such as analytics and error-monitoring vendors).

3. Information We Collect

Category	Examples	Purpose
Account Data	Name, email, internal user ID, account creation date	Account creation, login, support
Firm / Organization Data	Firm name, firm identifier, membership/role (if applicable)	Account administration; B2B analytics; service delivery
Client Data	Client names/emails entered by accountants	Sending document requests
Documents & Extracted Data	Tax forms (W-2, 1099), receipts, SSNs contained therein	Provide core Service (classification, extraction, storage)
Accounting Software Data	Chart of accounts, vendor lists, transaction data, bank account information	QuickBooks Desktop integration and sync
Usage Data (Analytics & Diagnostics)	IP address; device/browser info; pages/screens viewed; product interaction events; file metadata such as file type and file size; error/exception diagnostics (e.g., JavaScript errors, stack traces); analytics identifiers (cookies/local storage identifiers)	Product analytics, performance, debugging, security
Communications	Support emails, in-app messages	Respond to inquiries, improve Service

4. How We Use Information

Provide, maintain, and improve the Service
Facilitate document requests and secure uploads
Operate AI models, including third-party data processing services, to classify and extract data
Enable QuickBooks Desktop integration and transaction sync
Monitor usage, diagnose errors, and improve product performance and reliability (including via product analytics and error monitoring)
Monitor security and prevent fraud
Send transactional emails via email delivery services and, with consent, product updates
Meet legal obligations and enforce Terms

We do not sell personal information. We share it only with:

Service Providers (Processors).
- Database and storage providers
- Cloud hosting services
- AI Inference APIs configured so data is not used to train their public models
- Email delivery services
- Third-party document processing services – data stored on cloud infrastructure with encryption at rest and in transit, access limited to secure execution environments, files deleted after 24 hours and never used for training; SOC 2 Type II, HIPAA pipelines available
- Accounting software integration providers – for customers using QuickBooks Desktop, processes chart of accounts, vendor lists, and transaction data to enable direct sync; data processed via cloud infrastructure in US region; API request logs retained for operational purposes then permanently deleted; SOC 2 Type 2 observation period complete (report pending)
- Product analytics and error-monitoring providers (e.g., PostHog)
We require service providers to process personal information only on our instructions and for the purposes described in this Policy. A complete list of subprocessors is available upon request by contacting support@helloconto.com. We notify customers with Data Processing Agreements at least 14 days in advance of material changes to our subprocessor list.
Your Counterparties. Accountants and the clients they invite necessarily share documents between them.
Legal or Safety Reasons. To comply with law or protect rights, property, or safety.
Business Transfers. In a merger or acquisition, subject to confidentiality.
Aggregated/De-identified Data. Non-identifiable statistics for analytics or marketing.

6. Cookies & Tracking

We use cookies and similar technologies (including local storage) for authentication, security, and product analytics/diagnostics.

Product Analytics & Diagnostics (PostHog)

We use PostHog (PostHog US Cloud) to collect product analytics and diagnostic information to understand how the Service is used, troubleshoot errors, and improve performance and reliability.

Information collected through PostHog may include:

account identifiers (e.g., internal user ID and, if configured, email address)
firm/organization association (e.g., firm_id and firm_name)
pages/screens viewed and navigation events (pageviews and page-leave events)
product events and limited metadata (e.g., counts, file type, file size, export format, transaction count)
error and exception diagnostics (e.g., JavaScript errors and related technical details)
IP address and device/browser information

We do not enable:

session recording
automatic click/form tracking (autocapture)

We may route analytics requests through endpoints on our domain (e.g., /ph) to improve reliability, which may also allow us to pass IP addresses to our analytics provider for security and approximate location analysis.

PostHog’s privacy policy is available at: https://posthog.com/privacy

Your Choices

You can block or delete cookies through your browser settings. If you disable essential cookies, some Service features may break.
You may request that we disable non-essential product analytics for your account by contacting us (see Section 12). We may continue to collect limited security and operational logs necessary to protect the Service.

7. Data Security

TLS encryption in transit; database encryption at rest
Role-based access controls; audit logging
Regular patching and security monitoring
Documents processed by third-party processing services are stored on cloud infrastructure with encryption at rest and in transit, access restricted to secure execution environments, and deleted after 24 hours without being used for training
Accounting software integration data is encrypted in transit (TLS) and at rest (AES-256); API request logs retained temporarily for operational purposes then permanently deleted
No internet transmission is 100% secure. You use Conto at your own risk.

8. Data Retention

We keep personal data as long as needed to provide the Service and comply with legal obligations. Deletion occurs upon (i) your request, (ii) account closure, or (iii) the end of required retention periods. Backup data is purged on a rolling schedule. When we use third-party document processing services for analysis, their systems delete files after 24 hours and do not retain them for training.

For QuickBooks Desktop integration, our service providers retain API request logs for 15 days for operational purposes, then permanently delete them. They do not permanently store your accounting software data.

Product analytics and diagnostic data is retained for a period consistent with our legitimate business needs and our service provider configurations. Depending on our plan and configuration, analytics and diagnostic data may be retained for multiple years. We may retain aggregated or de-identified analytics data for longer periods.

9. Your Rights

Access / Correction. View or update account info in-app or by request.
Deletion. Request erasure of personal data (subject to legal exceptions).
Opt-out of Non-essential Emails. Use unsubscribe links or contact us.
Analytics Preferences. You may request that we disable non-essential product analytics for your account by contacting us.
California Users. We honor CCPA rights even if we are below formal thresholds; submit requests via the contact information below.

10. Children’s Privacy

The Service is not directed to children under 13. We do not knowingly collect their data. Contact us if you believe we have inadvertently done so.

11. Changes to This Policy

We may revise this Policy periodically. Material changes will be posted in the Service or emailed to account holders.

12. Contact Us

For privacy questions or to submit a request to access, correct, or delete personal information, contact us at:

Email: support@helloconto.com