Privacy Policy

Effective Date:

1. Who We Are

Conto (“we,” “us,” or “our”) is operated by Fatbaby LLC, a California limited liability company. We provide an AI-powered document management and bookkeeping workflow platform for tax professionals, accountants, and their clients.

2. Information We Collect

  1. Account Information. Name, email address, firm or organization name, role, authentication data, and similar identifiers.
  2. Client and Project Information. Names, contact details, notes, uploaded client documents, accounting context, and related metadata.
  3. Financial Documents and Extracted Data. Documents you upload (for example bank statements, invoices, receipts, and tax forms), extracted text, OCR/layout metadata, transaction data, counterparties, suggested categorizations, and related review/audit data.
  4. Accounting Integration Data. If you connect accounting software (for example QuickBooks Desktop), we may process chart of accounts, vendor lists, customer lists, transaction data, bank account metadata, and sync status information needed to provide the integration.
  5. Usage, Analytics, and Device Information. Log data, IP address, browser/device data, pages viewed, feature usage, product events, error diagnostics, and cookie/local-storage identifiers.
  6. Support Communications. Messages and attachments you send to us for support, security, billing, or sales purposes.

3. How We Use Information

We use information to:

  • provide, maintain, secure, and improve the Service;
  • authenticate users and manage access;
  • process documents and extract structured financial data;
  • match counterparties, vendors, accounts, and transactions;
  • sync with accounting software when enabled by you;
  • provide support and troubleshoot errors;
  • analyze Service usage and performance;
  • detect, prevent, and respond to fraud, abuse, or security incidents;
  • comply with legal obligations; and
  • communicate with you about the Service.

4. AI and Document Processing

Conto uses third-party AI and document-processing providers to classify documents, extract text and layout data, identify transactions, normalize payee/vendor names, and suggest accounting treatment. These providers process Customer Data only to provide, maintain, secure, or support the Service, and are configured so Customer Data is not used to train public models or generally available models without your permission.

Document-processing providers may temporarily retain uploaded documents, extracted results, or abuse-monitoring logs according to their service terms and configuration. Provider retention windows differ by service. For example, some Gemini file-processing inputs are auto-deleted within 48 hours, and Azure Document Intelligence analyze results are retained for asynchronous retrieval for up to 24 hours unless deleted sooner. Conto may store extracted text, OCR/layout metadata, structured financial data, citations, and audit records in our own systems as part of the Service records described in this Policy.

5. Sharing of Information

We share information only as needed to operate the Service:

  1. Service Providers (Processors).

    • Database and storage providers
    • Cloud hosting services
    • AI Inference APIs configured so data is not used to train their public models
    • Email delivery services
    • Third-party document processing and AI services - document files and derived extraction outputs may be processed on cloud infrastructure with encryption at rest and in transit, access limited to secure execution environments, and provider-side retention governed by the specific provider service terms and configuration.
    • Accounting software integration providers - for customers using QuickBooks Desktop, processes chart of accounts, vendor lists, and transaction data to enable direct sync; data processed via cloud infrastructure in US region; API request logs retained for operational purposes then permanently deleted; SOC 2 Type II observation period complete (report pending)
    • Product analytics and error-monitoring providers (e.g., PostHog)

    We require service providers to process personal information only on our instructions and for the purposes described in this Policy. A complete list of subprocessors is available upon request by contacting support@helloconto.com.

  2. Your Counterparties. Accountants and the clients they invite necessarily share documents between them.

  3. Legal or Safety Reasons. To comply with law or protect rights, property, or safety.

  4. Business Transfers. In a merger or acquisition, subject to confidentiality.

  5. Aggregated/De-identified Data. Non-identifiable statistics for analytics or marketing.

6. Cookies & Tracking

We use cookies and similar technologies (including local storage) for authentication, security, and product analytics/diagnostics.

Product Analytics & Diagnostics (PostHog)

We use PostHog (PostHog US Cloud) to collect product analytics and diagnostic information to understand how the Service is used, troubleshoot errors, and improve performance and reliability.

Information collected through PostHog may include:

  • account identifiers (e.g., internal user ID and, if configured, email address)
  • firm/organization association (e.g., firm_id and firm_name)
  • pages/screens viewed and navigation events (pageviews and page-leave events)
  • product events and limited metadata (e.g., counts, file type, file size, export format, transaction count, processing provider, selected extraction tier, routing/failure status, processing time, and estimated processing cost)
  • error and exception diagnostics (e.g., JavaScript errors and related technical details)
  • IP address and device/browser information

Product analytics events must not include raw document contents, extracted OCR text, account numbers, payee names, raw transaction descriptions, or exact transaction amounts unless separately disclosed and approved for a specific support or security purpose.

We do enable:

  • Session recording - replays of user interactions (clicks, scrolls, page navigation) to diagnose issues and improve usability. Session recordings may capture page content visible during your session but are configured to mask sensitive input fields.
  • Autocapture - automatic tracking of clicks, form submissions, and other UI interactions to understand feature usage.

We may route analytics requests through endpoints on our domain (e.g., /ph) to improve reliability, which may also allow us to pass IP addresses to our analytics provider for security and approximate location analysis.

PostHog’s privacy policy is available at: https://posthog.com/privacy

Your Choices

  • You can block or delete cookies through your browser settings. If you disable essential cookies, some Service features may break.
  • You may request that we disable non-essential product analytics for your account by contacting us (see Section 12). We may continue to collect limited security and operational logs necessary to protect the Service.

7. Data Retention

  • Account and billing records: retained while your account is active and as required by law.
  • Customer financial documents and extracted records: retained for the period needed to provide the Service and support accounting/tax obligations unless deleted or restricted under your instructions and applicable law.
  • Third-party document-processing inputs/results: retained by providers according to the applicable service configuration and provider terms, then deleted by the provider. Conto may separately retain extracted text, layout metadata, structured financial data, citations, and audit records as Service records.
  • Accounting integration logs: retained by integration providers for operational purposes according to provider terms, then deleted.
  • Analytics and diagnostics: retained according to our business needs and provider configuration; aggregated or de-identified data may be retained longer.

You may request deletion or restriction of personal information, subject to legal, accounting, and security obligations.

8. Security

We use administrative, technical, and organizational safeguards designed to protect information, including encryption in transit, encryption at rest where supported, access controls, audit logging, least-privilege internal access, and vendor due diligence.

No system is perfectly secure. You are responsible for maintaining the confidentiality of your login credentials and controlling access to your account.

9. International and Regional Processing

We primarily operate using United States cloud regions and providers. Some providers use global infrastructure or regional processing based on the configured service region, product type, capacity, or security operations. Cloudflare operates a global edge network. If you need region-specific processing commitments, contact us before uploading regulated data.

10. Your Rights

Depending on your location, you may have rights to access, correct, delete, restrict, object to, or receive a copy of personal information. We honor deletion and access requests from all users where reasonably possible, subject to authentication and legal, accounting, and security obligations.

11. Children’s Privacy

The Service is not directed to children under 13, and we do not knowingly collect information from children.

12. Contact

Questions or requests may be sent to:

Other Versions