Privacy Policy

We take privacy seriously and protecting your data in BeanBox is very important to us. This policy outlines how we treat Personal Information.

What Personal Information do we collect from the people that visit our app, blog or website?

We collect your contact information when you sign-up to use BeanBox.

BeanBox retrieves and stores data from your accounting software to create the reports for you. The data it retrieves includes your organisation name, repeating invoices, account codes, country, users, timezone and other data needed to provide the figures in your reports.

When do we collect information?

We collect Personal Information from you when you set up an account, subscribe to a newsletter, visit our website, respond to a survey or marketing communication, open an email, click a trackable link in an email, fill out a form, login or enter information on our site. Once connected to your accounting system BeanBox will retrieve up-to-date data from your accounting system regularly.

How do we use your information?

We may use the information we collect from you in the following ways:

  • To create personalised reports for you.
  • To allow us to better service you in responding to your customer service requests.
  • To improve our website.
  • To administer a promotion, survey or other site feature.
  • To quickly process your transactions.
  • To ask for ratings and reviews of services or products.
  • To show advertising and messages.
  • To communicate with you.

How do we protect your information?

Protecting your data in BeanBox is very important to us. We use an SSL certificate to encrypt all information that is passed through the app (

Our database is encrypted at rest, including all backups of the data, using the industry standard AES-256 encryption algorithm for encryption. We use a secure key management system for the encryption keys.  The database is located in a private-subnet and therefore not publicly accessible.

On top of this, all financial amounts from invoice line items are stored using additional encryption in our database. The reports that BeanBox creates for your company will only be seen by you.  We don’t see your reports, or even any invoice line amount. If you have a question about any totals in your reports you’ll need to send us a screenshot, or grant BeanBox temporary visibility to your account in the BeanBox interface.

In what countries is the data stored?

If you are visiting the website from outside the United States, please be aware that you are sending information (including Personal Information) to the United States where our servers are located. Data at times is also transferred to New Zealand, where our developers and support team are based.  That information may then be transferred within the United States or back out of the United States to other countries outside of your country of residence, depending on the type of information and how it is stored by us. These countries (including the United States) may not necessarily have data protection laws as comprehensive or protective as those in your country of residence; however, our collection, storage and use of your Personal Information will at all times continue to be governed by this Privacy Policy.

Do we use ‘cookies’?

Yes. Cookies are small files that enable the site’s or service provider’s systems to recognize your browser and remember certain information. For instance, cookies can be used to keep you logged into the site. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

We use cookies to:

  • Manage your login sessions.
  • Improve your website experience.
  • Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.

If users disable cookies in their browser:

If you turn cookies off, this site will not function properly.

Cookies for Analytics and Advertising

We may use analytics software on our site (such as the Google Analytics) to collect non-personally identifiable information about your activities on this website.

We may also use third-party services to provide such services as conversion tracking and remarketing (such as Google, Perfect Audience, Facebook and Active Campaign). These services use cookies to help us identify the successfulness of our marketing. They also enable us to display adverts and messages to you, on third party websites or in your inbox, based on your engagement with our website or marketing material.

Opting out: Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.  Please note this does not opt you out of being served advertising. You will continue to receive generic ads.

Third-party disclosure

We do not sell or trade your Personal Information to outside parties.

We do use trusted third-party services in operating our business, and at times may transfer your personal details to these services we are using – such as website hosting partners, bulk email providers and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential and only used for BeanBox purposes. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.

However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

Third-party links

Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites. When we referring to recommended services we reserve the right to receive commission if you use these services.

You will be notified of any Privacy Policy changes:

  • On this Privacy Policy Page
  • By email notification or by an announcement notice when you login.

You can change your Personal Information:

  • By logging in and editing your account information.
  • By emailing us

You can access your Personal Information:

To access the Personal Information we have stored about you, visit the Edit Account page and click the button to “Download my Personal Information”.  This provides a PDF download that contains all the Personal Information we store about you. It also includes tracking data that our third-party email system stores about you, including which emails have been sent to you, which ones have been opened, marketing tags applied, etc.

You can delete your Personal Information:

You have the right to delete your Personal Information from BeanBox by deleting your account.  

To do this, visit the Edit account page and click the button that says “Delete Account”.  You will be asked to confirm.  When you confirm, this process deletes your user account from BeanBox, it deletes the Personal Information we have stored about you and deletes you from our third-party email system, including deleting all history from that system about you.

You can delete your company accounting data:

To delete your company data (such as all of your accounting and forecast data) you need to remove all users from the company in BeanBox and then remove yourself from the company or delete your account. The company accounting data will then be deleted.  The Xero company name and Xero ID is retained in our database in the list of companies that have used BeanBox, along with all billing data/invoices for payments the company has made to BeanBox.

You can opt-out of email communications

We collect your email address in order to:

  • Send information, respond to inquiries, and/or other requests or questions
  • Process orders and to send information and updates pertaining to orders.
  • Send you additional information related to your product and/or service
  • Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.

To be in accordance with Unsolicited Electronic Messages Act 2007, we agree to the following:

  • Include clear and accurate contact information in emails
  • Give clear instructions on how to unsubscribe
  • Honour opt-out/unsubscribe requests quickly.

If at any time you would like to unsubscribe from receiving future emails, you can follow the instructions at the bottom of each email and we will promptly remove you from all correspondence.

Personal Information Privacy Breach Notification

If a personal information privacy breach was to occur, we will notify affect people within 72 hours of becoming aware of the breach. We will also follow notification rules for the appropriate jurisdictions. 

For example, In New Zealand, when there is a likelihood that a privacy breach could cause serious harm, we will notify the Privacy Commissioner and the data subjects affected. This is called a “notifiable privacy breach”. 

For individuals in regions covered by GDPR a personal data breach that requires notification is defined as a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. ‘Personal data’ means any information concerning or relating to an identified or identifiable individual. For a data breach that affects individuals in GDPR regions, as well as notifying the individuals, we will also notify the Data Protection Authorities in each European country that had affected individuals. 


Contacting Us

If there are any questions regarding this privacy policy, you may contact us using the information below. – owned by Duoplus Ltd
89 Church Road
New Zealand
Phone +64-800-001-594

Want to see instant projections for your repeating income?

BeanBox takes less than 2 mins to setup.

You get a free trial of the full features. No credit card required.

And you’ll automatically get our free-forever plan after your trial if you don’t need the full features.