Bilox

Privacy Policy

Last updated: March 13, 2025

1. Introduction

Bilox ("we", "our", "us") is a Shopify application that generates EU-compliant electronic invoices in XML format. This Privacy Policy explains how we collect, use, and protect your data when you use our application.

2. Data We Collect

When you install and use Bilox, we access the following data from your Shopify store:

  • Store information: Shop name, domain, email address, and currency.
  • Order data: Order details including customer name, address, line items, taxes, and totals — used solely to generate invoices.
  • Company details: Business name, address, and VAT number that you provide in settings.

We do not collect payment card details, passwords, or any financial account information.

3. How We Use Your Data

Your data is used exclusively to:

  • Generate EU-compliant XML invoices (UBL 2.1, CII, Factur-X, ZUGFeRD, XRechnung).
  • Validate invoices against the EN16931 European standard.
  • Send invoices via the PEPPOL network when configured.
  • Display your invoicing dashboard and usage statistics.

We never sell, rent, or share your data with third parties for marketing purposes.

4. Data Storage and Security

Your data is stored securely on servers located in the European Union (AWS eu-west-1). We use industry-standard encryption (TLS 1.2+) for all data in transit and at rest.

Invoice data is stored in a PostgreSQL database hosted on Supabase with row-level security and encrypted connections.

5. Third-Party Services

Bilox may connect to the following third-party services:

  • PEPPOL Access Point providers (Storecove, Qvalia): Only when you configure PEPPOL sending. Invoice data is transmitted to deliver e-invoices to your clients.
  • Shopify: We access your store data through the Shopify API under the permissions you grant during installation.

6. Data Retention

We retain your invoice data for as long as your Bilox account is active. When you uninstall Bilox, your session data is removed. Generated invoices and company settings are retained for 30 days after uninstallation, then permanently deleted.

7. Your Rights (GDPR)

As a user in the European Union, you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data.
  • Export your data in a portable format.
  • Withdraw consent at any time by uninstalling the app.

To exercise any of these rights, contact us at support@bilox.app.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes through the app or via email. Continued use of Bilox after changes constitutes acceptance of the updated policy.

9. Contact Us

If you have any questions about this Privacy Policy, please contact us:

Email: support@bilox.app