Privacy Policy

We collect information you provide directly and information generated through your use of the Software:

• *Account information:** name, email address, phone number, password (stored hashed), company name, company TIN, fiscal calendar preference, and subscription plan.

• *Business and financial data:** sales and purchase records, journal entries, chart of accounts, assets, tax returns, receipts, invoices, and uploaded documents.

• *Payroll and HR data:** employee names, employee IDs, salaries, tax and pension details, bank account information, and related payroll records you enter.

• *Government portal credentials:** eTax, SSL VPN, and TASS usernames and passwords you choose to store (encrypted at rest).

• *AI interactions:** questions you ask the AI assistant and related usage metadata.

• *Technical and security data:** IP addresses, user agents, session data, audit logs, and security events related to your account.

We use your information to: • Provide, operate, and maintain the Software; • Verify your company TIN during registration; • Send SMS verification codes for account security; • Process subscription payments; • Run tax calculations, accounting workflows, and government portal automations you request; • Extract data from receipt images using AI; • Provide AI-assisted compliance checks and support; • Enforce plan limits and prevent abuse; • Communicate service announcements and legal updates; • Maintain audit trails and improve security.

We do not sell your personal or business data to third parties.

We process your data primarily to perform our contract with you (providing the Software), to comply with legal obligations where applicable, and for legitimate interests such as security monitoring, fraud prevention, and service improvement. Where required, we rely on your consent—for example, when you agree to these terms and privacy policy at registration.

We may share data with trusted service providers who assist us in operating the Software, subject to appropriate safeguards:

• **Supabase** — database hosting and file storage;
• **Google Gemini** — AI receipt extraction, chat, embeddings, and compliance assistance;
• **GeezSMS** — phone number verification via OTP;
• **AddisPay** — subscription payment processing;
• **Cloud hosting providers** (e.g., AWS EC2) — application infrastructure.

Government portal automations interact with official Ministry of Revenue systems (eTax, TASS) only when you authorize credentials and request an automation.

We may disclose information if required by law, court order, or to protect the rights, safety, and security of the Company, users, or the public.

Some service providers may process data outside Ethiopia. Where data is transferred internationally, we take reasonable steps to ensure appropriate safeguards are in place consistent with applicable data protection requirements.

We implement administrative, technical, and physical safeguards designed to protect your data, including: • Encryption in transit (HTTPS/TLS); • Encryption at rest for sensitive credentials (AES-256-GCM); • Access controls and authentication; • Audit logging and security event monitoring.

No method of transmission or storage is completely secure. You are responsible for safeguarding your account password and portal credentials.

We retain your data for as long as your account is active and as needed to provide the Software, comply with legal obligations, resolve disputes, and enforce our agreements. When you terminate your account, we may retain certain records as required by law or for legitimate business purposes, after which data is deleted or anonymized in accordance with our retention practices.

Depending on applicable law, you may have the right to: • Access and export your business data through available export features; • Correct inaccurate account information through your profile settings; • Request deletion of your account and associated data, subject to legal retention requirements; • Withdraw consent where processing is consent-based, by discontinuing use of the Software.

To exercise these rights, contact us at support@glymetechsolutions.com. We will respond within a reasonable timeframe.

We use essential cookies and session tokens to keep you signed in and to secure the Software. We do not use non-essential tracking cookies for advertising purposes.

The Software is intended for business use by authorized adults. We do not knowingly collect personal information from children under 18.

We may update this Privacy Policy from time to time. Material changes will be communicated through the Software, by email, or via in-app announcement. The effective date at the top of this policy will be updated when changes are published.

For privacy-related questions or requests, contact:

Glyme Tech Solutions PLC Summit Area, Addis Ababa, Ethiopia Email: support@glymetechsolutions.com Phone: +251 909 068 750