Last updated: 5 May 2026

1. Who We Are

AI Driven Success is a trading name of Dream Fit Limited, a company registered in England and Wales (Company No. 13595600). Registered office: College House, King Edwards Road, Ruislip, England, HA4 7AE.

For data protection purposes, Dream Fit Limited is the Data Processor. Your business (the account holder) is the Data Controller.

2. What Data We Collect

Account email and passwordAt signup
Uploaded receipts and bank statementsTemporary processing only
Extracted financial data (amounts, vendors, dates)Stored in your own Google Sheet
AI Accountant chat messagesSession only, not stored
QuickFile API credentialsStored locally in your browser

3. How We Use Your Data

We process your data solely to provide the AI Driven Success bookkeeping service:

  • Reading and extracting data from uploaded receipts and bank statements using AI
  • Categorising transactions and detecting refunds, Directors' Loans, and missing receipts
  • Pushing processed data to your own Google Sheet and QuickFile account
  • Providing AI-powered accounting guidance via the chatbot

We do NOT permanently store your financial records. Data flows through our AI and into your own accounts (Google Drive, Google Sheets, QuickFile). We are a processor, not a controller.

4. Sub-Processors

We use the following third-party services to process your data:

ServicePurposeLocation
OpenAIAI receipt/document processingUSA (SCCs)
GoogleYour data storage (Sheets/Drive)Your account
QuickFileAccounting platformUK
VercelDashboard hostingGlobal CDN
StripePayment processingUSA/EU

5. Data Retention

  • Account data (email, password): Retained until you delete your account
  • Uploaded files (receipts, statements): Processed temporarily, not permanently stored by us
  • Extracted data: Stored in your own Google Sheet and QuickFile account
  • Chat messages: Session only, deleted when you close the browser
  • API credentials: Stored locally in your browser's localStorage

6. Your Rights (UK GDPR)

Under UK data protection law, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase your data ("right to be forgotten")
  • Restrict processing
  • Data portability — your data is already in your own Google Sheet
  • Object to processing

To exercise any of these rights, contact us at the address above.

7. Data Security

  • All data transmitted via HTTPS (TLS 1.3)
  • Passwords hashed using SHA-256
  • Session cookies are httpOnly and secure
  • API credentials stored locally in your browser, never on our servers
  • HSTS enabled with 2-year max-age

8. Data Breaches

In the event of a data breach, we will notify the ICO within 72 hours and affected users without undue delay, as required by UK GDPR Article 33 and 34.

9. Complaints

If you are unhappy with how we handle your data, you have the right to complain to the Information Commissioner's Office (ICO): ico.org.uk

10. Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with the updated date above.