Privacy Policy
Last Updated: 28/12/2025
Treasury Ease Solutions SRL ("we," "us," "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, share, and protect information when you use Treasury OS, our SaaS platform available at www.treasuryease.com.
We process data in full compliance with the EU General Data Protection Regulation (GDPR - Regulation (EU) 2016/679), Romanian data protection law, and—where relevant—other frameworks such as the California Consumer Privacy Act (CCPA).
1. Who We Are
Treasury Ease Solutions SRL
- A limited liability company registered in Romania (EU)
- Registered office: Bucharest, Romania
- Trade Registry No.: RO555
We act as the Data Controller for personal data processed via Treasury OS.
Contact for privacy matters: contact@treasuryease.com
2. What Data We Collect
We collect data directly from you when you register, subscribe, or interact with Treasury OS, as well as automatically through the platform.
a) Account Data
- Name and surname
- Work email address
- Password (encrypted)
- Company name, role, and contact details
- Subscription plan (free or paid)
b) Payment Data (for paid subscriptions)
- Billing name, address, VAT ID
- Payment details (processed securely by our payment provider; we never store full card numbers)
c) Usage & Analytics Data
- Technical information: IP address, browser type, device, operating system
- Activity logs: login times, features accessed, interactions with Treasury OS apps
- Analytics data: collected via Google Analytics or equivalent (with IP anonymization and no advertising tracking)
d) Support & Communication Data
- Information you provide via support requests, chat, or email
- Records of communications with our support team
e) Application Data
- Files you upload or store in Treasury OS
- API connections and credentials you configure
- Custom applications you build and install
3. How We Use Your Data
We use your data to:
- Provide, manage, and secure your Treasury OS account
- Process subscriptions and payments
- Deliver support and respond to inquiries
- Improve and optimize platform functionality
- Generate anonymized usage statistics
- Prevent fraud, abuse, or security breaches
- Comply with legal and tax obligations
We do not sell your data and we do not use it for advertising purposes.
4. Legal Basis for Processing (GDPR)
We process data on the following grounds:
Contract performance (Art. 6(1)(b) GDPR): to provide Treasury OS services you subscribed to
Legal obligations (Art. 6(1)(c) GDPR): for tax, accounting, and compliance
Legitimate interests (Art. 6(1)(f) GDPR): to improve security, prevent fraud, and develop the platform
Consent (Art. 6(1)(a) GDPR): where required (e.g., analytics cookies, optional communications)
5. Data Storage & Security
- Data is hosted on EU-based cloud infrastructure
- We use industry-standard encryption:
- TLS 1.2+ for data in transit
- AES-256 for data at rest
- Access controls with role-based permissions
- All AI processing uses sanitized data only
- Comprehensive audit logging for compliance
For enterprise customers requiring detailed security documentation, contact contact@treasuryease.com.
5A. Security Overview
| Security Measure | Status |
|---|---|
| Data encrypted in transit | ✓ TLS 1.2+ |
| Data encrypted at rest | ✓ AES-256 |
| EU data residency | ✓ Primary storage in EU |
| AI data sanitization | ✓ No PII transmitted to AI |
| AI model training | ✓ Your data is never used |
| Infrastructure compliance | ✓ SOC 2 compliant providers |
| Regulatory compliance | ✓ GDPR compliant |
Need detailed security documentation for compliance or audit purposes?
Contact us at contact@treasuryease.com
6A. AI-Powered Features
Treasury OS uses artificial intelligence to provide advanced treasury management features including cash flow forecasting, transaction classification, and reconciliation assistance.
Data Protection for AI Processing:
| Protection Measure | Implementation |
|---|---|
| Data Sanitization | All data is automatically sanitized before AI processing. Account numbers, IBANs, emails, phone numbers, and personal names are masked or removed. |
| No Model Training | Your data is NOT used to train AI models. This is contractually guaranteed with our AI provider. |
| Aggregated Data Only | AI features primarily use aggregated statistics (totals, averages, patterns) rather than individual transaction details. |
| Audit Trail | All AI processing is logged and auditable within your account. |
6B. Service Providers (Sub-Processors)
We use the following categories of service providers to deliver Treasury OS:
| Service Type | Purpose | Data Location |
|---|---|---|
| Cloud Database | Data storage and authentication | European Union |
| Application Hosting | Platform delivery and performance | European Union |
| AI Processing | Intelligent features (forecasting, classification) | United States* |
| File Transfer | Bank statement upload processing | European Union |
| Payment Processing | Subscription billing | European Union |
*Data transferred to the United States is protected under Standard Contractual Clauses (SCCs) and is sanitized to remove personally identifiable information before transmission.
All service providers are bound by Data Processing Agreements and are required to maintain appropriate security measures.
For detailed information about our data protection practices, contact contact@treasuryease.com.
7. International Data Transfers
Data is primarily stored in the EU/EEA. If transferred outside, we rely on:
- European Commission adequacy decisions, or
- Standard Contractual Clauses (SCCs) with supplementary safeguards
8. Data Retention
Account data: kept as long as your account is active, and up to 5 years after closure (legal reasons)
Payment records: retained as required by tax law
Usage logs: up to 12 months
Application data: deleted upon account closure or on request
9. User Rights
Under GDPR and other applicable laws, you have the right to:
- Access your personal data
- Correct inaccurate or incomplete data
- Delete your data ("right to be forgotten")
- Restrict processing in certain cases
- Port your data to another provider
- Object to processing based on legitimate interests
- Withdraw consent at any time
Requests can be made at contact@treasuryease.com. We respond within 30 days.
10. Cookies Policy
Treasury OS uses cookies only for:
- Essential functions (login, security, session management)
- Analytics (Google Analytics, anonymized; no advertising cookies)
You can control cookies via your browser settings. For more details, see our Cookie Policy.
11. Children's Privacy
Treasury OS is not intended for users under 18. We do not knowingly collect their data. If discovered, such data will be deleted immediately.
12. Automated Decision-Making
We do not use your personal data for automated decision-making or profiling that produces legal effects or significantly affects you.
13. Updates to This Policy
We may update this Privacy Policy from time to time. Updates will be published on this page with a revised "Last Updated" date. For significant changes, we will notify you by email.
14. Contact Information
If you are based in the EU, you have the right to lodge a complaint with your local Data Protection Authority. In Romania, this is the National Supervisory Authority for Personal Data Processing (ANSPDCP).