Privacy Policy

Effective April 2026. Simeron AI processes accounting data for Greek accounting offices and follows GDPR and Greek data-protection requirements.

Data controller

SIMERON TECHNOLOGIES SINGLE-MEMBER P.C., AFM 801392170, DOY KEFODE Attikis, Greece. Contact: privacy@simeron.ai or support@simeron.ai.

Data we collect

Account details, invoice and receipt files, accounting entries, supplier and customer details, VAT regimes, AI memory rules created from user corrections, payment metadata handled by Stripe, and security/usage logs.

Legal bases

Contract performance, legitimate interest for security and service improvement, legal obligation for tax/accounting records, and consent where optional marketing or optional features require it.

Security

Data is transmitted over TLS, stored using encrypted infrastructure, isolated by customer account, and protected with restricted production access.

AI memory

Corrections are stored for the customer's own account to improve future suggestions. They are not shared across customers and are not used to train third-party models.

Sub-processors

Cloudflare R2 for file storage, Microsoft Azure for OCR and AI features, Modal for serverless GL-classifier inference, Google Cloud / Google APIs for OAuth, email, and supporting AI/infrastructure where enabled, Stripe for payments, and the production hosting provider for the application.

International transfers

European processing regions are selected where available. Where a sub-processor or feature requires transfer outside the EEA, appropriate transfer mechanisms such as SCCs, adequacy decisions, or equivalent contractual safeguards are used.

When data leaves Simeron

Data leaves the platform when requested or needed for enabled features: ERP/accounting export, AADE myDATA sync or classification, OCR, AI classification, and email/OAuth flows. Simeron does not sell data or use it for advertising.

Retention and deletion

Data is kept while the account is active. Uploaded files are deleted when the user deletes them, subject to legal retention obligations. After account termination, data is deleted within 30 days unless Greek tax law requires retention.

Rights

Users may request access, export, correction, deletion, restriction, objection, human review of automated decisions, and complaint to the Hellenic Data Protection Authority.

Cookies

Simeron uses strictly necessary authentication cookies and local preferences. It does not use tracking cookies, advertising pixels, or behavioral analytics cookies.