Privacy Policy

Effective April 19, 2022

You can view our GDPR statement here


Taulia LLC, Taulia UK Ltd, Taulia GmbH, and Taulia Bulgaria EOOD, and any future corporate affiliates (“Taulia”, “we”, “us” or “our”) are committed to protecting our users’ privacy. This Privacy Policy covers the information we collect about you when you use our services, or otherwise interact with Taulia, for example by visiting, requesting information in electronic form, or attending an event, unless a different policy is displayed at that time.

This Privacy Policy is intended to help you understand the following:

  1. 1. What information we collect about you and how we collect it
  2. 2. How we use the information we collect
  3. 3. Taulia’s legal basis for processing your personal information
  4. 4. How we share the information we collect with third parties
  5. 5. How we store and secure the information we collect
  6. 6. How we transfer information we collect internationally
  7. 7. How to access and control your information
  8. 8. How to contact us about privacy questions or comments
  9. 9. Other important privacy information


Individuals may interact with Taulia across a range of services and products, from seeking information available on or by request at our website, up through use of Taulia’s hosted solutions, such as Electronic Invoicing or Working Capital Management. We refer to all of these services and products in this Privacy Policy as our “Services.”

User Options

This Privacy Policy also explains your choices about how we use information about you. Your choices include how you can object to certain uses of your Personal Information and how you can access and update certain information about you. If you do not agree with this policy, please do not access or use our Services or interact with any other aspect of our business.

End Users

Where we provide the Services under contract with an organization (for example your employer) that organization may be the “controller” of the Personal Information processed by the Services. For more information, please see Notice to End Users below.

Personal Information

Personal Information or Personal Data refers to any information relating to an identified or identifiable natural person.

1. What information we collect about you and how we collect it

We collect Personal Information from you when you contact us regarding our Services, register on our site for support services, subscribe to our newsletter or webinar series, register for or attend our events, ask to be included on an email or other mailing list, participate in an online forum, blog, or voluntary survey, download content or fill out a form. We may collect all or some of the following information: name, email address, phone number, company name, title, department, country and/or industry. Alternatively, you may visit our site anonymously. Any data we request that is not required will be specified as voluntary or optional.

A. Surveys

We may provide you the opportunity to participate in surveys on our site. If you participate, we will request certain personally identifiable information from you. Participation in these surveys is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes contact information such as name, email, and phone number, and demographic information such as job title, income, location, and company size.

We use this information to send notice(s) to you, monitor site traffic, personalize the site, send participants email newsletter(s), and better understand our customers and prospects. We may use a third-party service provider to conduct these surveys; that company will be prohibited from using our users’ personally identifiable information for any other purpose. We will not share the personally identifiable information you provide through a survey with other third parties unless we give you prior notice and choice.

B. Use of the Taulia Hosted Services

When you use any of the Taulia hosted services, such as Electronic Invoicing or Working Capital Management, we collect information about you when you input it into the Services or otherwise provide it directly to us.

Account and Profile Information: We collect information about you when you register for an account, create or modify your profile, set preferences, sign-up for or make purchases through the Services. For example, you provide your contact information and, in some cases, billing information when you register for the Services. You also have the option of adding job title, and other details to your profile information to be displayed in our Services.  We keep track of your preferences when you select settings within the Services.

Content you provide through our products: The Services include the Taulia products you use, where we collect and store content that you post, send, receive and share. This content includes any information about you that you may choose to include, such as business contact information, and remittance information to be used by your customers.  Content also includes the files and links you upload to the Services.

Information you provide through our support channels: The Services also include our customer support, where you may choose to submit information regarding a problem you are experiencing with a Service.  Whether you designate yourself as a technical contact, open a support ticket, speak to one of our representatives directly or otherwise engage with our support team, you will be asked to provide contact information, so that we can update you on the status of your support request or seek further information that would be helpful in resolving the issue.

Your use of the Services: We keep track of certain information about you when you visit and interact with any of our Services. This information includes the features you use; the links you click on; your election of invoicing or early payment options, and the type, size and filenames of attachments you upload to the Services.

Device and Connection Information: We collect information about your computer, phone, tablet, or other devices you use to access the Services. This device information includes your connection type and settings when you install, access, update, or use our Services. We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data. We use your IP address and/or country preference in order to approximate your location to provide you with a better Service experience.  How much of this information we collect depends on the type and settings of the device you use to access the Services. 

Cookies and Other Tracking Technologies: Taulia and our third-party partners, such as our advertising and analytics partners, use cookies and other tracking technologies (e.g., web beacons, device identifiers and pixels) to provide functionality and to recognize you across different Services and devices. For more information, please see our Cookies and Tracking Notice, which includes information on how to control or opt out of these cookies and tracking technologies.

C. Information we receive from other sources

We receive information about you from other Service users, from third-party services, from our related companies, from your customers, and our business and channel partners.

Other users of the Services: Other users of our Services, including your customers, or your employer, may provide information about you when they submit content through the Services.  We also receive your email address from other Service users when they provide it in order to invite you to the Services. Similarly, an administrator may provide your contact information when they designate you as the billing, technical, or other contact on your company’s account.

Taulia Partners:  We work with a global network of partners who help us to market and promote our products, generate leads for us, and resell our products.  We receive information from these partners, such as billing information, billing and technical contact information, company name, what Taulia products you have purchased or may be interested in, evaluation information you have provided, what events you have attended, and what country you are in.

Other Partners: We receive information about you and your activities on and off the Services from third-party partners, such as advertising and market research partners who provide us with information about your interest in and engagement with, our Services and online advertisements.

2. How we use the information we collect

How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us.  Below are the specific purposes for which we use the information we collect about you.

To market, promote and drive engagement with the Services: We use your contact information and information about how you use the Services to send promotional communications that may be of specific interest to you, including by email.  These communications are aimed at driving engagement and maximizing what you get out of the Services, including information about new features, survey requests, newsletters, and events we think may be of interest to you.

For safety and security: We use information about you and your Service use to verify accounts and activity, to monitor suspicious or fraudulent activity and to identify violations of Service policies.

To protect our legitimate business interests and legal rights: Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.

With your consent: We use information about you where you have given us consent to do so for a specific purpose not listed above.  For example, we may publish testimonials or featured customer stories to promote the Services, with your permission.

3. What basis do we have for processing your Personal Information

Legal bases for processing (for EEA and Brazilian users)

If you are an individual in the European Economic Area (EEA) or Brazil, we collect and process information about you only where we have legal bases for doing so under applicable EU or Brazilian law.  The legal bases depend on the Services you use and how you use them. This means we collect and use your information only where:

If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place.  Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.

4. How we share the information we collect

Third Parties With Whom Taulia Shares Personal Information

Service Providers: We work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for us, which may require them to access or use information about you.  If a service provider needs to access information about you to perform services on our behalf, they do so under close instruction from us, including this Privacy Policy, and other policies and procedures designed to protect your information.

Taulia Partners: We work with third parties who provide consulting, sales, and technical services to deliver and implement customer solutions around the Services. We may share your information with these third parties in connection with their services.

In cases of onward transfer to third parties of data of EEA, Swiss or Brazilian individuals, this is only done pursuant to the contractual arrangements we have with these third parties in accordance with applicable law.

Compliance with Enforcement Requests and Applicable Laws; Enforcement of Our Rights: In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to (a) comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements, (b) enforce our agreements, policies and terms of service, (c) protect the security or integrity of our products and services, (d) protect Taulia, our customers or the public from harm or illegal activities, or (e) respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.

If Taulia is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our website of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.

Third Party Links: Other sites accessible through our website have their own privacy policies and data collection use and disclosure practices. Occasionally, at our discretion, we may include or offer third party products or services on our website as well as provide links to sites that are owned and operated by these third-party providers. Please consult each site’s privacy policy, as the information practices of these third-party sites are not covered by our Privacy Policy. We cannot control their collection of information, and therefore have no responsibility or liability for the content and activities of these linked sites. While we continue to seek to protect the integrity of our own site, you should contact these sites directly if you have any questions about the use of the information that they collect.

We use Lead Forensics to track activity on our website and provide us with the IP address, the date and duration of the user’s visit, and the web pages which the user visits. This information may be used by us for marketing purposes. More information can be found on Lead Forensics’ Privacy Policy.

5. How we store and secure the information we collect

The security of your Personal Information is important to us. We use data hosting service providers in the United States and the European Union to host the Personal Information we collect, and we use technical measures to secure your data. These security measures include: password protected directories and databases to safeguard your information and PCI Scanning to actively protect our servers from hackers and other vulnerabilities. Taulia is also backed by security controls designed to protect your data, and we undergo an annual SSAE18 audit, resulting in SOC1/SOC2 Type 2 audit reports.

We implement these safeguards to protect your information, but no security system is impenetrable, and due to the inherent nature of the Internet, we cannot guarantee that data, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others. Please contact us at sec[email protected] with questions regarding our security measures.

You are responsible for maintaining the secrecy of your unique password and account information, and for controlling access to your email communications at all times.

How long will the data be stored

We will retain and use your Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. How long we keep the information we collect about you depends on the type of information, as described in further detail below.  After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.

Account information: We retain your account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services.  Personal Data associated with transactions on the Taulia Platform is retained for the period of time legally required for audit purposes, typically 7-10 years, depending on the applicable law.

We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our Services. Where we retain information for Service improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyze personal characteristics about you.

Information you share on the Services: If your account is deactivated or disabled, some of your information and the content you have provided will remain in order to allow your team members or other users to make full use of the Services.  For example, we continue to display messages you sent to the users that received them and continue to display content you provided.

Managed accounts: If the Services are made available to you through an organization (e.g., your employer), we retain your information as long as required by the administrator of your account.

Marketing information: We retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our Services, such as when you last opened an email from us or ceased using your Taulia account.  We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created. 

6. How we transfer information we collect internationally

International transfers of information we collect

We collect information globally and primarily store that information at hosted data centers in the United States and European Union. We transfer, process and store your information outside of your country of residence, as required for Taulia or our third-party service providers to provide you the Services.  Whenever we transfer your information, we take steps to protect it.

International transfers within the Taulia Companies: To facilitate our global operations, we transfer information to our hosted data centers in either the United States or the European Union and allow access to that information from countries in which the Taulia companies have operations for the purposes described in this Privacy Policy. These countries may not have equivalent privacy and data protection laws to the laws of many of the countries where our customers and users are based. When we share information about you within and among Taulia corporate affiliates, we make use of standard contractual data protection clauses, which have been approved by the European Commission.

International transfers to third parties: Some of the third parties described in this privacy policy, which provide services to us under contract, are based in other countries that may not have equivalent privacy and data protection laws to the country in which you reside. When we share information of customers in the European Economic Area or Switzerland, we make use of the EU-U.S. Privacy Shield, Swiss-U.S. Privacy Shield Frameworks, European Commission-approved standard contractual data protection clauses, or other appropriate legal mechanisms to safeguard the transfer. Please see our Privacy Shield Notice below.

Schrems II

On July 16th, 2020, the CJEU has declared the EU-US Privacy Shield an invalid mechanism for transferring personal data from the E.U. to the U.S. To the extent that Taulia has relied on the EU-US Privacy Shield as the mechanism to transfer personal data across borders, Taulia will be converting to use of the EU Standard Contractual Clauses, or another approved transfer mechanism as a replacement for the EU-US Privacy Shield. In the meantime, Taulia intends to continue to maintain its status and compliance with the EU-US Privacy Shield Principles.

Privacy Shield Notice

Taulia complies with the EU-U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively.  Taulia has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit

We ensure that the Privacy Shield Principles apply to all information about you that is subject to this privacy policy and is received from the European Union, Switzerland, and the European Economic Area.

Under the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Framework, we are responsible for the processing of information about you we receive from the EU or Switzerland and onward transfers to a third party acting as an agent on our behalf. We comply with the Privacy Shield Principles for such onward transfers and remain liable in accordance with the Privacy Shield Principles if third-party agents that we engage to process such information about you on our behalf do so in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage. We are subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

We encourage you to contact us as provided below should you have a Privacy Shield-related (or general privacy-related) complaint. You may also contact your local data protection authority within the European Economic Area or Switzerland for unresolved complaints.

Under certain conditions, more fully described on the Privacy Shield website, including when other dispute resolution procedures have been exhausted, you may invoke binding arbitration. Please see “To Raise a Complaint,” and “How to access and control your information,” below.

7. How to access and control your information


You have the right to access your Personal Information.  We provide you the opportunity to “opt-out” of having your information used for certain purposes or to unsubscribe from receiving future emails, when we ask for the information. If you no longer wish to receive emails, our newsletter and other promotional communications, you may opt-out of receiving them by following the detailed unsubscribe instructions at the bottom of each email or communication or by emailing us at [email protected].

If your Personal Information changes, to request removal of your personal information from our blog or community forum, or if you no longer desire our service, you may correct, update, amend, delete/deactivate it by emailing our Customer Support at [email protected] or by contacting us by telephone or postal mail at the contact information listed below. We will respond to your request to access within 30 days (or 15 days for users subject to Brazilian laws).

Your rights in relation to Personal Information and how to exercise them (for EEA and Brazilian users)

Under certain circumstances EEA and Brazilian users have the following rights:

If you wish to exercise any of the rights set out above, please contact us. You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

What we may need from you. We may need to request specific information from you to help us confirm your identity and right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

8. How to Contact Us About Privacy Questions or Comments

If you have concerns regarding this Privacy Policy, first contact the Taulia Privacy Coordinator ([email protected]), or send written correspondence to:
Taulia Privacy Coordinator
95 Third Street #284
San Francisco
CA 94103
[email protected]
(415) 376 8280

To raise a complaint

According to the GDPR, you have the right to lodge a complaint with a supervisory authority. However, we recommend that you always first address a complaint to the Taulia Privacy Coordinator ([email protected]) so that we can resolve your concern as quickly as possible and in a customer-oriented manner. Taulia will take steps to remedy any issues arising out of a failure to comply with the the General Data Protection Regulation. If the complaint cannot be resolved through Taulia’s internal processes, it will be referred to Judicial Arbitration and Mediation Services, Inc., (JAMS) under the JAMS International Mediation Rules, which are accessible on the JAMS website at JAMS mediation may also be commenced as provided for in the JAMS International Mediation Rules. Finally, you will also have the possibility to invoke binding arbitration under certain conditions.

9. Other important privacy information

California Online Privacy Protection Act Compliance

Because we value your privacy, we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute your Personal Information to outside parties without your consent.

Children’s Online Privacy Protection Act Compliance

The Children’s Online Privacy Protection Act (“COPPA”) took effect on April 21, 2000, and imposes certain requirements on Services directed toward children under the age of 13 that collection information on those children, or on Services that know they are collecting personally identifiable information on children under the age of 13. We are in compliance with the requirements of COPPA and we do not knowingly collect any information from anyone under the age of 13. Our website, products and services are all directed to people who are at least 13 years old or older. If we find that we have collected information from a child under age 13, we will delete that information immediately.

CAN-SPAM Compliance

We have taken the necessary steps to ensure that we are compliant with the CAN-SPAM Act of 2003.

Terms and Conditions

Please also visit our Terms of Use section establishing the use, disclaimers, and limitations of liability governing the use of our website at

Changes to Taulia’s Privacy Policy

If we decide to change our Privacy Policy, we will post those changes on this page, and/or update the Privacy Policy modification date at the top of this page. Policy changes will apply only to information collected after the date of the change. If we make any material changes, we will notify you by email (sent to the e-mail address specified in your account) or by means of a prominent notice on our Services. We encourage you to periodically review this page for the latest information on our privacy practices before proceeding to use our Services.
The English version of this policy shall govern in the event of any conflict or substantive translation changes into a non-English language.

Privacy Policy Customer Pledge

We pledge to you, our customer, that we have made a dedicated effort to bring our privacy policy in line with the following important privacy laws and initiatives:

Notice to End Users

Our services and products are intended for use by businesses. Where the Services are made available to you through an organization (e.g. your employer), that organization is the administrator of the Services, is responsible for the accounts, and ultimately for your use of the Services. In such circumstances, the only Personal Information held in the Services for most end users will be the user’s name and email address at the organization’s domain name. If this is the case, please direct your data privacy questions to your administrator, as your use of the Services is subject to that organization’s policies. We are not responsible for the privacy or security practices of an administrator’s organization, which may be different than this policy.

Administrators are able to:

Please contact your organization or refer to your administrator’s organizational policies for more information.

Unlock the power of cash

Accelerate your cash flow today.

unlock power of cash small image cta 1