TryTick

Legal

Privacy Policy

Last updated: February 2026

This is a template privacy policy. It should be reviewed by a qualified solicitor before being relied upon. Ant vs Bear Ltd accepts no liability for its use without professional legal review.

1. Who We Are

Tick is operated by Ant vs Bear Ltd, a company registered in England and Wales. We are the data controller for the personal data processed through the Tick service at trytick.ai and app.trytick.ai.

For data protection enquiries, contact us at: privacy@trytick.ai

2. What Data We Collect

We collect the following categories of data:

  • Account data: Name, email address, and company name provided at registration.
  • Invoice data: Supplier invoices you forward to Tick, including supplier names, invoice numbers, dates, line items, amounts, and VAT details. This data is extracted by our AI and stored to provide the service.
  • Xero connection data: OAuth tokens for your Xero account. We do not store your Xero password.
  • Usage data: How you interact with the service (pages visited, features used, invoices processed).
  • Technical data: IP address, browser type, and device information collected automatically.

3. How We Use Your Data

We process your data for the following purposes:

  • Service delivery: Extracting invoice data, creating Xero draft bills, and providing the review dashboard (legal basis: contract performance).
  • AI processing: Your invoice documents are sent to AI providers (currently Anthropic's Claude API) for data extraction. Invoice content is processed but not used to train AI models.
  • Account management: Managing your subscription, sending service emails, and providing support (legal basis: contract performance).
  • Service improvement: Analysing usage patterns to improve accuracy and features (legal basis: legitimate interest).
  • Legal compliance: Meeting our legal obligations including fraud prevention and accounting requirements (legal basis: legal obligation).

4. Data Sharing

We share your data with the following third parties:

  • Xero: Invoice data is sent to your connected Xero account when you approve a bill.
  • AI providers: Invoice documents are sent to Anthropic (Claude API) for data extraction. Anthropic does not retain or train on this data.
  • Infrastructure providers: We use Supabase for database hosting and AWS for document processing (OCR for scanned documents).
  • Payment processor: Stripe processes subscription payments. We do not store your card details.

We do not sell your data to third parties. We do not use your invoice data for advertising.

5. Data Security

All data is encrypted in transit using TLS and at rest using AES-256 encryption. Access to production systems is restricted and logged. We conduct regular security reviews of our infrastructure.

6. Data Retention

Invoice data is retained for as long as your account is active and for 12 months after account closure to allow for reactivation and audit purposes. You can request deletion of your data at any time by contacting us.

7. Your Rights (UK GDPR)

Under the UK GDPR, you have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate data.
  • Erasure: Request deletion of your data (subject to legal retention requirements).
  • Portability: Request your data in a machine-readable format.
  • Objection: Object to processing based on legitimate interest.
  • Restriction: Request restricted processing in certain circumstances.

To exercise any of these rights, contact us at privacy@trytick.ai. We will respond within 30 days.

8. Cookies

The marketing site (trytick.ai) uses Plausible Analytics, which is cookie-free and does not track individuals. The application (app.trytick.ai) uses essential cookies for authentication and session management only. We do not use advertising or tracking cookies.

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes via email or through the application. The "last updated" date at the top of this page indicates when the policy was last revised.

10. Contact & Complaints

If you have questions about this policy or wish to make a complaint, contact us at privacy@trytick.ai.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.