How does voice invoicing work?

Simply tap record and describe the job in your own words. Our AI extracts the time, materials, and costs automatically. Review, make any tweaks, and send a professional PDF invoice to your client.

How much does Honest Invoices cost?

Honest Invoices costs £15 per month with unlimited invoices. We offer a 14-day free trial so you can try it before committing.

Is Honest Invoices compliant with UK invoice requirements?

Yes, Honest Invoices generates fully compliant UK invoices with sequential numbering, business details, and proper VAT handling for both VAT-registered and non-VAT-registered tradespeople.

Privacy Policy | Honest Invoices

Overview

Honest Invoices (“we”, “our”, “us”) is committed to protecting your personal data. This policy explains how we collect, use, and safeguard your information when you use our invoicing application, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller

Honest Invoices is operated by Vix Hawley. Under UK GDPR, Vix Hawley is the Data Controller responsible for the personal data we hold about you. This means we decide what data is collected, how it is used, and how it is protected.

For all data-protection enquiries and to exercise your rights under UK GDPR, contact us at v.l.hawley@hotmail.com.

Lawful Basis for Processing

UK GDPR requires us to identify a lawful basis for each way we process your personal data. We process your data on the following bases:

Performance of contract— processing your account details, business information, job and invoice data, and Stripe customer ID is necessary to deliver the invoicing service you signed up for.
Consent— we process voice recordings, transcripts, and AI-generated invoice drafts only when you actively use the voice-to-invoice feature. You can withdraw consent at any time by ceasing to use the feature and requesting deletion of stored recordings.
Legal obligation— if you connect your HMRC account, we process your data to comply with Making Tax Digital (MTD) submission requirements under UK tax law. We also retain certain financial records for the periods required by HMRC.
Legitimate interests— we monitor account activity, error logs, and security signals to keep the service safe and operational. We balance this against your rights and process only what is necessary.

We do not rely on consent for processing required to deliver the service you have signed up for. Marketing emails (if any) are sent only on explicit opt-in consent, which you can withdraw at any time.

Information We Collect

Account Information

When you create an account, we collect your email address and password (stored securely via Supabase Authentication).

Business Information

To generate invoices, you provide us with your business name, contact details, and bank details (account number and sort code). This information appears on your invoices and is stored securely.

Job and Invoice Data

We store information about your jobs, time entries, materials, and generated invoices. This is your business data and remains yours.

Voice Recordings

When you use our voice-to-invoice feature, audio recordings are processed to extract job details.

Recordings are sent to OpenAI’s API for transcription. Per OpenAI’s API data policy, data submitted via their API is not used to train OpenAI’s models; OpenAI retains API inputs and outputs for up to 30 days for abuse-monitoring purposes before deletion. Transcripts generated by the API are stored in your account so you can review and edit the resulting invoice entries.

You can request deletion of specific voice recordings or their transcripts at any time by contacting us at v.l.hawley@hotmail.com.

Payment Information

We use Stripe to process subscription payments. We do not store your card details—these are handled entirely by Stripe. We only store a Stripe customer ID to manage your subscription.

How We Use Your Information

To provide the invoicing service you signed up for
To process your voice recordings into invoice data
To manage your subscription and payments
To improve the accuracy of our AI features
To send important service updates (rare, essential only)
To respond to support requests

We do not sell your data. We do not send marketing emails unless you opt in.

Third-Party Services

We use the following services to operate Honest Invoices:

Supabase — Database and authentication (EU hosting available)
Stripe — Payment processing
OpenAI — Voice transcription and AI processing
Vercel — Website hosting

Each service has their own privacy policy and handles data according to their terms.

HMRC Integration (Making Tax Digital)

If you connect your HMRC account for Making Tax Digital compliance, we will:

Store your HMRC authorization tokens (encrypted) to submit quarterly tax updates on your behalf
Access your HMRC business information and tax obligations
Submit your income and expense data to HMRC as required by MTD regulations
Never share your HMRC data with any third parties

Your HMRC OAuth tokens are encrypted at rest in our database, refreshed automatically as required, and deleted within 24 hours of you disconnecting your HMRC account or closing your account.

You can disconnect your HMRC account at any time from Settings.

Lawful basis: Performance of contract (MTD compliance service) and legal obligation (UK tax law compliance).

Data Security

We implement appropriate security measures including:

Encrypted connections (HTTPS)
Secure password storage (hashed and salted)
Row-level security on our database ensuring you can only access your own data
Regular security updates and monitoring

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

Your Rights

Under UK GDPR, you have the right to:

Access your personal data and receive a copy of it
Rectify inaccurate or incomplete data
Erase your data (the “right to be forgotten”)
Restrict processing in certain circumstances
Port your data to another service in a common machine-readable format
Object to processing carried out on the basis of legitimate interests
Withdraw consent where processing is based on consent (this does not affect lawfulness of processing before withdrawal)
Complain to the Information Commissioner’s Office (ICO) if you believe we have not handled your data properly. The ICO can be contacted at ico.org.uk/make-a-complaint or by phone on 0303 123 1113. We’d appreciate the chance to address your concern first — contact us at the email below.

To exercise any of these rights, contact us at v.l.hawley@hotmail.com. We respond to data-rights requests within one month, as required by UK GDPR.

Data Retention

We retain your data for as long as your account is active.

If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal, accounting, or regulatory purposes (such as for tax records).

Voice recordings and transcripts are retained while your account is active. You may request deletion of specific recordings at any time.

Data Exports

You can export your invoice data at any time through the Service interface. Upon request, we will provide your complete data in a common machine-readable format (CSV or JSON) within 7 days.

Cookies

We use essential cookies only—for authentication and keeping you logged in. We do not use tracking or advertising cookies.

International Data Transfers

Your data is primarily stored within the EU/UK. However, some of our service providers (such as OpenAI) may process data outside the EU. We ensure appropriate safeguards are in place for any international transfers.

Children's Privacy

Our Service is not intended for anyone under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

Changes to This Policy

We may update this policy occasionally. We'll notify you of significant changes via email or an in-app notice at least 30 days before they take effect.

Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

Contact

For privacy-related questions, data-rights requests, or to report a suspected breach, contact:

Vix Hawley, Data Controller for Honest Invoices
Email: v.l.hawley@hotmail.com

For security incidents specifically, please also see our Security & Data Protection page which describes our incident-response process and 72-hour notification commitment to the ICO and HMRC.