Cosmic Bills process invoice data for you. The definition of invoice on this webpage includes all document you submitted to Cosmic Bills for processing, such as a purchase bill, sale invoice, receipt, order confirmation and any other document you submitted to Cosmic Bills for processing.
The free trial is limited to 15 days and maximum 100 invoices. After the free trial, it is Your obligation to pay for the service if you wish to continue to use. It is Your obligation not to apply different user names for the same service. Use of the Cosmic Bills Service may be subject to limitations, including but not limited to monthly transaction volumes.
Your invoice data remain Your property. However, Your access to the data is contingent on full payment of the Cosmic Bills Access Fee when due. For your account that is not paid for the services for longer than a year, Cosmic Bills may delete the data from its database without notice.
You must maintain copies of all data input into the Service. Cosmic Bills adheres to its best practice data back-up regime and accounting industries’ best practices in record keeping for a minimum of seven years. Cosmic Bills does not make any guarantees that there will be no loss of data. Cosmic Bills expressly excludes liability for any loss of data no matter how caused.
Cosmic Bills automatically processes the invoice data for you, and it acknowledges that the success rate is less than 100% due to various reasons. Cosmic Bills attempts to extract line items from each invoice, however it does not guarantee that the line items on all invoices will be extracted due to various reasons. It is Your obligations to validate all Cosmic Bills invoice data extraction before using them for accounting and any other purposes. Cosmi Bills excludes any liability for any inaccuracy of the invoice data extraction.
Cosmic Bills charges all invoices processed from Your invoice-uploading emails, Your manually uploaded invoice files or Your connected cloud storage (such as Google Drive) against Your invoice quota that is allocated at the time of payment subscription. It is done regardless of whether there are invoice files in the email attachment, directly in the email body, or in the email body as hyper links, regardless of the document type, and regardless of the accuracy of the data extraction.
Cosmic Bills collects the minimal amount of personal data from You, for the sole purpose of performing document processing services to You.
Cosmic Bills collects Your personal data You provided when You registered and is committed to protecting the security of Your personal information.
Cosmic Bills keep a copy of all document you submitted to Cosmic Bills for processing, for the purpose of tax office record keeping and Cosmic Bills internal record keeping.
Cosmic Bills periodically obtain accounting data from your nominated accounting system, authorized by You for the connection with Cosmic Bills. Only relevant data will be obtained for the sole purpose of perform document processing services to You.
Cosmic Bills may monitor Your invoice data processing, for the sole purpose of improving invoice processing accuracy for You.
Cosmic Bills will not disclose Your personal information, document and accounting information to a third party unless You have provided Your explicit consent or compelled by the court orders.
Cosmic Bills does not store Your payment card information.
Cosmic Bills’ usage of Google Drive is described below.
Cosmic Bills only reads files from the dedicated folder You created on Your Google Drive named “Cosmic BillsUpload”
Once a file has been uploaded to the folder (“Cosmic BillsUpload”) by You, it is processed by Cosmic Bills for invoice data automation and moved to a folder named “Cosmic BillsDone”, which will be created by Cosmic Bills if it does not exist.
Cosmic Bills does not delete any files in Your google drive.
Cosmic Bills extracts invoice data from the files in your Good Drive folder “Cosmic BillsUpload” and exports them to Your accounting package that You have authorised Cosmic Bills to integrate with. Other than this, Cosmic Bills does not share any of Your google drive files and the information contained on the files with any other third party.
In 2012, the European Commission began a process to reform Europe’s existing data protection laws by proposing a new data protection regulation to replace the current Data Protection Directive. GDPR was agreed and adopted in 2016 and will take effect on 25 May 2018.
At Cosmic Bills, we take our responsibilities under GDPR seriously. That’s why our security and development teams have identified and implemented necessary changes to be compliant with GDPR. We have stringent procedures to key data subject rights, such as subject access requests and the right to request deletion.
The data privacy principles that Cosmic Bills have adopted from the inception, as detailed on this web page above, have positioned us correctly for the introduction of any data privacy initiatives such as GDPR. Here is a summary of the key features we have, including changes we have made recently for the GDPR compliance:
Minimal collection of private information. The primary item of information that Cosmic Bills collects from users is an email address. This is collected at initial user sign-up. Subsequently, document, such as bills, sale invoices and receipts, are uploaded by users to Cosmic Bills for data extraction and processing. The extracted data, and/or a copy of the document are exported to the user’s accounting system. Cosmic Bills also obtains minimum user’s data from user’s accounting system, the connection to which is authorized by the user at the initial setup.
Compliant use of private information. User email addresses are used only for communication with the user and not distributed or used in any other way. Document files are uploaded by the user for data processing and then exported to user’s accounting systems. Document files are stored by Cosmic Bills for the sole purchase purpose of complying with relevant tax office requirement of record keeping and the Cosmic Bills’ own record keeping. Data from the user’s accounting system are obtained for the sole purpose of exporting the correct invoice data to the accounting system or alerting the user for supplier item price rise. All user data are not distributed to any third party or used in any other way.
Compliant storage of private information. Similar to many SaaS providers, we use a top-tier, third-party data hosting provider (Go Daddy web services) with servers located at USA and Singapore , to host our online services
User access to data. Cosmic Bills users with a valid subscription have unrestricted access to their private data, including email address and stored document copies at any time, via Cosmic Bills online portal. The user can access the data Cosmic Bills obtained from the user’s accounting system via the user’s accounting system, with Cosmic Bills data lagging behind for the maximum of one week.
Right to erasure. User email address, invoice document, and the user data from the user’s accounting system can be deleted by Cosmic Bills upon special request from the user. This will invalidate Cosmic Bills’s commitment to satisfy tax office’s requirement of record keeping for the past document processed.
Right to restrict processing. Cosmic Bills has user Settings. In the Settings, a user can choose not to use certain services ofCosmicBills to restrict processing of relevant data. When user subscription is expired, Cosmic Bills stops processing user data.
Right to data portability. Cosmic Bills provides methods for users to obtain past document data in a user friendly, commonly used and machine readable format. The user then can freely transmit that data to another controller.
Right to object. A Cosmic Bills user has the right to object the usage of user data. The consequence of that will be notified and explained to the user.
User contracts and terms and conditions. The terms and conditions are available above, on Cosmic Bills’ website. Upon special request, a written contract can be provided to the user for signing.
Breach notification. Breach notification will be sent to the member where a data breach is likely to “result in a risk for the rights and freedoms of individuals”. This must be done within 72 hours of first having become aware of the breach. Cosmic Bills will notify their customers, the controllers, “without undue delay” after first becoming aware of a data breach.