← Blipvoice

Privacy Policy

Last updated: 2026-04-19

Blipvoice is an invoicing tool at blipvoice.com, operated by SPACESTREAM.com Ltd. This policy explains what we store, why, and how long.

Summary

  • We store the account and business data you enter so Blipvoice can work (your clients, your invoices, your saved profile).
  • We do not sell your data, do not show third‑party advertising, and do not use your invoice data to train any model.
  • Invoices you send are delivered via Amazon SES using a Blipvoice sender address, with your business email set as the reply‑to.
  • Basic operational logs exist to keep the service running and debug issues.

Information you provide

When you register, we store your email address, a hashed version of your password, and a unique user ID. When you fill in your business profile, we store the fields you enter (business name, address, email, VAT number, default terms, tax year‑end, and similar invoicing preferences).

When you create clients and invoices, we store exactly what you type into those records (client name, email, address, notes; invoice line items, totals, tax, issue and due dates, and status).

Accounts & authentication

Passwords are hashed using PBKDF2‑SHA256 before storage; we never see your password in the clear. Sign‑in produces a signed JWT used to authenticate subsequent requests. You can request a password reset by email at any time.

Blipvoice is currently invite‑only. Registration requires a valid invitation code.

Sending invoices by email

When you send an invoice, Blipvoice dispatches the message through Amazon SES from noreply@blipvoice.com, with your business email set as the Reply‑To so the recipient can reply directly to you. The invoice PDF is generated in your browser and attached to the outbound message.

Sharing links

If you create a read‑only share link (for example, for an accountant), Blipvoice stores a hashed token and an expiry date so the link can be validated and revoked. The share link itself grants read‑only access to the invoices, clients, and reports it was issued for.

Infrastructure & storage

Blipvoice runs on Amazon Web Services in the eu‑west‑2 (London) region. Account data, client records, invoice records and share tokens are stored in Amazon DynamoDB in that region. Outbound email is sent via Amazon SES in the same region. Server logs are retained for operational and debugging purposes.

Cookies & local storage

Blipvoice itself does not set tracking cookies. We store your session token and editor state in your browser's localStorage so you stay signed in and don't lose work between visits. You can clear this at any time from your browser.

Third‑party services

Blipvoice uses Amazon Web Services (DynamoDB, Lambda, API Gateway, SES, Route 53) to run the service. When you send an invoice by email, your recipient's email address and the invoice content pass through SES in order to be delivered.

Data retention & deletion

Your invoices, clients and profile remain in the service until you delete them or close your account. Share links automatically expire on the date you set. If you want your account and data deleted, email privacy@blipvoice.com and we will remove your records.

Your rights

Under UK/EU GDPR you have the right to access, rectify, erase, restrict, port or object to processing of your personal data. To exercise any of these rights, email privacy@blipvoice.com.

Security

Reasonable technical and organisational measures are taken to protect the service, but no method of transmission or storage is 100% secure.

Changes

This policy may be updated from time to time. The "Last updated" date above reflects the latest version.

Contact & data controller

Blipvoice is operated by SPACESTREAM.com Ltd, which is the data controller for the personal data described in this policy.

Privacy and data requests: privacy@blipvoice.com.
General support: support@blipvoice.com.