Privacy Policy

Last updated: 6/22/2026

Who we are

Authorise ("we", "our", "us") provides a multi-tenant approvals platform. This policy explains what data we collect, how we use it, and your rights under the UK and EU GDPR.

What we collect

• Account data: name, email, tenant membership, role.
• Request data you submit: title, date, reason, description, supplier, category, location, cost, currency, attachments.
• Operational data: audit events (who did what, when), IP address, user agent.

How we use it

To deliver the service, route approvals, forward approved items to your nominated Xero draft inbox, and keep an audit trail for compliance.

Subprocessors

• Lovable Cloud (hosting, database, storage, auth).
• Email delivery provider for transactional emails.

Your rights

You may export or delete your personal data at any time from your in-app Privacy Centre. The audit log is preserved but personal identifiers are redacted upon deletion.

Contact

Privacy queries: privacy@authorise.app