Security
InvoicePro Studio is designed with privacy and security as core principles. Your financial data never leaves your device.
Your invoice contents, client names, financial amounts, payment details, and PDF files are stored only in your browser's local storage. We never receive or store your invoice data on any server.
Our analytics do not collect invoice numbers, client names, line item descriptions, financial amounts, tax IDs, bank details, payment instructions, or any other invoice content.
All text inputs are sanitized before rendering in the invoice preview to prevent cross-site scripting (XSS) attacks. Downloaded filenames are sanitized to prevent injection.
Logo uploads are processed entirely in your browser using the FileReader API. Logo files are never transmitted to any server. File type and size validation is enforced before processing.
Responsible Disclosure
If you discover a security vulnerability in InvoicePro Studio, please contact us responsibly before public disclosure. We appreciate security researchers who help keep our users safe.