Privacy is the architecture.
Fire Invoice was built on a simple premise: your business data belongs to you, not to us, not to advertisers, not to anyone. Every architectural decision flows from that.
Your invoices are encrypted before they reach us.
When you create an invoice, the sensitive parts — your client’s email, your wallet address, your line items and totals — are encrypted using AES-256-GCM, the same encryption standard used by governments and banks.
The encrypted data is what gets stored. Not the original. With access to our database alone, the contents of your invoices look like meaningless strings of characters.
This is not a feature we toggle on. It is how the data is shaped from the moment it arrives.
Payments never touch our servers.
When your client pays an invoice with Fire Wallet, the payment goes directly from their wallet to yours over the MobileCoin network. No payment processor in the middle. No bank holding the funds. No percentage taken.
We never see the money. We never hold the money. We do not have an account that contains your money — because we are not a financial institution. We are software. The wallet is the bank, and the bank is yours.
For payments by other methods like ACH, PayPal, or Venmo, we display the payment details to your client and that is where our involvement ends. We never see the transfer.
What we cannot see, even if we wanted to.
The contents of your invoices, your client’s name and email, your line items, your wallet address as displayed to clients, the contents of your conversations with the AI assistant — these are encrypted before they reach our database. Our admin tools cannot read them. There is no “view as user” button, no support dashboard that surfaces invoice contents, no internal report that pulls names off the books.
We don’t look at your data.
What we do collect.
To run the service, we need some information in plain form. We are direct about what:
- Your account email and name
- The total amount of each invoice (for billing tier enforcement and your own dashboard stats)
- Timestamps of when invoices were created, sent, viewed, and paid
- Aggregate counts: how many invoices, how many clients, how many AI queries
- Standard server logs (request paths, error messages, timing) retained briefly for operations
That is the full list. We do not collect tracking cookies for advertising. We do not embed analytics scripts that profile your visitors. We do not sell, rent, or share any of this data with third parties.
We are open about who else is involved.
Running a modern web service means working with other companies for specific functions. We use as few as we can, and we tell you who they are:
- Fly.io hosts our application servers
- Neon hosts our Postgres database
- Resend delivers transactional emails on our behalf
- Anthropic powers the AI assistant when you use it
- CoinGecko provides exchange rate data for MOB
When we use one of these services, we send only what is necessary for that specific function. Resend receives your client’s email address because that’s how email works. Anthropic receives the text of your assistant queries because that’s how the assistant works. None of these vendors receive the contents of your invoices.
If we ever add a new vendor or change this list, we will say so before doing it.
Privacy is dignity.
We built Fire Invoice this way because we believe businesses deserve tools that work for them, not against them. Your client list, your revenue, your billing patterns — these are not raw material for someone else’s business model. They are yours.
If you have questions about how anything works, contact us. If you find a security issue, please write to security@fireinvoice.io.