Legal

Privacy Policy

Last updated: 19 May 2026

1. Who we are

This Privacy Policy describes how personal data is processed when you visit the Expentrips website (expentrips.com), when you use the Expentrips application (app.expentrips.com), or when you manage an Expentrips account through the account portal (account.expentrips.com).

The data controller is AITONIX AD, a company registered in the Republic of North Macedonia, with its registered office at ul. Boris Trajkovski 36, 1000 Skopje. VAT number: МК4030000394930. Contact: info@expentrips.com.

The Operator's designated data-protection contact is the Aitonix Data Protection Officer: Maja Trajkovic Peshevska, +389 72 252 508, m.trajkovic@aitonix.group.

When you use the Expentrips application as an employee of an organization that has created a workspace, your employer is the controller of the workspace data (trip requests, expense reports, receipts, role assignments, audit log). The Operator processes that data as a processor on behalf of the workspace.

2. What personal data we process

We process the categories of data below. Not every category applies to every visitor or user.

2.1 Website visitors (expentrips.com)

• Technical data automatically transmitted by your browser when you visit the site (IP address, browser type and version, operating system, referrer, requested URL, date/time).
• Information you choose to send to us via the contact email or demo-request links.

The Expentrips marketing website may use third-party scripts and analytics tools to understand website usage and improve marketing performance. Google Analytics is used for website analytics. Google Tag Manager and Meta Pixel may be added when configured by the Operator. Where required, non-essential analytics and marketing cookies should be loaded only after user consent.

2.2 Account holders (account.expentrips.com)

• Name, work email, and password hash for your account.
• Workspace memberships and the roles assigned to you in each workspace.
• Login events, session metadata, and security-relevant logs.
• Billing and subscription data once a paid plan is activated for your workspace.

2.3 Workspace data (app.expentrips.com)

• User profile data inside the workspace: name, work email, role (Employee, Manager/Supervisor, Finance, Company Admin), supervisor assignments, active/inactive status.
• Trip request data: dates, destination, purpose, estimated budget, itinerary notes, approval state, approver decisions.
• Expense report and expense line data: descriptions, categories, amounts, currencies, dates, exchange-rate snapshots, policy flags, approver decisions and reasons.
• Per-diem calculations: applied rules, calculated amounts, adjustments, reasons.
• Receipts and attachments: uploaded images and PDFs, file metadata, optional AI-extracted fields.
• Reimbursement records: payouts, partial-pay reasons, status changes.
• Audit log entries: approvals, role changes, policy edits, exports, password resets, exchange-rate edits, and similar mutations.
• Workspace configuration: categories, currencies, policies, per-diem rules, integration toggles.

2.4 Communications and forms

• The contents of emails you send to us, and any data you submit through demo or contact links.

3. Why we process this data (purposes and lawful bases)

• Providing the Service. To create and maintain accounts, workspaces, and user profiles; to run the trip-request, expense-report, approval, per-diem, policy, and reimbursement workflows; to deliver in-app and email notifications. Lawful basis: performance of a contract (with the workspace) and our legitimate interest in operating the Service.
• Security and abuse prevention. To detect, prevent, and respond to unauthorized access, fraud, abuse, and security incidents. Lawful basis: legitimate interest and, where applicable, legal obligation.
• Support. To respond to requests for help from workspace administrators and users. Lawful basis: legitimate interest and performance of a contract.
• Billing and accounting. Once paid plans are activated, to process payments, issue invoices, and meet accounting and tax obligations. Lawful basis: performance of a contract and legal obligation.
• Service improvement. To analyse aggregated, non-identifying usage to improve features and reliability. Lawful basis: legitimate interest. Workspace content is not used to train external models.
• Communications. To respond to demo and contact requests and to send transactional notifications. Marketing communications, if any, would be sent only with opt-in consent.
• Compliance with law. To comply with applicable laws, court orders, and lawful requests from public authorities. Lawful basis: legal obligation.

4. AI receipt processing

If a workspace enables AI receipt processing, uploaded receipt images and PDFs may be sent to a document-intelligence service to extract suggested fields (merchant, amount, date, currency, category). The employee always reviews and saves the result. Workspaces can disable AI processing at any time; receipts can still be uploaded and managed manually.

Where external document-intelligence providers are used, Expentrips processes receipt data under appropriate contractual and data-protection safeguards. The specific provider may depend on the workspace configuration and enabled features.

5. Cookies

Cookies and similar technologies used by Expentrips are described in the Cookie Policy.

6. Who we share data with

We do not sell personal data. We may share data with the following categories of recipients:

• Hosting and infrastructure providers that run the underlying servers, databases, and storage.
• Email-delivery providers that send approval, password-reset, and audit notifications.
• Document-intelligence (AI) providers, only when a workspace has AI receipt processing enabled, and only for the receipt content needed to perform the extraction.
• Payment providers, once paid plans are activated, to process subscription payments and produce invoices.
• Professional advisors (accountants, auditors, legal counsel) under appropriate confidentiality obligations.
• Public authorities, where required by law or to respond to a valid legal request.

7. Retention

When a workspace is closed, cancelled, or a paid plan is not renewed, workspace data is retained for 30 days to allow recovery or export, and may then be deleted or anonymised, subject to any legal, tax, accounting, or dispute-resolution obligations that require longer retention. Audit-log entries may be retained where necessary to preserve the traceability of approvals, reimbursements, and configuration changes. Server access logs are retained for a limited period for security and troubleshooting purposes.

8. Security

The Operator applies reasonable technical and organizational measures to protect personal data against unauthorized access, accidental loss, alteration, or disclosure. The measures are layered and cover the application, the data, and the people who operate the service.

Application controls.

• Each customer workspace is logically isolated; cross-workspace data access is not possible by design.
• Role-based access control inside the workspace (Employee, Manager / Supervisor, Finance, Company Admin) — each role sees only the surface it needs.
• Server-side authorization checks on every API call and every file access; the browser cannot bypass them.
• Policy enforcement (receipt-required, category caps, blocking rules) runs server-side at submit and approval time.

Data protection.

• All traffic between the browser, the application, and the API is encrypted in transit using HTTPS / TLS.
• Passwords are stored as one-way hashes; raw passwords are never recorded.
• Sensitive configuration values (payment-provider credentials, SMTP passwords) are encrypted at the application layer so a database snapshot alone does not leak them.
• Uploaded receipts and attachments are streamed through the API after authorization checks; direct file paths are never exposed.
• Routine encrypted backups are kept to support disaster recovery; recovery procedures are reviewed periodically.

Operational controls.

• Administrative access is restricted to staff who need it for support or operations, on a least-privilege basis.
• A durable audit log records sensitive actions (approvals, role changes, policy edits, exports, password resets, exchange-rate edits, and similar).
• Security and application logs are monitored for unusual activity and used for troubleshooting.
• The platform is kept current with regular maintenance and security updates.
• If a security incident occurs, the Operator follows a defined incident-response procedure that includes assessment, containment, customer notification where required, and remediation.

9. Your rights

Subject to applicable law, you have the right to:

• access the personal data the Operator holds about you;
• request correction of inaccurate or incomplete data;
• request deletion of your data, subject to legal retention obligations;
• object to or request restriction of certain processing;
• request a copy of your data in a portable format;
• withdraw consent at any time where processing is based on consent;
• lodge a complaint with the supervisory authority.

In the Republic of North Macedonia the supervisory authority for personal-data protection is the Agency for Personal Data Protection (Boulevard Goce Delchev 18, Skopje).

To exercise these rights, contact info@expentrips.com. If you are an employee of an organization that has created a workspace, please first contact the Workspace Owner or Company Admin, who is the controller of the workspace data.

10. Changes to this Privacy Policy

The Operator may update this Privacy Policy from time to time. Material changes will be communicated by email to Workspace Owners and Company Admins. The current version is always available at expentrips.com/privacy.html.

11. Contact

For privacy-related questions and requests, contact info@expentrips.com.

← Back to home