Welcome to BookWell. We understand that your financial data is highly sensitive and critical to your business operations. We are fully committed to protecting your privacy and ensuring you maintain complete control over your banking data in accordance with the Australian Consumer Data Right (CDR) framework.
To deliver our core bookkeeping and accounting services—including automated bank feed synchronization, smart reconciliation, and real-time financial reporting—we securely connect to and retrieve your bank account data via our regulated technology partner, Basiq (an accredited CDR data recipient/service provider).
This policy outlines how BookWell collects, uses, and retains your data, and how you can manage or revoke your consent at any time.
1. Our Data Principles and Purpose
We strictly adhere to the CDR "Data Minimization" principle. This means we only request and collect data that is absolutely necessary to provide our accounting services.
Data We Collect: We only collect basic bank account information (such as account name, account number, account balance) and historical transaction records (bank feeds) authorized by you. BookWell never requests, accesses, or stores your online banking passwords or login credentials.
How We Use Your Data: Your data is used solely to import bank feeds into the BookWell system for automated income/expense classification, invoice and bill matching, bank reconciliation, and generating accurate financial and tax reports. We will never use your financial data for any unrelated marketing or commercial purposes, nor will we sell it to third parties without your explicit consent.
2. Managing and Revoking Your Consent
Your data belongs entirely to you. You can manage, modify, or revoke (disconnect) BookWell's access to your bank feeds at any time.
Pursuant to CDR specifications, we provide the following convenient channels for you to manage your authorization:
Option 1: Direct Revocation via the BookWell Dashboard (Recommended)
Log in to your BookWell account.
Navigate to Banking / Manage Connections.
Locate the bank account you wish to disconnect, and click "Disconnect" or "Revoke Consent".
This action will immediately trigger Basiq's API to cease retrieving any new data from your bank.
Option 2: Contacting Our Support Team via Email
If you are unable to access your dashboard or require assistance, you can contact our compliance and support team:
Support Email: charleslu@bookwell.ai
3. Data Retention & ATO Record-Keeping Obligations (No Automatic Deletion Policy)
Upon the expiration or revocation of your consent, BookWell will immediately stop fetching any new data from your financial institution.
How historical transaction data already existing within our system is handled depends on its significance to your accounting records. As a professional financial and accounting software provider, we must simultaneously comply with several Australian federal laws:
Retention of Data by Law (No Automatic Deletion)
In accordance with the record-keeping requirements enforced by the Australian Taxation Office (ATO) under the Income Tax Assessment Act 1997 (Cth), the Taxation Administration Act 1953 (Cth), and the Corporations Act 2001 (Cth), businesses are legally required to securely retain all tax, business, and financial records (including bank transaction data used to prepare tax returns, Business Activity Statements (BAS), or financial accounts) for at least 5 to 7 years.
Once bank transactions have been synchronized into BookWell, they form the potential foundation of your business accounts and audit trails. To prevent accidental non-compliance with the ATO’s statutory record-keeping obligations, BookWell does not automatically delete historical transaction data from our systems when you disconnect your bank or when consent expires.
Disconnecting your bank will only stop future real-time synchronization. Your previously synchronized historical accounts and transaction records will remain securely stored within your BookWell account to ensure the integrity of your books and your tax compliance.
Special Data Deletion Requests
If, after your assessment, you confirm that certain synchronized raw transactions are indeed redundant (e.g., they have not been utilized for any reconciliation, reports, or accounting entries) and you wish to have them permanently removed from our system, you may contact our support team. We will assist you in securely performing manual deletion or de-identification of this specific data to satisfy your privacy preferences:
Special Request Channel: charleslu@bookwell.ai
4. General Inquiries and Complaints
If you have any questions regarding your consent, how we safeguard your financial data, or wish to file a privacy-related complaint, please contact us directly at charleslu@bookwell.ai.