Privacy Policy

This Privacy Policy explains how Pukser OÜ (registry code 16742901, Estonia) collects, uses, and protects information when you use TRF.IS — our accounting and business management software, including the TRF MCP connector for AI assistants.

1 What data we process

When your organisation uses TRF.IS, we store the following categories of data in your organisation's isolated account:

• Organisation profile — name, address, VAT number, registry code, contact details
• Contacts — customers and suppliers: legal name, address, registration codes, email, phone
• Financial documents — sales invoices, purchase invoices, payments, journal entries, bank statements
• User accounts — email address, name, hashed password or OAuth provider identifier, role
• API keys — name, scope, expiry; the secret is stored only as a SHA-256 hash and is never retrievable
• Audit logs — timestamped record of every data mutation, cryptographically chained

2 TRF MCP — AI connector

TRF.IS provides a Model Context Protocol (MCP) server at https://ai-api.trf.is/mcp that allows AI assistants (such as Claude.ai) to read and write your organisation's accounting data on your behalf.

When you connect an AI client to TRF.IS via MCP:

• You authenticate directly at login.trf.is; TRF.IS issues a short-lived OAuth 2.0 JWT scoped to either mcp:read or mcp:write
• The AI assistant uses this token to call TRF.IS tools (list invoices, create contacts, etc.) on your behalf
• Only your accounting data within TRF.IS is accessible — the AI cannot reach any other system or organisation
• TRF.IS does not receive or store the content of your conversations with the AI assistant
• Write operations that are flagged as requiring approval create a pending approval request that an administrator must confirm in TRF.IS before the action executes

You can revoke MCP access at any time by revoking the OAuth session or the API key in Settings → AI & Integrations.

3 Legal basis for processing

We process your data on the basis of the contract for use of TRF.IS services (GDPR Art. 6(1)(b)) and, where applicable, our legitimate interests in operating a secure and reliable service (Art. 6(1)(f)). Audit log data is retained to meet accounting and legal compliance obligations (Art. 6(1)(c)).

4 Third-party AI providers

When you use the TRF.IS built-in AI chat feature, your prompts and relevant excerpts of your accounting data are sent to your configured AI provider (Anthropic or OpenAI) for processing. These providers act as data processors under Data Processing Agreements and process data under their own privacy policies. TRF.IS does not store AI conversation content beyond the active session.

The TRF MCP connector itself does not send any data to AI providers — the AI client calls TRF.IS tools and receives structured data responses directly.

5 Data storage and security

• Each organisation's data is stored in an isolated PostgreSQL schema — no cross-tenant data access is possible at the database level
• All traffic is encrypted in transit (TLS 1.2+)
• API key secrets are hashed with SHA-256 and are never stored in plaintext or retrievable after creation
• OAuth tokens are short-lived signed JWTs; refresh tokens are single-use
• We do not sell, rent, or share your financial data with third parties for marketing or any other purpose

6 Data retention

We retain your data for as long as your account is active. Accounting records (invoices, journal entries, audit logs) are subject to the statutory retention period required by Estonian accounting law (7 years from the end of the financial year). You may request deletion of non-statutory personal data at any time.

7 Your rights

Under the General Data Protection Regulation (GDPR) you have the right to:

• Access the personal data we hold about you
• Rectify inaccurate personal data
• Erase personal data that is no longer necessary (subject to legal retention obligations)
• Restrict or object to processing
• Data portability — receive your data in a structured, machine-readable format
• Lodge a complaint with the Estonian Data Protection Inspectorate (AKI)

To exercise any of these rights, contact us at toomas@pukser.ee. We will respond within 30 days.

8 Cookies

TRF.IS uses a single session cookie (lang) to remember your language preference on the marketing site. No tracking cookies or third-party advertising cookies are set. Google Analytics is used on the marketing site (trf.is) to measure page visits; you can opt out via your browser's Do Not Track setting or a browser extension.

9 Changes to this policy

We may update this policy from time to time. Material changes will be communicated by email to account holders or by a notice in the TRF.IS application. The effective date at the top of this page reflects the latest revision.

10 Contact