Additional Terms — Invaro
These Additional Terms supplement the Terms of Service for the Invaro Service. Capitalised terms not defined here have the meaning given in the Terms.
In case of conflict between the Terms and these Additional Terms, these Additional Terms prevail to the extent of the conflict.
1. Service description
Invaro is an API for issuing invoices into, and retrieving invoices from, the national e-invoicing / clearance systems operated by tax authorities. It acts as an intermediary between your systems and the relevant national system: you call our API, and we relay the operation on your behalf, converting between your data and the format the system requires.
Invaro currently supports Poland's National e-Invoice System (KSeF — Krajowy System e-Faktur), which is the only national system implemented at this time. Additional country modules, if implemented, will be covered by updated Additional Terms.
The Service exposes:
- a REST API for issuing invoices to, and retrieving invoices from, the supported national e-invoicing system (currently KSeF) on your behalf;
- a web panel for managing API keys and your Subscription.
2. Data we process
This is the most important section to understand before using Invaro. Read it carefully.
Your e-invoicing credentials are used in transit only and are never stored. To authenticate to the national system on your behalf, you supply your authentication credentials — for KSeF, a certificate and its private key, or a short-lived session handle derived from them — with each request. These credentials are used in memory only, for the duration of that single request, solely to carry out the operation you asked for. They are never stored and never persisted, and our logging is configured to redact credentials supplied through the designated request fields. You must supply credentials only through the API fields documented for that purpose; credentials placed elsewhere — query strings, URL paths, or custom headers — may not be subject to the same redaction. When the request completes, the credentials are gone from memory.
Invoice content is processed in transit only and is not retained. Invoice content you submit for issuance, and invoice content we retrieve on your behalf, is processed only while your request is being handled — converted to or from the format the national system requires, encrypted as it requires, and relayed. We do not retain invoice content. The national system itself (for KSeF, the official, legally-mandated archive) is the system of record for the documents you issue and receive.
Invoice content routinely contains personal data of your counterparties — for example their name, address, tax identification number (which may identify a natural person), and bank account number. You are the controller of that data; we process it only in transit, on your instruction, to relay it to the national system (see "Roles under GDPR / RODO" below).
The only data the Service stores is:
- your account record and authentication data (as described in the Privacy Policy);
- usage and billing records (as described in the Privacy Policy);
- if you use the built-in invoice-numbering feature: your numbering series, their counter state and configuration, and the associated activity log for that feature;
- operational records of the KSeF operations performed on your behalf — the type of operation, its outcome, KSeF-assigned reference numbers, timestamps, the source IP address, and operational parameters. These records do not contain your invoice content, your e-invoicing credentials, your counterparty's identifying information, or your own invoice numbers.
The platform Privacy Policy governs how the account, usage, numbering, and KSeF-operation data above is processed and retained.
Roles under GDPR / RODO. You are the controller of the invoice data you issue and receive through Invaro. Each national e-invoicing authority you transmit invoices to (for KSeF, Poland's Krajowa Administracja Skarbowa) is an independent controller for the data held within its own system; it determines the purposes and means of that processing under its national law, and it is not our sub-processor. When you transmit invoice data to a national authority through Invaro, you — as controller — are making a disclosure to that authority acting under its applicable national law. The lawful basis for that disclosure is typically your legal obligation as a taxpayer under the applicable national e-invoicing or VAT legislation (Art. 6(1)(c) GDPR). You are responsible for ensuring that your use of Invaro to fulfil your e-invoicing obligations is consistent with your own obligations as a controller toward the individuals whose personal data appears in your invoices. For the transient, in-transit handling described above, we act as a processor on your documented instructions — the instruction being the API call you make. We keep operational records of the KSeF operations you perform through Invaro (described under "The only data the Service stores" above). We process those records as controller, for support, dispute resolution, and security monitoring, on the basis of our legitimate interest (Art. 6(1)(f) GDPR); the platform Privacy Policy describes how they are retained. This processing introduces no new sub-processor. Questions about this processing can be directed to privacy@byteimagination.com.
Do not treat Invaro as your archive. You must not rely on Invaro as a record-keeping or archival system. We do not retain your invoice content, and the national system is the system of record for issued invoices. Keep your own copies as your business and tax obligations require.
3. Quotas, rate limits, and overage
- Quotas per plan are published on the Service's pricing page.
- Every API call counts. Each call to an Invaro API endpoint counts against your monthly quota if it was made with a recognised API Key, passed quota and rate-limit checks, and reached the Service's request handling. Issuing an invoice, retrieving an invoice, and managing a numbering series each count as a call.
- The following do not count against your quota: calls that fail authentication (missing or unrecognised API Key, no active Subscription); calls rejected because your monthly quota is already exhausted; calls rejected by our per-second rate limit; calls that fail due to a fault on our side; and calls that fail because the national system is temporarily unavailable (national-system outages, transport failures, or national-system server errors) — these surface to you as a service-unavailable response and consume no quota.
- A request the Service authenticated and then rejected for a reason within your control (for example a malformed invoice or a missing required field) does count — the Service performed work to process and reject it.
- Calls in excess of your quota are rejected with an error response and are not charged.
- Quotas reset at the start of each monthly usage window. For monthly subscribers this coincides with each billing period. For annual subscribers, the annual period is divided into monthly usage windows anchored to your subscription start date, and your quota resets at the start of each such monthly window — not once per year.
- Per-key short-burst rate limits may apply on our side to protect the Service; current values are documented in the API Reference.
- The national system imposes its own rate limits. KSeF (and any future national system) enforces per-taxpayer rate limits that are independent of ours. If the national system rate-limits one of your operations, that limit is surfaced back to you as a rate-limit response. Because such a limit reflects a restriction on your taxpayer account rather than a fault on our side, those calls do count against your quota (in contrast to national-system unavailability, above). Those are the national system's limits, not ours, and they apply regardless of your plan with us.
The web panel does not consume your API quota. The web panel for managing your account, API Keys, and Subscription uses session-based authentication and does not count against the monthly call quota.
4. Service availability
- The Service is provided on an as-is, as-available basis. No formal SLA is offered on Solo, Starter, or Pro plans. Enterprise SLAs are negotiated individually.
- Invaro depends on the national e-invoicing system, which we do not operate or control. The Service can only function when the national system (currently KSeF) is available and accepting requests. Its outages, scheduled maintenance windows, throttling, schema changes, or rejections are not failures of our Service for the purposes of availability and any SLA, and are excluded from any availability expectation or service credit owed for downtime. Where the national system is unavailable, our API returns an error reflecting the upstream condition, and such calls do not consume quota (see Section 3). This exclusion concerns the national system's own failures — it does not exclude defects in our Service itself (see Section 6a).
5. Issuance, idempotency, and numbering
- When you use a numbering series to assign the invoice number, supplying an idempotency key makes a retried issuance reuse the same number rather than consume a new one, within the idempotency window. This protects you from accidentally burning a number on a network retry.
- The national system performs document-level duplicate detection based on the content of each submission. This does not prevent two distinct but economically identical invoices from both being accepted if they differ in any way (such as timestamp or an internal identifier). Using an idempotency key on retry is your primary protection against duplicate issuance; the national system remains authoritative for what was ultimately issued.
- We validate the invoice against the national system's format schema before submission, but we do not verify the business or tax correctness of its contents. A request that passes our schema validation is not a representation by us that the invoice is correct, complete, or compliant with the applicable tax law of the relevant jurisdiction. That responsibility is yours (see Section 6).
6. Customer responsibilities
You are responsible for:
- keeping your e-invoicing credentials and session handles secret. They grant access to your taxpayer account and the ability to issue invoices in your name; treat them as you would any production credential. Supply them only through the API fields documented for that purpose, and do not embed them in query strings, URL paths, custom headers, or anywhere else they could be exposed or logged;
- safeguarding your Invaro API Keys and rotating them on personnel changes;
- the accuracy, legality, and timeliness of every invoice you issue. You are the taxpayer of record. You are solely responsible for ensuring that each invoice is correct, that it is issued when the law requires, and that it complies with the applicable tax law of the relevant jurisdiction and the requirements of the relevant national e-invoicing system. We do not validate business or tax correctness beyond the format schema (see Section 5);
- complying with the terms of use of the relevant national e-invoicing system and with applicable tax law;
- keeping your own copies of issued and retrieved invoices as your records require, since we do not retain invoice content (see Section 2).
You must not use Invaro to:
- submit invoices that do not reflect genuine transactions;
- issue invoices using credentials that are not legitimately yours, or otherwise impersonate another taxpayer's identity in the national e-invoicing system;
- probe, stress-test, overload, or attempt to disrupt the national e-invoicing system or any connected government system.
All invoice submissions must comply with applicable tax law and the rules of the relevant national e-invoicing system. This supplements, and does not limit, the platform Acceptable Use Policy.
6a. Liability — service-credit cap for Business Customers
The Service is intended for use in the course of a business or professional activity — issuing invoices in a national e-invoicing system presupposes that you act as a taxpayer. The allocation below reflects that context; it does not exclude or limit any mandatory right of a Customer who nonetheless qualifies as a consumer.
For a Business Customer, the cap on aggregate liability under §13 of the Terms of Service is further refined as follows for this Service:
- Our total aggregate liability for any claim arising out of or related to Invaro is limited to a service credit equal to the fees paid for the calendar month in which the event giving rise to the claim occurred, applied against the next invoice after the claim is resolved. Where no fees were paid for that month (for example during a free trial), no service credit accrues — but the good-faith cooperation below still applies, and for a Consumer Customer any mandatory consumer right applies unaffected by this limitation.
- A Business Customer's sole and exclusive remedy under this Service is the service credit described above. No cash refund is payable in lieu of service credit except where required by mandatory law.
- Defects in our Service are not excluded by Section 4. The exclusion of national-system failures in Section 4 does not extend to errors caused by the Service itself — for example, transmitting an invoice you did not intend to issue, or transmitting an invoice twice due to a fault on our side despite a correctly supplied idempotency key. Where a confirmed defect in our Service results in an invoice being incorrectly issued into the national system, we will, in addition to the service credit above, cooperate with you in good faith in any correction procedures the national system makes available under applicable law. Our liability for such cases remains subject to the cap in §13 of the Terms and to the exclusion of indirect and consequential damages.
For a Consumer Customer, the standard cap in §13 of the Terms of Service applies (lower of 12 months of fees or €100), without limitation of any mandatory consumer right.
7. Data retention specific to Invaro
| Data | Retention |
|---|---|
| E-invoicing credentials (certificate, private key, or session handle) you supply with a request | Used in memory for the duration of that request only; never stored; redacted from our logs when supplied through the designated API fields |
| Invoice content you submit for issuance or that we retrieve for you | Processed in transit only; never retained by us. The national system is the legal archive |
| Numbering series, counter state, and the numbering-feature activity log (only if you use the built-in numbering feature) | As described for the numbering feature — for the lifetime of your account; deleted on account closure |
| KSeF operation records (operation type, outcome, KSeF-assigned reference numbers, operational parameters) | 5 years from the date of the operation, then the record is deleted in full. The IP address and KSeF session reference attached to each record are cleared after 365 days; the record itself is kept for the remainder of the 5-year retention period |
| Account, authentication, usage, and billing records | As described in the platform Privacy Policy |
8. No archival guarantee; changes to the Service
- No archival guarantee. We do not archive your invoices. The national e-invoicing system is the official archive and system of record for issued invoices. Do not rely on Invaro to recover an invoice you did not keep a copy of and that is not retrievable from the national system.
- Changes to the Service. We may add, change, or remove features. Material changes that affect interoperability with your integration are notified at least 30 days in advance, in accordance with the master Terms of Service.
Questions about these Additional Terms can be directed to contact@byteimagination.com.