Privacy Policy

Last updated: February 1, 2026

Beta Notice: This app is in beta for invited users only. This policy is a good-faith disclosure and has not been reviewed by legal counsel. It will be updated before any commercial release.

The Short Version

What we DO

✓ Encrypt all your data
✓ Use bank-grade security
✓ Let you delete your data anytime
✓ Only access what's needed

What we DON'T do

✗ Sell your data
✗ Share with advertisers
✗ Store bank passwords
✗ Read unrelated emails

1. Introduction

Receipt Analyzer is a personal finance application that helps you understand your spending by connecting your bank accounts and email to provide intelligent transaction categorization and analysis. This Privacy Policy explains how we collect, use, store, and protect your information.

2. Information We Collect

Account Information (via Google)

Email address

Name

Profile picture

Financial Data (via Plaid)

We receive:

Account info

Name, type, institution

Transactions

Date, amount, merchant

Balances

Current and available

We never receive:

Bank login credentials

Full account numbers

Your bank password

Email Data (via Gmail, optional)

We access:

Purchase receipts

Order confirmations only

Email metadata

Sender, subject, date

We never:

Read unrelated emails

Store full email content

Access your password

3. How We Use Your Data

Purpose	Data Used
Provide the service	Account info, financial data, email data
Match transactions to receipts	Transaction data, email receipts
Categorize transactions	Transaction descriptions, merchant names
Generate spending insights	Transaction history, categories
Send verification codes	Email address

AI-Powered Analysis

We use OpenAI to generate readable transaction descriptions and suggest categories.

• Only transaction descriptions and amounts are sent
• No personally identifiable information included
• Data is not used to train AI models

4. Third-Party Services

We use trusted partners to provide our services:

Plaid

Secure bank account connections

Google

Authentication and Gmail access

OpenAI

Transaction analysis and categorization

Resend

Verification email delivery

Vercel

Application hosting

5. Data Storage & Security

Security Measures

Encryption in transit (TLS 1.2+)
Encryption at rest (AES-256)
App-level encryption for tokens
MFA for bank connections
Rate limiting & audit logging

Data Location

Your data is stored in encrypted Vercel Postgres databases located in United States data centers.

6. Data Retention

Data Type	Retention Period
Account information	Until you delete your account
Transaction data	Until account deletion or bank disconnect
Email receipt data	Until account deletion or Gmail disconnect
Log data	90 days
Verification codes	24 hours

7. Your Rights

Access

View all data we've collected through the app interface.

Delete

Delete your account, disconnect banks, or remove Gmail access anytime.

Revoke

Revoke access through the app or directly in your Google Account settings.

California Privacy Rights (CCPA)

California residents have additional rights: right to know, right to delete, right to opt-out of sale (we don't sell data), and right to non-discrimination.

Plaid Data Access Disclosure

By using Receipt Analyzer, you authorize Plaid Inc. to access your financial accounts on our behalf.

Account verification

Confirming your account ownership

Transaction access

Retrieving your transaction history (up to 24 months)

Balance information

Accessing current and available balances

You can revoke this access anytime by disconnecting your bank in the app. For more information, see Plaid's End User Privacy Policy.

This privacy policy is provided for informational purposes during beta testing.
Consult with a qualified attorney before commercial use.

Questions? Contact us through the feedback feature in the app.