Privacy Policy
Last updated: February 2025
1. Introduction
Receiptly (“we”, “our”, “the App”) is an expense and receipt tracking application. This Privacy Policy explains what data we collect, how we use it, and your rights regarding your information when you use the App.
2. Data We Collect
Account and profile: When you register (by email and password or Google Sign-In), we store your email address (username), and optionally your name, last name, preferred currency and language. Passwords are stored in hashed form. If you use Google Sign-In, we receive your email and basic profile data from Google in accordance with Google’s policies.
Receipts and expense data: The data you add in the App—such as receipt images, amounts, dates, shops, categories, and positions—is stored on our servers. Receipt images may be stored in secure cloud storage (e.g. AWS S3) to display and process them in the App.
Subscription and billing: When you subscribe to a paid plan, purchases are processed by the app store (App Store or Google Play) and our billing provider (RevenueCat). We receive subscription-related events (e.g. plan type, renewal, expiration, product changes) to manage your access and limits in the App. We do not store your full payment card details; payment is handled by the store.
Sessions and device: To keep you signed in, we use session tokens (e.g. stored securely on your device). We may store information such as user-agent or device type for security and support.
3. How We Use Your Data
We use your data to provide and improve the App: to authenticate you, store and display your receipts and analytics, apply subscription limits, send transactional emails (e.g. email verification) via our email provider (e.g. Mailjet), and to respond to support or legal requests. We do not sell your personal data to third parties.
4. Third-Party Services
We use the following types of third-party services: (1) Google for sign-in; (2) RevenueCat and the app stores for subscriptions; (3) cloud storage (e.g. AWS S3) for receipt images; (4) email delivery (e.g. Mailjet) for verification and notifications. Each of these has its own privacy policy; we recommend reviewing them. Data shared with these providers is limited to what is necessary to operate the App.
5. Data Retention
We retain your account and receipt data for as long as your account is active. After you delete your account or request deletion, we will remove or anonymize your data within a reasonable period, except where we must retain it for legal or legitimate operational reasons.
6. Your Rights
Depending on your location, you may have the right to access, correct, or delete your personal data, to object to or restrict certain processing, and to data portability. You can update your profile and account settings in the App. For other requests (e.g. full export or deletion), please contact us using the details provided in the App or on our website. If you are in the EEA or UK, you also have the right to lodge a complaint with a supervisory authority.
7. Security
We use industry-standard measures to protect your data (e.g. encryption in transit, secure storage, access controls). You are responsible for keeping your login credentials safe.
8. Children
The App is not directed at children under 13 (or the applicable age in your jurisdiction). We do not knowingly collect personal data from children. If you believe we have collected such data, please contact us so we can delete it.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes (e.g. in the App or by email). The “Last updated” date at the top indicates when the policy was last revised.
10. Contact
For privacy-related questions or to exercise your rights, please contact us through the contact details provided in the App or on our website.