Effective Date: 4/5/2025

1. Introduction

Receiptify (“we”, “us”, “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our services—including our mobile and web applications—and how we integrate with third-party services such as Gmail via OAuth and OpenAI’s API. By using Receiptify, you agree to the collection and use of your information in accordance with this Privacy Policy.

2. Definitions

• Personal Information: Any information that can be used to identify you, including but not limited to your name, email address, and any data associated with your account.

• Receipt Data: Information extracted from your emails (with your explicit permission) that includes details about purchases, such as purchase dates, return deadlines, and links to the associated emails.

• OAuth: An industry-standard protocol for authorization that Receiptify uses to access your Gmail account without storing your login credentials.

• Return Policy Data: Information regarding return periods for various retailers, which we retrieve via OpenAI’s API and store for future use.

• Service Providers: Third parties that help us operate our services (e.g., cloud hosting providers, analytics services).

3. Information We Collect

A. Personal Information You Provide

• Authentication Data: When you sign in via Gmail using OAuth 2.0, we collect your email address and basic profile information. This is solely for the purpose of authenticating your account and accessing receipt data from your emails.

• User-Submitted Data: Any data you voluntarily provide through our application (such as preferences or additional details) is collected and stored securely.

B. Receipt Data

• Email Receipts: With your explicit consent, Receiptify accesses your Gmail account to scan for emails with keywords such as “Receipt”, “Order”, or “Purchase.” We extract receipt data (e.g., purchase date, return deadline, and a link to the email) using algorithmic methods.

• Sender Verification: We verify that the emails come from valid retailer domains. The list of valid companies includes (but is not limited to): H&M, Amazon, TJ Maxx, SHEIN, NIKE, Adidas, Lululemon, Prada, Polo Ralph Lauren, Skechers, Birkenstock, GAP, Dillards, Levi Strauss & Co, Puma, JD Sports Fashion, Crocs, Columbia Sportswear Company, Urban Outfitters, Macy's, Under Armour, Burberry, Aritzia, American Eagle Outfitters, Nordstrom, Victoria's Secret, Foot Locker, KOHL'S, and JC Penney.

• Return Policy Data: For receipts from new retailers, Receiptify retrieves the standard return period by querying OpenAI’s API. This return policy data (e.g., “30 days”) is stored in our database and applied to future receipts from that retailer.

C. Usage and Technical Data

• Device and Log Data: We automatically collect information about your device (e.g., operating system, device type), your usage of our service, IP address, and other diagnostic data to help improve our services.

• Cookies and Similar Technologies: We may use cookies and similar tracking technologies to enhance your user experience and analyze usage patterns.

4. How We Collect Information

• OAuth Integration: Receiptify uses OAuth 2.0 to connect to your Gmail account. You are redirected to Gmail’s secure login page to authorize access, and only minimal authentication data is stored.

• Gmail API: With your consent, we use the Gmail API to search and retrieve emails that match our criteria. Only emails containing keywords like “Receipt”, “Order”, or “Purchase” are scanned.

• Automated Processing: Our backend automatically parses emails using algorithmic techniques (such as regex-based extraction) to identify key receipt details. If a receipt is determined to be valid, a link to the email and other receipt details are stored in our database.

• OpenAI API: For companies without an existing return policy in our database, we call OpenAI’s API to determine the standard return period, which is then stored for future reference.

5. How We Use Your Information

We use the information we collect to:

• Provide and maintain Receiptify’s services.

• Authenticate and manage your account.

• Automatically extract and display receipt data from your Gmail account.

• Send you notifications regarding return deadlines.

• Retrieve and store return policy information for retailers.

• Analyze and improve our services.

• Ensure legal and regulatory compliance.

6. How We Share Your Information

We do not sell your personal data. We may share your information only in the following situations:

• Service Providers: We share data with trusted third-party service providers who assist us in operating our service (e.g., cloud hosting, analytics) under strict confidentiality agreements.

• Legal Requirements: We may disclose your information if required by law, regulation, or legal process (such as a subpoena or court order).

• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the relevant party, subject to the confidentiality provisions of this Policy.

7. Data Retention

We retain your data for as long as necessary to provide you with our services or as required by law. If you delete your account, we will remove your data from our active systems, although it may be retained in backup systems for a limited period.

8. Data Security

We implement industry-standard security measures (including encryption, secure storage, and access controls) to protect your data. However, no method of electronic storage or transmission is completely secure, and we cannot guarantee absolute security.

9. International Data Transfers

Your data may be transferred to and maintained on servers located outside your jurisdiction. We ensure that all such transfers comply with applicable legal requirements and are secured by appropriate safeguards.

10. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access your personal information.

• Correct or update your personal information.

• Request deletion of your personal information.

• Object to or restrict certain processing activities.

• Request data portability. To exercise any of these rights, please contact us at support@receiptify.com.

11. Children’s Privacy

Our service is not intended for children under the age of 13. We do not knowingly collect data from children under 13. If you believe we have inadvertently collected such data, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. If we make material changes, we will notify you via email or through our app and update the effective date above. Your continued use of Receiptify after any changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: support@receiptify.com.
This Privacy Policy was last updated on 4/5/2025.