Smart Receipt ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.
Privacy-First Approach: Your receipt data is stored ONLY on YOUR device and YOUR personal Google Drive. We NEVER have access to your receipts or receipt content.
1. What We Collect (Very Little!)
1.1 Information Stored in Our Firebase Database
We store ONLY the following in our servers:
- Your Name: From your Google account (for display purposes)
- Your Email Address: From your Google account (for authentication)
- AI Token Balance: Number of AI scans you have remaining (for billing)
That's it! We store nothing else about you.
1.2 What We DON'T Collect
We do NOT collect, store, or have access to:
- Receipt Images or PDFs: Stored only on YOUR device
- Receipt Content: Merchant names, amounts, dates, items - we never see any of this
- Notes or Categories: Stored only on YOUR device
- Device Information: No device IDs, no phone numbers, no unique identifiers
- Location Data: We don't track where you are
- Usage Analytics: We don't track which features you use (except anonymous crash reports)
- Contacts or Photos: We only access what you explicitly share
2. How We Use Your Information
We use the minimal information we collect (name, email, token count) ONLY for:
- Authentication: To let you sign in with Google
- Billing: To track how many AI scans you've used
- Support: To help you if you contact us with questions
What we DON'T do with your information:
- We do NOT process your receipts (Google Gemini AI does that directly from your device)
- We do NOT sync your data (you sync directly with YOUR Google Drive)
- We do NOT send notifications (your device handles warranty reminders locally)
- We do NOT sell or share your data with anyone
- We do NOT use your data for advertising or marketing
3. Where Your Data is Stored
3.1 Your Receipt Data (On YOUR Device Only)
All receipt images, PDFs, and metadata are stored ONLY on your device using your phone's encrypted storage. We never see this data.
3.2 Optional Google Drive Backup (YOUR Google Drive)
If you enable Google Drive sync, your receipts are backed up to YOUR personal Google Drive account. This is a direct connection between your device and your Google Drive. We do NOT have access to your Google Drive or any files stored there.
3.3 Our Firebase Database (Minimal Data Only)
We store only your name, email, and AI token balance in Firebase. This data is protected by Firebase security rules that prevent unauthorized access.
4. Third-Party Services
The app uses these third-party services:
- Google Sign-In: For authentication (you sign in with your Google account)
- Google Drive API: YOU use this to backup to YOUR Google Drive (we don't access it)
- Google Gemini AI: Receipt images are sent directly from YOUR device to Google's AI for scanning. We never see the images or results.
- Firebase: We store your name, email, and token count. Also provides anonymous crash reporting.
- RevenueCat: Processes in-app purchases for AI token packages
- Google AdMob: Displays ads (may collect anonymous advertising data)
Important: When you scan a receipt with AI, the image goes directly from your device to Google Gemini AI. We never see, store, or have access to your receipt images.
5. Data Sharing
We do NOT sell, trade, or rent your information. Period.
We may share your minimal information (name/email) only in these rare cases:
- With Your Consent: If you explicitly ask us to share information
- Legal Requirements: If required by law (court order, subpoena)
- Service Providers: Firebase and RevenueCat need your email for authentication and billing (they cannot use it for other purposes)
6. Your Rights
You have complete control over your data:
- Access: View your name, email, and token balance in the app
- Delete: Request account deletion by emailing us (see Contact section below)
- Export: Export your receipts from your device or Google Drive anytime
- Opt-Out: Don't want Google Drive sync? Don't enable it. It's optional.
7. Data Retention
We keep your name, email, and token balance as long as you have an account. When you request account deletion, we remove this data from our servers within 15 days.
Your receipts: Since we don't store your receipts, there's nothing for us to delete. They're on YOUR device and YOUR Google Drive.
8. Children's Privacy
Our app is not intended for children under 13. We do not knowingly collect information from children under 13.
9. International Users
Your minimal data (name, email, token count) is stored in Firebase servers which may be located in different countries. Firebase complies with international data protection laws.
10. Changes to This Policy
We may update this Privacy Policy. We'll notify you by updating the "Last updated" date. Continued use of the app means you accept the changes.
11. California Privacy Rights (CCPA)
California residents have these rights:
- Right to know what personal information we collect (name, email, token count)
- Right to delete your information (email us to request deletion)
- Right to opt-out of sale of personal information (we don't sell your data)
- Right to non-discrimination
12. GDPR Compliance (European Users)
If you're in the European Economic Area (EEA), you have these rights under GDPR:
- Right to access your data
- Right to correct inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing