Privacy Policy

When you create an account, we collect your email address and name. When you upload receipts, we store the original files and all data extracted from them — vendor names, amounts, dates, line items, and any other fields our AI identifies. We also collect standard usage data such as the number of uploads, search queries, and feature interactions. We do not collect payment card details directly — these are handled by Stripe.

Your data is used to provide the ReceiptIQ service: storing your receipts, running AI extraction, enabling search, and managing your account. We may use aggregate, anonymised usage patterns to improve our AI models and product experience. We do not use individual receipt content to train models without your explicit consent. We use your email address to send transactional notifications (upload confirmations, billing receipts) and, if you opt in, product updates.

Receipt files and extracted data are stored in Supabase, which uses PostgreSQL for structured data and Supabase Storage (backed by S3-compatible object storage) for files. Search embeddings — vector representations of your receipts used to power semantic search — are stored in Qdrant, a dedicated vector database. Both Supabase and Qdrant infrastructure are hosted in the EU and/or US depending on your region. All data in transit is encrypted via TLS. All data at rest is encrypted by the storage providers.

Your receipts are private to your account. We do not share, sell, or expose your receipt data to third parties, other users, or advertisers. Receipt content is never used to train AI models without your explicit, opt-in consent. If you delete a receipt from your account, it is removed from all storage systems including our search index within 7 days.

We use a small number of trusted third-party services to run ReceiptIQ: • Stripe — for payment processing and subscription management. Stripe receives your billing details and handles all card transactions. Stripe's privacy policy applies to data they collect. • Supabase — for database and file storage. Your receipts and account data are stored on Supabase infrastructure. • Qdrant — for vector search. Anonymised embeddings of receipt text are stored in Qdrant to power semantic search. We do not use advertising networks, analytics tracking services, or social media plugins.

We retain your account data and receipts for as long as your account remains active. If you delete your account, all personal data and receipt files are permanently deleted within 30 days. Billing records may be retained for up to 7 years as required by financial regulations, but are stripped of personal identifiers where possible. Backups are rotated on a 30-day cycle.

You can access all your data at any time from your account dashboard. You can export your receipts and extracted data in CSV format at any time from the dashboard or via the API. You can delete individual receipts, or your entire account, from the Settings page. If you are in the EU or UK, you have rights under GDPR including the right to access, rectify, erase, and port your data. To exercise any of these rights or to request a full data export, contact us at hello@receiptiq.ai.

We use session cookies only — strictly necessary cookies that keep you logged in during your session. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. No data is shared with advertising networks. You can disable cookies in your browser, but doing so will prevent you from staying logged in.

If you have any questions about this privacy policy or how your data is handled, please contact us at hello@receiptiq.ai. We aim to respond to all privacy enquiries within 2 business days.