Privacy Policy for Receiptly: Receipt Tracker

Effective Date: January 1, 2026  Last Updated: June 21, 2026

1. Introduction

Code Xcess ("we," "us," or "our") operates the Receiptly mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App, including when you create, join, or use a Group (a shared receipt space).

Please read this Privacy Policy carefully. By using Receiptly, you agree to the collection and use of information in accordance with this policy.

What's new in this version: This policy has been updated to cover Groups (shared receipt spaces between multiple users) and our use of Amazon SES to deliver Group invitation emails. If you've read a previous version of this policy, please review §3 (Groups), §5 (Third-Party Services), and §7 (Data Retention) for what's changed.

2. Information We Collect

2.1 Personal Information

When you use Receiptly, we may collect the following personal information:

• Account Information: Email address, display name, and profile picture (if using Google Sign-In)
• Authentication Data: Login credentials and authentication tokens
• Payment Information: Purchase receipts and subscription status (processed through Google Play Billing and App Store)

Your display name is editable in-app and is not limited to your Google account name. If you are a member of a Group, your display name is visible to other members of that Group (see §3.4).

2.2 Receipt Data

• Receipt Images/PDFs: Documents you upload through the App
• Extracted Receipt Information: Merchant name, date, price, category, currency, payment method, and notes extracted via OCR or AI scanning
• Receipt Metadata: Upload date, last-edited date, favourite status, receipt type (income/expense)
• Custom Categories & Payment Methods: Custom category names/icons and custom payment method names you create (personal or, if applicable, Group-level)

2.3 Group Data

If you create, join, or are invited to a Group, we additionally process:

• Invitee Email Address: When another user invites you to a Group, we collect and temporarily store the email address they entered, in order to send the invitation and verify your identity when you accept it
• Group Membership: Which Groups you belong to, your role within each Group (Owner, Admin, or Member), and when you joined
• Shared Receipt Data: Receipts uploaded to a Group, and who uploaded or last edited each one (visible to other Group members, see §3.4)

2.4 Device Information

• Device Identifiers: A device-specific identifier and FCM token used for push notifications
• Usage Data: App interactions, feature usage, and error logs
• Storage Usage: Amount of storage consumed by your receipts (personal and, if applicable, each Group you own)

2.5 Automatically Collected Information

• Technical Data: IP address, device type, operating system, app version
• Analytics Data: App performance metrics and crash reports

3. Groups (Shared Receipts)

Receiptly's Group feature lets multiple users share one receipt history, for example, couples, families, or small businesses. Internally, this feature is referred to as a "workspace," but is labelled "Group" throughout the App.

3.1 Who Can Use Groups

• Creating and owning a Group requires a Premium subscription. The Group owner allocates storage and AI-scan quota from their own plan to the Group.
• Joining a Group as a member is available to users on any subscription plan, including Free.

3.2 How Group Invitations Work

When an existing Receiptly user invites you to a Group:

1. They enter your email address in the App.
2. We send you an invitation email via Amazon SES (see §5.5) containing a secure, time-limited link.
3. The link expires after 48 hours and can only be used once.
4. If you don't already have a Receiptly account, the link will prompt you to create one before joining.
5. You must accept the invitation while signed in with the same email address the invitation was sent to.

We retain a record of the invitation (the invited email address, who sent it, and its status) until it is accepted, revoked, or expires.

3.3 What Happens to Data Inside a Group

• Receipts uploaded to a Group belong to the Group, not to the individual member who uploaded them. If a member leaves or is removed from a Group, their previously uploaded receipts remain in the Group and remain visible to other members.
• Your personal receipts (those not uploaded to a Group) are never visible to other users, including other members of any Group you belong to.
• You choose, at the time of uploading a receipt, whether it is saved to your personal space or to a specific Group. This choice is explicit: a personal receipt is never automatically shared into a Group.

3.4 What Other Group Members Can See About You

If you are a member of a Group, other members of that same Group can see:

• Your display name, shown next to receipts you've uploaded or edited within that Group ("Uploaded by" / "Last update by")
• Receipts you upload to that Group, and any edits you make to Group receipts
• Your role within the Group (Owner, Admin, or Member)

Other Group members cannot see:

• Your personal (non-Group) receipts
• Your email address (beyond what was used to invite you, if they were the inviter)
• Your activity in any other Group you belong to
• Your personal subscription plan or billing information

3.5 Group Data Retention and Deletion

• While a Group's owner maintains an active Premium subscription, Group data is retained indefinitely.
• If the owner's Premium subscription lapses (expires, is cancelled, or downgraded), the Group is locked (read-only) and enters a grace period.
• If the subscription is not restored within the grace period, all data belonging to that Group, including every member's uploaded receipts, is permanently deleted. This differs from personal account retention (see §7), because Groups are a Premium-exclusive feature with no equivalent storage allowance on lower plans.
• Members of a Group receive in-app and push notifications at multiple points during the grace period, so they have the opportunity to export their data or encourage the owner to restore their subscription.
• If you leave a Group voluntarily, or are removed by an Owner/Admin, your access ends immediately, but receipts you previously uploaded remain part of the Group (see §3.3) unless the Group itself is later deleted.

4. How We Use Your Information

We use the collected information for the following purposes:

4.1 Service Delivery

• Provide OCR and AI-powered receipt scanning functionality
• Store and manage your receipt documents, personal and Group
• Generate expense and income summaries on your dashboard
• Deliver push notifications about subscription status, data retention, and Group activity

4.2 Account Management

• Create and maintain your user account
• Process authentication via email or Google Sign-In
• Manage subscription plans and billing
• Manage Group membership, roles, and invitations

4.3 AI Processing

• Process receipt images using Google Gemini AI (via Firebase AI Logic SDK)
• Track AI scan usage based on your subscription plan (and, for Group uploads, the Group owner's allocated quota)
• Provide accurate data extraction from receipts

4.4 Storage Management

• Store receipt images and PDFs on Wasabi Cloud Storage
• Generate secure presigned URLs for file access
• Enforce storage quotas based on subscription tier and, for Groups, the owner's allocation
• Execute data retention policies for expired subscriptions and expired Group ownership

4.5 Communication

• Send subscription expiry warnings
• Notify users about impending data deletion (personal or Group)
• Send Group invitation emails
• Notify Group members of changes to Group status (locked, grace period, deletion, membership changes)
• Respond to customer support inquiries

4.6 Improvements

• Analyze app usage to improve features
• Fix bugs and optimize performance
• Develop new functionality

5. Data Processing and Third-Party Services

5.1 Firebase Services (Google)

• Firebase Authentication: User authentication and account management
• Cloud Firestore: Storage of receipt metadata, user profiles, and Group data
• Firebase AI Logic SDK: AI-powered receipt scanning using Gemini AI
• Firebase Cloud Messaging: Push notifications
• Firebase Cloud Functions: Backend business logic
• Privacy Policy: https://firebase.google.com/support/privacy

5.2 Wasabi Cloud Storage

• Purpose: Secure storage of receipt images and PDFs, for both personal and Group receipts
• Security: Private bucket with time-limited presigned URLs (1-hour expiry); Group receipts are stored under a separate storage path from personal receipts
• Location: Data stored in Wasabi's ap-southeast-1 (Singapore) infrastructure
• Privacy Policy: https://wasabi.com/legal/privacy-policy

5.3 Google ML Kit

• Purpose: Basic OCR text recognition from receipts
• Processing: On-device processing
• Privacy Policy: https://developers.google.com/ml-kit/terms

5.4 Syncfusion Flutter PDF

• Purpose: PDF processing and generation
• Processing: On-device processing
• Privacy Policy: https://www.syncfusion.com/company/privacy-policy

5.5 Amazon SES (Amazon Web Services)

• Purpose: Delivery of Group invitation emails
• What is shared: When you invite someone to a Group, the invitee's email address is shared with Amazon SES solely to deliver the invitation message. AWS does not use this information for any purpose other than email delivery on our behalf.
• Location: Processed via AWS infrastructure in the ap-southeast-1 (Singapore) region
• Monitoring: We use Amazon CloudWatch to monitor email delivery, bounce, and complaint rates, in order to maintain reliable delivery and detect invalid or abusive use of the invitation feature
• Privacy Policy: https://aws.amazon.com/privacy/

5.6 Payment Processors

• Google Play Billing: Android in-app purchases
• Apple App Store: iOS in-app purchases
• Payment information is processed directly by these platforms and is not stored by us

6. Data Sharing Within the App

Other than the third-party service providers listed in §5 (who process data strictly on our behalf to operate the App), we do not sell, rent, or trade your personal information to third parties.

The only circumstance in which your information is visible to other users of the App is described in §3.4 (Group membership), and only to members of a Group you have explicitly joined, and only to the extent described there.

7. Data Retention

7.1 Personal Account: Active Users

• Free Users (100MB): Receipts stored permanently with no automatic deletion
• Paid Users: Receipts stored permanently while subscription is active

7.2 Personal Account: Expired Subscriptions

When a paid subscription expires:

• Users are downgraded to the free tier (100MB limit)
• 6-Month Grace Period: If storage exceeds 100MB, we provide 6 months before deletion
• Multi-Stage Notifications: 10 notifications sent during the grace period via push, in-app modal, and dashboard snackbar
• Automatic Deletion: After the grace period, oldest receipts (by upload date) are deleted until storage falls below 100MB
• Reactivation: Users can renew their subscription at any time to prevent deletion

7.3 Group Data Retention

See §3.5 above. In summary: Group data is retained while the owner's Premium subscription is active, and is fully and permanently deleted, for every member, if the owner's subscription is not restored before the end of the grace period following expiry.

7.4 Group Invitations

Pending Group invitations expire 48 hours after being sent. We retain a record of the invitation status (pending, accepted, revoked, or expired) for audit purposes.

7.5 Account Deletion

If you delete your account:

• All your personal receipt data and metadata will be permanently deleted within 30 days
• If you are the owner of one or more Groups, you must transfer ownership or delete those Groups before your account deletion can proceed, to protect other members' access to shared data
• If you are a member (not owner) of a Group, your account deletion does not affect the Group or its other members; receipts you previously uploaded remain part of the Group
• Backups may be retained for up to 90 days for recovery purposes
• Anonymized analytics data may be retained indefinitely

8. Data Security

We implement appropriate technical and organizational measures to protect your data:

• Encryption: Data encrypted in transit (HTTPS/TLS) and at rest
• Authentication: Secure Firebase Authentication with industry-standard protocols
• Access Control: Presigned URLs with 1-hour expiry for receipt access
• Private Storage: Receipt files (personal and Group) stored in private Wasabi buckets, never publicly accessible
• Server-Side Validation: Critical business logic, including Group membership and quota enforcement, executed on secure backend servers, never trusted to the client
• Secure Invitations: Group invitation links use cryptographically signed, single-use, time-limited tokens
• Secrets Management: API keys and signing secrets are stored in a dedicated secrets manager, never in application code
• Regular Security Audits: Ongoing monitoring and security assessments

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

9. Your Data Rights

Depending on your location, you may have the following rights:

9.1 Access and Portability

• Request a copy of your personal data
• Export receipt details to Excel (Pro and Premium plans)
• Download selected receipts as a ZIP file (Pro and Premium plans)

9.2 Correction

• Edit receipt information directly in the App, personal or Group
• Update your account information, including your display name

9.3 Deletion

• Delete individual receipts at any time
• Leave any Group at any time
• Request full account deletion through app settings or by contacting us

9.4 Objection

• Opt out of push notifications in device settings
• Choose AI usage preferences (always use, never use, or ask each time)
• Decline a Group invitation

9.5 Data Minimization

• We only collect data necessary for app functionality
• You control what receipts you upload, and whether they go to your personal space or a Group
• An invitee's email address is only used to deliver and verify a Group invitation, and is not used for any other purpose

To exercise these rights, please contact us at the email address provided in §13.

10. Children's Privacy

Receiptly is not intended for users under 13 years of age (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using Receiptly, you consent to the transfer of your information to our service providers' facilities, including those in the United States and other countries where our third-party services (such as Firebase and Amazon Web Services) are hosted. Where possible, we configure our infrastructure to process and store data in the ap-southeast-1 / asia-southeast1 (Singapore) region.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy in the App
• Updating the "Last Updated" date
• Sending a push notification for material changes

Your continued use of the App after changes constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:

Code Xcess
Email: codexcessdev@gmail.com

For data protection inquiries specifically, please include "Privacy Policy" in your email subject line.

14. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of sale of personal information (Note: We do not sell personal information)
• Right to deletion of personal information
• Right to non-discrimination for exercising your rights

15. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

Legal Basis for Processing:

• Contract performance (providing app services, including Group functionality you opt into)
• Legitimate interests (improving app functionality, maintaining email deliverability and security)
• Consent (optional features like AI scanning and Group invitations)

16. Consent

By using Receiptly, you acknowledge that you have read and understood this Privacy Policy and agree to its terms. By creating, joining, or remaining a member of a Group, you additionally acknowledge that your display name and Group-uploaded receipts will be visible to other members of that Group, as described in §3.

This Privacy Policy is governed by the laws of Malaysia.

Privacy Policy v2.0 · Receiptly · Effective June 21, 2026