Privacy Policy
Last updated: April 2026
At Expenz, your privacy is fundamental to how we build our product. This policy explains what we collect, why we collect it, and how you stay in control. It applies to the Expenz mobile application and website.
The Short Version
- ✅ We only store your email address — no name, phone, or address
- ✅ We never sell your data
- ✅ Receipt images are processed by AI and deleted within 90 days
- ✅ You can delete your account and all your data at any time
- ✅ We are UK GDPR compliant
1. Who We Are (Data Controller)
Expenz ('we', 'us', 'our') is a trading name operated by an independent sole developer who is the data controller responsible for your personal data. For privacy matters contact support@expenz.app. We are committed to protecting your privacy and handling your data transparently in accordance with the UK GDPR and the Data Protection Act 2018.
2. The Short Version
• We use your email for passwordless sign-in (magic link / OTP). • We sync expense data you create (including text extracted from receipts) to our database so you can use the app across devices. • Receipt photos are stored on your device. Before AI extraction you can open an editor to adjust the crop and draw blackout strokes on the preview; the JPEG you confirm is what we send to our backend and then to an AI provider (OpenAI or Google Gemini, depending on your in-app setting). The first time you use AI scanning we show a notice and ask you to confirm. • Under Receipt privacy in Settings you can turn off saving full receipt text in your synced data (“Save full receipt text (searchable)”); we still request structured fields such as amount, date, currency, and merchant. When that option is on, extracted data can include a fuller copy of visible document text for search — sensitive lines can still appear if they are visible in the image you send. • Vision models process the pixels in the image you send; cropping and markup reduce what appears in that image but are not a substitute for careful judgment about what you photograph or upload. • We use RevenueCat and the app stores for subscriptions; we use Supabase for auth and data; we use Frankfurter for exchange rates. • We do not sell your personal data. You can request account deletion by contacting support.
3. Information We Collect
(a) Account: email address and authentication data from Supabase Auth (e.g. one-time sign-in codes). (b) Financial and expense records you create: amounts, currencies, dates, categories, notes, merchant/description fields, custom field values, and (if you leave the in-app option enabled) fuller extracted text from documents for search. (c) Receipt and invoice images: you capture or pick images on your device. You may crop or apply blackout markup in the pre-scan editor; the app sends the resulting image data to our servers for AI extraction when you proceed. Original files are stored locally on your device at paths recorded in your data unless you remove them. (d) Technical data: IP address and device/app metadata may be processed automatically by our hosting and AI providers when you use the service. (e) Purchases: subscription status is processed via RevenueCat and Apple/Google; we do not receive your full card details from those purchases. (f) Support: if you email us, we keep the correspondence needed to respond.
4. Legal Bases (UK GDPR)
We rely on: (a) Contract — to run the service you signed up for; (b) Legitimate interests — security, abuse prevention, and proportionate product improvement; (c) Consent — where we ask it (for example the in-app confirmation before you first send a receipt for AI extraction, and where applicable your choices in Settings such as receipt text storage).
5. AI Receipt and Invoice Scanning
Flow: you can edit the preview (crop and optional blackout strokes), then confirm. The image sent for extraction is the one produced from that step (typically a JPEG). It goes to our system and then to the AI provider selected in Settings, which processes the pixels in that file to return structured fields. The first time you use AI scanning, the app shows a notice and asks you to confirm before sending. Receipt privacy setting: if “Save full receipt text (searchable)” is on (default), we also ask the model for a fuller text field for search and storage; if you turn it off, we still request key transaction fields but do not aim to retain a full transcript of the document in your synced data — note that structured fields may still echo short fragments from the receipt. Outputs may be inaccurate; verify amounts and details before relying on them. Anything still visible in the image you send may be read by the model. AI providers handle data under their own terms and privacy policies. We do not use your content to train our own models; whether a third-party provider trains on API data depends on their policies for the product tier in use.
6. How We Share Data
We use trusted third-party service providers (“processors”) to help operate and improve our app, including: • Supabase (authentication, database, and backend services) • OpenAI and/or Google (AI-powered receipt and invoice data extraction) • RevenueCat (subscription management) • Apple App Store and Google Play (payment processing) These providers process personal data only on our behalf and in accordance with applicable data protection laws. We may also disclose information where required to comply with legal obligations. We do not sell your personal data.
7. International Transfers
Supabase, AI providers, and RevenueCat may process data outside the UK/EEA (including the US). We use appropriate safeguards where required (e.g. Standard Contractual Clauses / UK IDTA) via our agreements with suppliers. You may ask support@expenz.app for more detail.
8. Retention
We keep account and synced transaction data while your account is active and delete or anonymise it within a reasonable period after a confirmed deletion request, subject to legal obligations. Receipt image files on your device remain until you delete the transaction or uninstall the app. Support emails are kept only as long as needed to handle your request.
9. Security
We use industry-standard transport encryption (HTTPS/TLS) between the app and our services. Database access is protected by authentication and row-level security so each user can normally access only their own rows. No method of storage or transmission is completely secure.
10. Your Rights
You may have rights to access, rectify, erase, restrict, object, and port data, and to complain to the ICO (ico.org.uk). Contact support@expenz.app to exercise rights. We may verify your identity before fulfilling requests.
11. Children
Expenz is not intended for children under 18. If you believe a child has provided data, contact us and we will take appropriate steps.
12. Changes
We may update this policy. We will post the new date at the top and, where appropriate, notify you in the app or by email.
13. Contact
Email: support@expenz.app
14. In-app privacy tools (expectations)
Crop, blackout markup, first-use AI consent, and the Receipt privacy setting are intended to give you clearer control over what image is transmitted and what receipt text we aim to keep in your synced account. They support sensible practice but do not guarantee a particular legal outcome, anonymity, or compliance with any specific law, regulator, or contract; you remain responsible for how you use the service and for seeking professional advice where you need it.