receiptbot.io

Privacy Policy

Last updated: January 2026

1. Introduction

ReceiptBot ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our service.

ReceiptBot is operated by Popoli AB, a company registered in Sweden.

2. Information We Collect

When you use ReceiptBot, we collect and process the following information:

Account Information

  • Your email address (from Google or Microsoft sign-in)
  • Your name (if provided by your email provider)
  • Your profile picture URL (if provided by your email provider)

Email Access

We request read-only access to your Gmail or Outlook account to search for receipt emails. We only access emails that match our receipt detection criteria (emails from known vendors containing receipt-related keywords). We do not read, store, or process your personal correspondence.

Receipt Data

  • Vendor information (name, email address)
  • Receipt amounts and currencies
  • Receipt dates and descriptions
  • Invoice numbers
  • PDF attachments from receipt emails

3. How We Store Your Data

Your data is stored securely using the following methods:

  • Database: User information and receipt data are stored in Supabase, hosted in the European Union (EU)
  • OAuth Tokens: Your email access tokens are stored encrypted and are only used to access your email when you perform a search
  • PDF Files: Receipt attachments are stored securely and are only accessible through your authenticated account

4. Third-Party Services

We use the following third-party services to operate ReceiptBot:

  • Supabase: Database hosting and authentication (EU)
  • Google OAuth: For Gmail sign-in and email access
  • Microsoft OAuth: For Outlook sign-in and email access
  • Resend: For sending receipts to your accounting inbox
  • Vercel: Application hosting

We do not sell, rent, or share your personal data with any other third parties for marketing or advertising purposes.

5. Data Retention

We retain your data for as long as your account is active. When you delete your account, all your data is permanently removed from our systems, including:

  • Your account information
  • All stored receipts and PDF files
  • Your search history
  • Your vendor preferences
  • OAuth tokens

6. Your Rights

Under GDPR and Swedish data protection law, you have the right to:

  • Access the personal data we hold about you
  • Correct any inaccurate personal data
  • Request deletion of your personal data
  • Export your data in a portable format
  • Withdraw consent for data processing at any time
  • Lodge a complaint with the Swedish Authority for Privacy Protection (IMY)

You can delete your account and all associated data at any time through the Settings page in the application.

7. Cookies and Tracking

ReceiptBot uses only essential cookies required for authentication and session management. We do not use:

  • Tracking cookies
  • Analytics cookies
  • Advertising cookies
  • Third-party tracking scripts

8. Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit (HTTPS)
  • Encryption of sensitive data at rest
  • Row-level security in our database
  • Regular security updates and monitoring

9. Changes to This Policy

We may update this Privacy Policy from time to time. If we make significant changes, we will notify you via email. The "Last updated" date at the top of this page indicates when the policy was last revised.

10. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us at:

Email: poyan@lifeinside.io

Company: Popoli AB

Country: Sweden