receiptbot.ioSign in
Back

Your privacy is not negotiable

We built receiptbot with privacy as the foundation, not an afterthought. Here's exactly how we handle your data.

What we access

  • Email metadata (sender, subject, date) to identify receipts from known vendors
  • Attachment content only for emails matching known receipt senders (Apple, Spotify, etc.)
  • That's it. Nothing else. Ever.

What we NEVER do

  • Read your personal emails
  • Store your email content on our servers
  • Sell or share any data with third parties
  • Access your contacts, drafts, or sent mail
  • Keep access after you disconnect your account

Technical details

Read-only OAuth

Gmail: gmail.readonly
Outlook: Mail.Read

Encrypted in transit

All connections use TLS 1.3 encryption. Your tokens are encrypted at rest.

Minimal data storage

We only store receipt metadata (vendor, amount, date). PDFs are cached temporarily.

EU data residency

All data is stored in EU data centers, compliant with GDPR requirements.

You're always in control

Disconnect anytime

Revoke access with one click. We immediately lose all access to your email.

Delete your data

Request complete data deletion at any time. We'll remove everything within 24 hours.

Questions about security? security@receiptbot.io

Get started securely