Last updated: · Effective date:
This Privacy Policy describes how the ReceiptIQ mobile application ("ReceiptIQ", "we", "us", or "our") collects, uses, stores, shares, and protects your information. ReceiptIQ is a receipt-scanning and tax-deduction tracking app built for self-employed freelancers. By installing or using the app, you agree to this policy.
If you do not agree with this policy, please do not install or use ReceiptIQ.
We use the information we collect to:
ReceiptIQ uses two AI components. They have very different privacy properties; this section explains both.
When you scan a receipt, the app first uses Google ML Kit Text Recognition to convert the receipt photo into raw text. This step runs entirely on your device. The image and the recognized text are not transmitted to Google or to us during this step.
The recognized text is then sent to Google Gemini Flash Lite, an AI service operated by Google, to extract structured fields (vendor, amount, date, category) from it. The same Gemini service is used by the optional AI Deduction Coach to analyze whether a receipt qualifies as a tax deduction.
What we send to Gemini:
What we do not send to Gemini:
Google's processing of data sent to the Gemini API is governed by the Gemini API Additional Terms. Google states that data sent to the paid Gemini API is not used to train Google's foundation models.
To minimize repeat calls, the AI's answer for each receipt is cached locally on your device (and synced to your account in our cloud database) keyed by a hash of the receipt's content. Editing the receipt invalidates the cache and triggers a fresh call.
ReceiptIQ uses the following third-party services. Each service has its own privacy policy, linked below. Where required, we have configured the service so that data flows are limited to what is necessary for the feature.
| Service | Purpose | Data shared |
|---|---|---|
| Supabase | Authentication, cloud database, encrypted file storage for receipt photos. | Email, hashed password, your receipts and mileage entries, and your receipt photos. |
| Google Gemini API | AI processing of receipt OCR text and deduction analysis. | OCR text and receipt fields (vendor, amount, date, category, notes). No images, no account identifiers. |
| Google AdMob | Banner and interstitial advertisements for users who have not purchased Remove Ads. | Subject to your consent: advertising identifier, ad interaction data, IP address, approximate location, device information. None for users who have purchased Remove Ads. |
| Apple App Store / In-App Purchase | Processing the one-time Remove Ads purchase on iOS. | Apple receives the purchase transaction. We receive a transaction receipt that confirms the purchase but does not contain your payment details. |
| Google Play Billing | Processing the one-time Remove Ads purchase on Android. | Google receives the purchase transaction. We receive a transaction confirmation that does not contain your payment details. |
| OpenStreetMap | Map tiles displayed during active mileage tracking. | Approximate map viewport (used to fetch the visible tiles) and standard HTTP request information. |
We do not sell your personal information. We do not "share" your personal information for cross-context behavioral advertising as that term is defined under the California Consumer Privacy Act (CCPA), except as disclosed under Advertising.
We share information with third parties only:
If you have not purchased the "Remove Ads" upgrade, the app displays banner and interstitial advertisements via Google AdMob.
Consent. On first launch, we present the Google User Messaging Platform (UMP) consent flow. In regions where consent is required (the European Economic Area, the United Kingdom, Switzerland, and CCPA-eligible US states), you can accept, reject, or customize the data uses Google AdMob applies. Your choice persists across launches; you can change it later in Settings.
What AdMob may collect. Subject to your consent: an advertising identifier, ad interaction data (which ad you saw, whether you tapped it), IP address, coarse location, and device characteristics. AdMob's collection is governed by Google's privacy policy and is independent of your ReceiptIQ account.
How to remove ads completely. Settings → Remove Ads → one-time purchase. Once purchased, no ad requests are made and no ad-related data is collected by ReceiptIQ on your device.
Tracking transparency on iOS. On iOS 14.5+, you may also be presented with the App Tracking Transparency prompt. Choosing "Ask App Not to Track" limits AdMob to non-personalized ads only.
ReceiptIQ accesses your location only while you are actively recording a drive using the in-app mileage tracker. The app does not access your location in the background, before you tap Start Drive, or after you tap End Drive.
Location data we record:
This data is stored on your device and, if you are signed in, synced to your Supabase-hosted account. It is never transmitted to AdMob, Gemini, or any other third party. You can delete a drive at any time from the Mileage tab.
The app requests the following device permissions, each only when needed:
| Permission | Why |
|---|---|
| Camera | To photograph a receipt for scanning. Asked only when you tap Scan. |
| Photo library | To select an existing receipt photo from your device. Asked only when you tap Choose from Library. |
| Location (foreground only) | To track the GPS route during an active mileage drive. Asked only when you tap Start Drive. |
| Network access | To sign you in, sync your data, request AI processing, and load advertisements (if applicable). |
You can revoke any permission at any time in your device's system settings.
We take reasonable measures to protect your information:
No method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security, and you use the app at your own risk.
Depending on where you live, you may have the following rights regarding your personal information:
To exercise any of these rights, email us at receiptiq.support@gmail.com. We will respond within 30 days (or sooner if required by your local law).
You can delete your account and all associated data at any time:
Once deleted, your data cannot be recovered.
ReceiptIQ is not directed to children under the age of 13 (or under 16 in the European Economic Area). We do not knowingly collect personal information from children. If we learn that we have collected information from a child without verified parental consent, we will delete it as quickly as possible. If you believe a child has provided us with information, please contact us at receiptiq.support@gmail.com.
ReceiptIQ is operated globally. Your information may be processed in the United States, the European Union, or other regions where our service providers (Supabase, Google) operate. By using the app you consent to your information being transferred to and processed in these regions.
Where required by law (for example, transfers from the EEA to the US), our service providers rely on Standard Contractual Clauses or other approved transfer mechanisms.
We may update this Privacy Policy from time to time. When we do, we will:
Continued use of the app after a change means you accept the updated policy.
If you have any questions, concerns, or requests about this Privacy Policy or your data, contact us at:
Email: receiptiq.support@gmail.com
For the fastest response, include the email address associated with your ReceiptIQ account and a clear description of your request.