How accurate is the receipt scanning technology?

Our OCR technology powered by Google Cloud Vision API achieves up to 99% accuracy for most standard receipts. The system continuously improves through machine learning as more documents are processed.

Can I scan receipts in different languages or currencies?

Yes! ScanReceipt.ai supports multiple languages and currencies. The system automatically detects and converts foreign currencies based on your account settings and the date of the transaction.

How secure is my financial data?

We take security seriously. All data is encrypted both in transit and at rest. We use Google Cloud Storage with enterprise-grade security measures, and we never share your data with third parties without your explicit consent.

What types of files can I upload?

ScanReceipt.ai accepts images (JPG, PNG), PDFs, and even email forwarding. You can upload directly through our web application, use our mobile app, or forward emails directly to your dedicated receipt email address.

How can I contact your team for support?

You can reach our support team at info@scanreceipt.ai. We typically respond within 24 hours during business days.

Privacy Policy

PRIVACY POLICY

Last Updated: August 16, 2025

Scanreceipt operates Scanreceipt AI-Expense-Tracker. This Privacy Policy explains our data practices.

1. INFORMATION WE COLLECT

Account Information:
- Email address, user credentials, and profile information
- Account preferences, country, timezone, and tax settings
- Subscription type, billing information, and usage statistics

Document Data:
- Uploaded receipts, invoices, and bank statements
- OCR-extracted text from enterprise cloud infrastructure
- AI-parsed transaction data (amounts, dates, merchants, categories)
- Email attachments sent to your dedicated addresses
- Document processing status and notifications

Integration Data:
- QuickBooks Online OAuth tokens and sync history
- Account mappings and connection status
- Third-party service authentication credentials

Usage and Technical Data:
- Monthly processing counts for subscription management
- API request logs and system performance data
- Security logs and authentication records
- Browser information and access patterns

2. HOW WE COLLECT INFORMATION

Direct Collection:
- Account registration and profile setup
- File uploads through web interface
- Email documents sent to dedicated addresses
- Third-party service connections (QuickBooks)
- Subscription and payment processing

Automatic Collection:
- Usage tracking for subscription limits
- Security monitoring and fraud prevention
- Processing status updates and notifications
- System performance and error logging

3. HOW WE USE YOUR INFORMATION

Core Service Provision:
- OCR text extraction via enterprise cloud infrastructure
- AI parsing and categorization using secure enterprise services
- Email document processing through dedicated addresses
- QuickBooks data synchronization and mapping
- Usage limit enforcement and subscription management
- Secure payment processing and billing

Service Enhancement:
- Improving OCR accuracy and processing speed
- Enhancing AI categorization algorithms
- Optimizing user interface and workflows
- Analyzing system performance and reliability

4. AI PROCESSING AND PRIVACY PROTECTION

OpenAI Enterprise Privacy Safeguards:
- We operate under OpenAI's Enterprise Privacy framework with a signed Data Processing Addendum (DPA)
- Your document data is NOT used to train current or future OpenAI models
- No personal identifiers or sensitive information is sent to AI services
- Only anonymized, sanitized transaction text is processed for parsing
- All data is automatically deleted from OpenAI systems after 30 days
- You retain full ownership of both input documents and AI-generated outputs
- Processing occurs in secure, enterprise-grade environments

Data Sanitization Process:
- Personal names, addresses, and phone numbers are removed before AI processing
- Account numbers and sensitive identifiers are masked
- Only business-relevant transaction details are analyzed
- Geographic and personal context is stripped from documents

5. INFORMATION SHARING

Third-Party Service Providers:
- Enterprise OCR services for document text extraction
- OpenAI enterprise services for AI-powered data parsing (with privacy safeguards)
- QuickBooks/Intuit for accounting data synchronization
- Payment processors for subscription and billing management
- Cloud infrastructure providers for secure data storage
- Email processing services for document intake

We DO NOT:
- Sell your financial data to any third parties
- Share documents with unauthorized parties
- Use your data for advertising or marketing to others
- Allow AI training on your private business documents
- Store personal information in AI processing systems

Legal and Business Requirements:
- Compliance with financial record retention laws
- Response to valid legal process and court orders
- Protection of our legal rights and user safety
- Legitimate business transfers with privacy protection

6. DATA SECURITY

Technical Safeguards:
- End-to-end encryption for data transmission
- Encrypted database storage with access controls
- Multi-factor authentication and secure token systems
- Rate limiting and advanced security monitoring
- Enterprise-grade cloud infrastructure with SOC compliance
- Regular security audits and penetration testing

Access Controls:
- Role-based access control for all systems
- API endpoints protected with authentication tokens
- Secure database connections with connection pooling
- Service account credentials for third-party integrations
- Webhook verification and request validation

7. DATA RETENTION

Document Storage:
- Original files: 7 years (tax and regulatory compliance)
- OCR-extracted text: 7 years for audit and verification
- Processing logs: 2 years for troubleshooting and support

Account and Usage Data:
- Active accounts: Maintained while subscription is active
- Cancelled accounts: 30 days retention for data export
- Inactive free accounts: 12 months before automatic deletion
- Usage statistics: 2 years for billing and analytics

AI Processing Data:
- OpenAI processing: Automatically deleted after 30 days
- Internal AI improvements: Anonymized patterns only, no personal data
- Processing logs: 90 days for quality assurance

8. YOUR RIGHTS AND CONTROLS

Account Management:
- Access, download, and export all your data
- Correct inaccurate or outdated information
- Delete your account and all associated data
- Control data sharing preferences

Integration Controls:
- Connect and disconnect third-party services
- Revoke authentication tokens at any time
- Control synchronization settings and frequency
- Monitor integration activity and status

Privacy Controls:
- Opt-out of non-essential data processing
- Request detailed information about AI processing
- Control email processing preferences
- Manage notification and communication settings

9. EMAIL PROCESSING INFRASTRUCTURE

Dedicated Email System:
- Unique email addresses generated for each user account
- Secure email infrastructure with enterprise-grade protection
- Automatic processing of document attachments only
- Email content and metadata are not stored or analyzed

Processing Workflow:
- Only document attachments are extracted and processed
- Email messages are marked as processed and archived
- No personal email content is accessed or retained
- Processing status notifications sent to your account

10. THIRD-PARTY INTEGRATIONS

QuickBooks Online Integration:
- Secure OAuth 2.0 authentication with encrypted token storage
- Read/write access limited to authorized accounting data only
- Sync operations logged for transparency and audit trails
- Data mapping follows standard accounting practices

Payment Processing:
- Secure payment infrastructure with PCI compliance
- Credit card information is not stored on our systems
- Billing data encrypted and access-controlled
- Transaction records maintained for regulatory compliance

11. INTERNATIONAL DATA TRANSFERS

Data Processing Locations:
- Primary infrastructure located in secure, certified data centers
- Third-party services may process data in multiple jurisdictions
- Appropriate safeguards ensure consistent privacy protection
- Data transfer agreements comply with international privacy laws

Cross-Border Protections:
- Standard contractual clauses for international transfers
- Adequacy decisions and certification programs
- Regular compliance audits and privacy impact assessments
- User notification of significant processing location changes

12. REGULATORY COMPLIANCE

California Privacy Rights (CCPA):
- Right to know about data collection and sharing practices
- Right to request deletion of personal information
- Right to opt-out of data sales (we don't sell data)
- Non-discrimination for exercising privacy rights

European Privacy Rights (GDPR):
- Lawful basis: Contract performance and legitimate interests
- Rights to data portability, erasure, and rectification
- Right to object to processing and withdraw consent
- Data Protection Impact Assessments for high-risk processing

13. CHILDREN'S PRIVACY

Our Service is designed for business use and not intended for individuals under 16 years of age. We do not knowingly collect personal information from children.

14. POLICY UPDATES AND NOTIFICATIONS

We may update this Privacy Policy to reflect:
- Changes in our data practices or service features
- New regulatory requirements or legal obligations
- Enhanced privacy protections or security measures
- User feedback and privacy best practices

Material changes will be communicated via:
- Email notification to registered users (30 days advance notice)
- Prominent notice on our website and application
- Updated version date and change summary
- Opportunity to review changes before continued use

15. CONTACT AND SUPPORT

Privacy Questions and Requests:
Support email- Info@scanreceipt.ai

For privacy-related requests, please include:
- Your account email address
- Specific nature of your request
- Any relevant account or document identifiers
- Preferred method for response

By using our Service, you acknowledge that you have read, understood, and agree to the collection, use, and disclosure of your information as described in this Privacy Policy.

Return to home