Legal

Privacy Policy

Plain language. What we collect, why, and what you can do about it.

Last updated: 2026-05-01

This policy describes how the ExpensesHub mobile application ("ExpensesHub", "we", "our") collects, uses, and protects your information. It reflects what the app actually does today — not aspirational practices. If anything below is unclear, write to privacy@expenseshub.app and a real person will reply.

1. The short version

  • We collect what's needed to run the app: account credentials, your records (expenses, income, fuel, categories), and an optional avatar.
  • Receipt images stay on your device by default. During a scan, image bytes are sent to Google's Document AI for OCR (text extraction only); the resulting text is then sent to Anthropic's Claude to structure receipt fields. Claude does not receive the image. No retention beyond the request at either provider.
  • We don't sell data, run ads, or share records with marketers.
  • You can export your records (Backup Export) and delete your account at any time — see the Delete Account page.

2. What we collect

2.1 Account information

  • Email address and password (or Google sign-in identifier) — required to authenticate.
  • Profile name and company name — shown in the app UI; you can change them anytime.
  • Avatar image (optional) — if you upload one, it's stored in our cloud avatars storage.
  • Business profile — Trucking, Construction, Personal, etc. Determines default categories.

2.2 Records you create

  • Expenses, income, and fuel records — vendor, date, total, category, optional notes, gallons, price-per-gallon.
  • Categories, employees / drivers, vendors — names and structure you set up.
  • Workspace memberships — if you're invited to or invite someone to a workspace.

2.3 Receipt images

  • Receipt photos are saved on your device. They are not automatically uploaded to our servers.
  • When you scan, the raw image bytes are sent to Google's Document AI (OCR) for the duration of the request only. The OCR text — not the image — is then sent to Anthropic's Claude for structured field extraction. See §4 for both processors.
  • Backup Export will include the local receipt images in the ZIP if you choose to export them.

2.4 What we do not collect

  • No GPS / location tracking.
  • No advertising identifiers.
  • No analytics SDKs that profile individual users.
  • No contacts, calendar, or microphone access.
  • Camera access is used only when you tap to scan a receipt.

3. How we use your information

  • Run the app: authenticate you, store your records, sync between devices when applicable.
  • Receipt extraction: send image bytes to OCR providers for the duration of the request.
  • Email notifications: transactional emails (account confirmation, password reset, team invites) and — only if you opt in — monthly summary digests of your activity.
  • Support: investigate issues you report and help you recover access.

4. Service providers (sub-processors)

We use a small set of trusted providers to operate ExpensesHub. None of them receive marketing data; each is used only for the specific job listed below.

4.1 Supabase (database, auth, storage, edge functions)

Stores your account credentials, your records, your workspace memberships, and any avatar images you upload. Row-level security restricts every query to data you're entitled to see. Operated on the EU/US infrastructure offered by Supabase. Supabase privacy policy.

4.2 Google Document AI (receipt OCR)

Receives raw receipt image bytes during a scan and returns structured fields (vendor, date, total, line items). Per Google's terms, no data is retained beyond the request. Document AI terms.

4.3 Anthropic Claude (receipt field extraction)

Receives the OCR text returned by Document AI (not the receipt image) and extracts structured fields — vendor, date, total, fuel details, classification — for the duration of the request. Claude does not receive any image bytes. Anthropic does not train on data submitted via the API. Anthropic privacy policy.

4.4 Resend (transactional email)

Delivers transactional email from notifications@expenseshub.app: account confirmations, password resets, team invites, optional monthly summaries. Resend privacy policy.

4.5 Google sign-in (optional)

If you choose to sign in with Google, Google authenticates you and shares your email address with us. We do not receive a Google password.

5. Data retention

  • Account and records: retained until you delete your account.
  • Receipt images: retained on your device until you delete them or uninstall the app. Receipt-bytes sent for OCR are not retained beyond the request.
  • Email logs: minimal metadata (recipient, send timestamp, success/failure) is retained for deliverability troubleshooting.
  • Deleted accounts: records are removed promptly after a deletion request — see Delete Account.

6. Your rights

  • Access & portability: use Backup Export inside the app to receive a ZIP of your records.
  • Correction: edit any record directly in the app.
  • Deletion: delete individual records in-app, or delete your account via Delete Account.
  • Withdrawal of consent: opt out of monthly summary emails in Settings; uninstall the app at any time.
  • Right to a human: email privacy@expenseshub.app for any privacy question, data request, or complaint.

7. Children

ExpensesHub is not directed to children under 13 (or the equivalent age in your jurisdiction). We do not knowingly collect data from children. If you believe a child has created an account, write to privacy@expenseshub.app and we'll remove it.

8. Security

  • All traffic between the app and our backend is encrypted with HTTPS / TLS.
  • Account passwords are hashed by Supabase Auth (bcrypt) and never stored in plain text.
  • Workspace data is gated by row-level security at the database — a user can only read or modify rows they're authorized to.
  • Team invite tokens are stored only as SHA-256(token); the raw token is sent once via email and never persisted.
  • We never share or commit secrets (API keys, service-account credentials) in source.

9. International transfers

Our providers operate globally. By using ExpensesHub you understand that your data may be processed in countries other than your own. We use providers that offer standard contractual clauses or equivalent safeguards where applicable.

10. Changes to this policy

If we change this policy materially we will note it at the top of this page and, where appropriate, in the app. The current version is dated above.

11. How to reach us