ReceepSign in

Privacy Policy

Last updated: April 19, 2026

1. Overview

Receep (“we”, “our”, or “us”) is a receipt and invoice management service that connects to your email accounts to locate, save, and organise financial documents. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

By using Receep you agree to the collection and use of information as described in this policy.

2. Information We Collect

2.1 Account information

When you create an account we collect your name and email address.

2.2 Gmail data

Receep uses the Gmail API with read-only access (https://www.googleapis.com/auth/gmail.readonly). This allows us to search your inbox for emails that match the import rules you define and to read the content and attachments of those matching emails.

We access Gmail data solely to perform the receipt-saving functions you explicitly configure. We do not:

  • read emails that do not match your configured import rules;
  • store the full content of your emails on our servers beyond what is necessary to render and save the receipt file;
  • use Gmail data to serve advertisements;
  • sell, transfer, or share Gmail data with third parties, except as required to provide the service (e.g. uploading the resulting file to your chosen cloud storage);
  • use Gmail data for any purpose that is not directly related to providing the Receep service.

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

2.3 Cloud storage

If you connect Google Drive, Receep uses the Drive API (https://www.googleapis.com/auth/drive) solely to upload the receipt and invoice files you have instructed it to save, and to let you browse and select destination folders. We do not read, modify, or delete any files you did not explicitly ask Receep to create.

If you connect Dropbox, equivalent restrictions apply.

2.4 OAuth tokens

To act on your behalf when you are not actively using the app (e.g. during scheduled runs), we store OAuth access and refresh tokens for your connected accounts in an encrypted database. Tokens are used only to perform the operations you have configured and are never shared with third parties.

2.5 Usage and execution logs

We log when import rules were executed, how many emails were matched, and how many files were saved. These logs help you track what Receep has done and allow us to diagnose errors. Logs do not contain the content of your emails.

3. How We Use Your Information

We use the information we collect to:

  • provide, operate, and maintain the Receep service;
  • execute import rules and save receipt files to your chosen cloud storage;
  • authenticate you and maintain your session;
  • send transactional emails (e.g. account activation, password reset);
  • respond to support requests;
  • monitor service performance and fix errors.

We do not use your data for advertising, profiling, or any purpose unrelated to the receipt-management functions you have requested.

4. Data Sharing and Disclosure

We do not sell your personal data. We may share it only in the following limited circumstances:

  • Service providers: We use Supabase (database and authentication) and Vercel (hosting). These providers process data on our behalf under their own privacy policies and data-processing agreements.
  • Google / Dropbox:When saving files, requests are made to the Google Drive or Dropbox APIs using your own credentials. Data passes directly between Receep's servers and those services.
  • Legal requirements: We may disclose information if required by law, court order, or to protect the rights and safety of Receep, its users, or the public.

5. Data Retention

We retain your account data and execution logs for as long as your account is active. OAuth tokens are updated continuously and deleted when you disconnect an account or delete your Receep account. You may request deletion of all your data at any time by contacting us at ihaffke@gmail.com.

6. Security

We apply industry-standard security measures including encryption in transit (TLS), encryption at rest for sensitive credentials, row-level access controls in our database, and regular security reviews. No system is perfectly secure; if you believe your account has been compromised please contact us immediately.

7. Your Rights and Choices

You have the right to:

  • Access: request a copy of the personal data we hold about you;
  • Correction: ask us to correct inaccurate data;
  • Deletion: request deletion of your account and all associated data;
  • Revoke access: disconnect any linked account at any time from the Settings page — this revokes Receep's ability to access that account and deletes the stored tokens;
  • Portability: request your execution logs in a machine-readable format.

To exercise any of these rights, email us at ihaffke@gmail.com.

You can also revoke Receep's access to your Google account at any time by visiting Google Account Permissions.

8. Children's Privacy

Receep is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy at https://receep.com/privacyand updating the “Last updated” date. Continued use of Receep after changes take effect constitutes your acceptance of the revised policy.

10. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Receep
ihaffke@gmail.com