Privacy Policy
Scan & Parse — Last updated: April 2026
This page is the dedicated privacy policy for the Scan & Parse web application (“the App”). This policy is provided as HTML text on this page only (not a PDF or embedded document).
This policy describes how the App handles information when you use it to photograph receipts, review parsed data, and optionally sync to your Google account.
Who operates the App
The App is served as a web application on infrastructure you control (for example Cloudflare Workers). The entity responsible for your deployment should be identified in your Google Cloud OAuth consent screen and any store listings you publish.
Information we process
- Account. If you sign in with Google, we receive identifiers and profile data Google provides (such as your Google user id and email) to create your session and scope stored data to your account.
- Receipt images. Images you upload are processed to extract text and amounts (including via AI services you configure, such as Cloudflare Workers AI or a third-party vision API).
- Derived receipt data. Fields you edit or approve (merchant, line items, totals, notes, optional location) may be stored in a database and, if you connect Google Drive/Sheets, written to a spreadsheet in your Google account.
- Technical data. Hosting providers may log requests, IP addresses, and similar metadata as part of normal service operation.
How we use information
We use the information above to authenticate you, run receipt parsing, store your approved receipts, prevent duplicate uploads where implemented, and sync to your Google Sheet when you enable that feature. We do not sell your personal information.
Sharing
Data is processed by the hosting and AI providers you enable (for example Cloudflare; optionally OpenAI or OpenRouter if configured). Google receives OAuth requests when you choose Google sign-in or Google Sheets integration. We do not share your receipt content with advertisers.
Retention and deletion
Data is retained according to your deployment configuration and any tools your operator uses to delete database or object storage records. To request deletion of data associated with your account, contact the operator of your specific deployment.
Security
We use industry-standard practices where available (such as HTTPS, signed session cookies, and encrypted storage of refresh tokens where implemented). No method of transmission over the Internet is 100% secure.
Children
The App is not directed at children under 13, and we do not knowingly collect their personal information.
Changes
We may update this policy; the “Last updated” date will change when we do. Continued use after changes means you accept the updated policy.
Contact
For questions about this policy for a specific deployment, contact the person or organization that provided you the App link.