Privacy Policy for ReceiptRiser

Last Updated: July 7, 2025

1. Introduction

Welcome to ReceiptRiser ("we", "us", "our"). We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services. It has been written to comply with the EU General Data Protection Regulation (GDPR).

By using our service, you agree to the collection and use of information in accordance with this policy.

2. Data Controller

For the purpose of the GDPR, the data controller is ReceiptRiser. If you have any questions about this privacy policy or our privacy practices, please contact us at:

  • Email: contact@receiptriser.com
  • Address: Dissem. Bruguera de Cartellà S/N Complem. Can Porret 17150, Sant Gregori, Girona (ES)

3. What Data We Collect and Why

We collect several different types of information for various purposes to provide and improve our Service to you.

a) Personal Identification Information

  • Email Address: We collect your email address when you register for an account. We use this to identify you as a user, to communicate with you about your account, for security purposes (like password resets), and to provide the service.
  • Password: We collect a password to secure your account. This is stored in a hashed, non-reversible format. We never see your actual password.

b) Receipt and Financial Data

  • Receipt Images and Extracted Data: When you upload a receipt, we collect the image itself and the data we extract from it (such as store name, date, items purchased, and prices). This is the core functionality of our service, used to digitize and organize your expenses for you. You are the owner of this data.

c) Usage and Technical Data

  • Analytics Data: Through our use of Google Analytics, we automatically collect certain information when you visit our website. This may include your IP address, browser type, browser version, the pages of our service that you visit, the time and date of your visit, the time spent on those pages, and other diagnostic data. This data is used in an aggregated form to help us understand how our service is used and how we can improve it.
  • Cookies: We use cookies and similar tracking technologies to track the activity on our service and hold certain information. For more details, please see our Cookie section below.

4. Legal Basis for Processing Your Data

We process your personal data under the following GDPR lawful bases:

  • Performance of a Contract: Processing your email, password, and receipt data is necessary to provide the services you signed up for.
  • Legitimate Interest: We process usage data to improve our service, and for security monitoring to protect our service and users.
  • Consent: For non-essential cookies and tracking technologies like Google Analytics, we rely on your consent, which you can manage via our cookie consent tool.

5. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data with third parties for their marketing purposes.

We may share your data with the following third-party service providers:

  • Google Analytics: To analyze website traffic and user behavior. Google has its own privacy policy and is compliant with GDPR. Data is transferred to Google's servers, which may be outside the EU, under appropriate data protection safeguards.
  • [Any other providers, e.g., Cloud Storage, Email Provider]: You must list any other services that handle user data.

6. Your Data Protection Rights under GDPR

As a user within the European Union, you have the following rights regarding your personal data:

  • The right to access – You have the right to request copies of your personal data.
  • The right to rectification – You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • The right to erasure (Right to be forgotten) – You have the right to request that we erase your personal data, under certain conditions.
  • The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
  • The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

To exercise any of these rights, please contact us at our contact email provided above.

7. Data Security and Retention

We take the security of your data very seriously. We use appropriate technical and organizational measures to protect your personal data, such as hashing passwords and using secure protocols. However, no method of transmission over the Internet or method of electronic storage is 100% secure.

We will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain your account information as long as your account is active. If you delete your account, we will delete your information in accordance with our data deletion processes.

8. Cookies

Cookies are small files placed on your device. We use them to operate our site (e.g., to keep you logged in) and, with your consent, for analytics. You can control the use of cookies through your browser settings and our cookie consent banner.

9. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We may also notify you via email.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at contact@receiptriser.com.