Data Processing Information

• Registration Information: Name, email address, phone number, and other contact details.
• Financial Documentation: Photos of receipts, invoices, and other financial documents you send via WhatsApp.
• Transaction Details: Purchase amounts, vendor information, transaction dates, and expense categories.
• Communication Content: Messages, inquiries, and feedback you share with us through WhatsApp or other channels.
• User Preferences: Your settings and preferences for how you use our service.

• Usage Data: Information about how you interact with our service, including frequency of use, features accessed, and time spent.
• Device Information: Information about your mobile device, including device model, operating system, unique device identifiers, and network information.
• Log Data: Server logs, IP addresses, timestamps, and other technical data necessary for service operation.
• Location Data: Approximate location based on IP address (not precise GPS).
• Cookie Data: As described in our Cookie Policy section of our Privacy Policy.

1. Image Reception: Receipt image is received through our secure WhatsApp Business API integration.
2. Text Extraction: Optical Character Recognition (OCR) technology extracts relevant text from the receipt.
3. Data Parsing: Algorithms identify and categorize information such as vendor name, purchase date, items purchased, and total amount.
4. Categorization: Expenses are automatically categorized based on merchant information and purchase details.
5. Data Storage: The processed information is securely stored in your personal account database.
6. Report Generation: The data contributes to your personal financial reports and insights.

• Expense Tracking: Monitoring and organizing your spending patterns.
• Budget Analysis: Comparing actual spending against budgeted amounts.
• Spending Insights: Identifying spending trends, frequent merchants, and category distributions.
• Financial Reporting: Generating periodic reports on your financial activity.
• Customized Recommendations: Suggesting potential areas for saving based on your spending patterns.

• Respond to your inquiries and service requests
• Provide customer support and troubleshooting
• Send service updates and important notifications
• With your consent, deliver marketing communications
• Improve our communication processes and response times

• Encryption: All data is encrypted during transmission using TLS protocols and at rest using AES-256 encryption.
• Secure Infrastructure: Our systems are hosted in SOC 2 compliant data centers with physical and network security controls.
• Access Controls: Role-based access controls limit employee access to personal data on a need-to-know basis.
• Authentication: Multi-factor authentication is required for all administrative access to systems containing personal data.
• Monitoring: 24/7 monitoring for suspicious activities and potential security incidents.
• Regular Testing: Periodic security assessments, vulnerability scans, and penetration testing.

• Staff Training: Regular security and privacy training for all employees.
• Data Protection Policies: Comprehensive internal policies governing the handling of personal data.
• Vendor Management: Due diligence and contractual safeguards for all service providers with access to personal data.
• Incident Response: Documented procedures for responding to and mitigating potential data breaches.
• Data Minimization: Collection and processing limited to what is necessary for the stated purposes.

• Email a deletion request to [email protected]
• Send a deletion request via WhatsApp to our customer service
• Use the "Delete My Data" option in your account settings

Note: We will verify your identity before processing deletion requests. Please allow up to 30 days for processing.

1. Request Receipt: We confirm receipt of your deletion request within 7 days.
2. Identity Verification: We verify your identity to ensure the request is legitimate.
3. Data Identification: We identify all personal data associated with your account across our systems.
4. Deletion Execution: We permanently delete your personal data from active systems.
5. Backup Removal: Your data is removed from backups according to our backup rotation schedule (typically within 90 days).
6. Deletion Confirmation: We provide confirmation when the deletion process is complete.

• Legal Requirements: Data required to comply with applicable laws, such as financial regulations requiring record retention.
• Legitimate Business Purposes: Aggregated, anonymized data that no longer identifies you may be retained for analytical purposes.
• Dispute Resolution: Information needed to resolve ongoing disputes, enforce agreements, or defend legal claims.
• Fraud Prevention: Limited data may be retained to prevent fraud or future abuse of our services.

In all cases, retained data will be maintained with appropriate safeguards and only for the period necessary to fulfill these purposes.

Our Data Protection Officer can be contacted at:

Our service employs automated processing to analyze receipts, categorize expenses, and provide financial insights. This processing:

• Does not involve decisions with significant effects on individuals
• Is necessary for the performance of our contract with you
• Includes human oversight for significant financial recommendations
• Can be reviewed, with alternative options provided upon request

For transfers of personal data from the EU to the United States, we rely on:

• Standard Contractual Clauses approved by the European Commission
• Additional technical and organizational measures to enhance data protection
• When applicable, explicit consent for specific transfers

You have the right to obtain a copy of these safeguards by contacting our Data Protection Officer.