Overview
Purchy is a personal AI agent for managing purchases, return windows, refunds, subscriptions, and warranties. To do that, we collect:
- Identity data from your sign-in method (email, name, profile photo)
- Receipt and email data from Gmail (if you connect it) or from receipt photos you scan
- Chat & voice input so the Purchy AI assistant can answer your questions
- Bank/credit data via Plaid — only for Purchy Elite subscribers who opt in
- App diagnostics (crash logs, performance metrics, device info) to keep the app running
What we don't do: We do not sell your data. We do not show ads. We do not train external AI models on your data. We do not access your location. We do not read your contacts, SMS, or browsing history.
Information We Collect
Identity & Account Information
Purchy uses passwordless authentication. We support three sign-in methods:
- Email magic link — we collect your email address and a temporary one-time code
- Sign in with Google — we receive your email, name, and profile photo from Google
- Sign in with Apple — we receive your name and email (or Apple's private relay address if you choose to hide it)
We do not use passwords. We do not collect your phone number, postal address (for your account), date of birth, or government-issued IDs.
Receipt & Purchase Information
When you sync Gmail, scan a receipt, or chat with Purchy, we extract and store:
- Merchant name, purchase date, total amount, and line items
- Payment-method type and the last 4 digits of the card used (we never see or store full card numbers, CVVs, or expiration dates)
- Receipt or email content that includes shipping address (if present in the email body) so we can show it on the receipt detail screen
- Original receipt images you scan or upload (stored in our encrypted Supabase Storage)
- Raw email content (subject, body HTML/text, sender, recipient) for emails identified as purchase confirmations
Chat, Voice & Image Input
- Chat messages — the text you send to the Purchy AI is stored to maintain conversation history
- Chat-attached images — any image you attach to a chat message is sent to OpenAI for analysis but not stored by us; only a placeholder reference remains in chat history
- Voice recordings — if you tap the microphone, your audio is sent to OpenAI Whisper for transcription. The audio itself is processed ephemerally — we do not store or retain it. Only the resulting transcript text is saved as a chat message.
- Profile photo — if you upload one, it is stored in encrypted Supabase Storage
Device & Diagnostic Information
We collect this automatically when you use the app:
- Device model, OS version, app version, push token, and a pseudonymous device identifier
- Crash logs and performance traces (sent to Firebase Crashlytics)
- Feature usage and screen views (sent to Firebase Analytics — pseudonymous, not tied to real-world identity)
- Sync metrics, parsing attempts, and notification delivery records (stored in Supabase to keep the app reliable)
We do not collect location data, contacts, SMS, web browsing history, or any data outside the app.
How We Use Your Information
Receipt Processing
Extract purchase data from receipts and emails so you can see all your purchases in one place
Deadline Tracking
Detect return windows, free-trial end dates, and price-drop deadlines, then notify you
Refund Discovery
Identify potential refund opportunities based on price drops and policy violations
Calendar Sync
Add return-deadline events to your device calendar (with your permission)
AI Assistant
Answer your questions about your purchases via the in-app chat
Service Quality
Improve receipt-recognition accuracy, fix bugs, and analyze app performance
AI & Automated Processing
Purchy uses several AI services to extract structured data from your receipts, classify emails, and power the in-app chat assistant. Specifically:
OpenAI (GPT-4 / GPT-4o / Whisper / Vision)
We send the following to OpenAI's API:
- Email subject and body content (for receipt classification and parsing)
- Receipt OCR text and parsed JSON (for chat queries about your purchases)
- Chat messages and any images you attach
- Voice recordings (transcribed by Whisper, then discarded by us)
Per OpenAI's API Data Usage policy, your data is not used to train OpenAI's models and is retained by OpenAI for at most 30 days for abuse monitoring before deletion.
Google Cloud Vision
Receipt images you scan are sent to Google Cloud Vision for text extraction (OCR). Google Cloud Vision processes the image and returns structured text. Per Google Cloud's terms, this data is not used to train Google's models.
Veryfi (alternative receipt OCR)
When higher-accuracy structured extraction is needed (e.g., complex grocery receipts), we may send receipt images to Veryfi. Veryfi is a SOC 2 Type II certified processor that does not retain your data after extraction.
Your data is never used to train AI models. All AI processing happens through enterprise APIs with contractual data-use restrictions in place.
Third-Party Processors
We use the following companies to operate Purchy. Each is bound by a Data Processing Agreement (DPA) that prohibits them from using your data for their own purposes.
| Service | Purpose | Data Sent |
|---|---|---|
| Supabase | Primary backend, database, file storage | All user data |
| OpenAI | AI chat, email parsing, voice transcription, image analysis | Email content, chat messages, receipt text, audio, attached images |
| Google Cloud Vision | Receipt OCR (text extraction) | Receipt images |
| Veryfi | Alternative high-accuracy receipt OCR | Receipt images (when used) |
| Plaid | Bank/credit card linking (Elite tier only) | Bank credentials handled by Plaid; we receive transaction and balance data |
| Firebase Analytics | Pseudonymous app usage analytics | Pseudonymous user ID, screen views, feature events |
| Firebase Crashlytics | Crash and error reporting | Stack traces, device model, app version, pseudonymous user ID |
| RevenueCat | Subscription management | Pseudonymous user ID, subscription status |
| Expo Push Notifications | Push notification delivery | Push token, notification payload |
| Apple / Google | Sign-in identity providers + payment processing for subscriptions | Authentication tokens; subscription billing handled by Apple/Google |
| Keepa | Amazon product price tracking | Product ASIN only (no personal data) |
Gmail Integration
Gmail integration is optional — you can use Purchy without connecting Gmail by scanning receipts manually. If you choose to connect Gmail, we request the gmail.readonly scope, which means:
- Read access to scan for purchase confirmation emails
- Read access to email attachments (PDFs, images) identified as receipts
- We never send, modify, or delete emails on your behalf
- We do not use Gmail data for advertising or train AI/ML models on it
CASA Tier 2 Verified: Purchy's Gmail integration has passed Google's independent Cloud Application Security Assessment (CASA) at Tier 2 against the Mobile Application Security Verification Standard (MASVS Level 2).
Email content (subject, body, sender, recipient) we identify as a receipt is sent to OpenAI for parsing. We do not send unrelated emails.
You can revoke Gmail access at any time from your Google Account permissions page or by tapping “Disconnect Gmail” in Purchy Settings.
Bank & Credit Card Linking (Plaid)
Bank linking is available only to Purchy Elite subscribers, and is completely optional — the rest of the app works without it.
When you link a bank or credit card account:
- You authenticate directly with your bank through Plaid Link — we never see your bank credentials
- Plaid issues us an access token (encrypted at rest in our database)
- We retrieve transaction history, account balances, and credit-card payment due dates to enable payment-due reminders and transaction matching
- You can disconnect any linked account at any time in Settings; we delete the access token and all linked transaction data within 30 days
Plaid is regulated as a consumer reporting agency under US law and operates under its own privacy policy.
Data Storage & Security
Your data is stored on Supabase (which runs on AWS US-East infrastructure). Plaid access tokens, Gmail OAuth tokens, and other sensitive credentials are encrypted at the application layer using AES-256 before being written to the database.
AES-256 Encryption
Sensitive tokens encrypted at the app layer
TLS 1.3
All network traffic encrypted in transit
Row-Level Security
Each user can only access their own data
CASA Tier 2 Verified
Independent annual security assessment
Data Sharing
We do not sell your personal information.
We NEVER use your data for:
- Targeted or personalized advertising
- Selling to data brokers or resellers
- Determining creditworthiness or lending
- Training external AI/ML models
- Creating marketing databases
- Retargeted or interest-based ads
The only circumstances under which we share data:
- Service Providers (under DPA)
The third-party processors listed in Section 4 (Supabase, OpenAI, etc.) process data on our behalf under signed Data Processing Agreements. They cannot use your data for their own purposes.
- Legal Requirements
When required by law (subpoena, court order) or to protect Purchy's rights, users, or the public from harm. We will notify affected users where legally permitted.
- Business Transfers
If Purchy is acquired or merges with another company, your data would transfer subject to this privacy policy. We would notify users at least 30 days in advance via email.
Your Rights (GDPR/CCPA)
Access
Request a copy of your personal data
Correction
Request correction of inaccurate data
Deletion
Delete your account and data
Portability
Export your data in a portable format
Opt-out
Opt out of marketing communications
No Sale
Your data is never sold (CCPA)
To exercise these rights, contact us at:
services@purchy.appYou can also delete your account from inside the Purchy app: Settings → Account → Delete my account. See our deletion instructions page for full details.
Data Retention & Deletion
We retain your data for as long as your account is active. Upon account deletion:
Personal data deleted
Within 30 days of account deletion (profiles, receipts, emails, chat history, images, voice transcripts)
Encrypted backups purged
Within 30 days; backups are not actively accessed
Subscription & billing records
Up to 7 years for tax and accounting compliance (managed by Apple, Google Play, or RevenueCat — contains no receipt content)
Anonymized analytics
Aggregated usage statistics may be retained indefinitely; cannot be tied back to individuals
Children's Privacy
Purchy is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us at services@purchy.app and we will delete it promptly.
Changes to This Policy
We may update this Privacy Policy from time to time. For material changes (new processors, expanded data collection, changes to retention) we will notify you via email or in-app notification at least 30 days before the change takes effect. Continued use of Purchy after the effective date of an updated policy constitutes acceptance of the changes.
Contact Us
If you have questions about this Privacy Policy or want to exercise your data rights, contact us: