Privacy Policy

We're Jon and Ali. We built ExtractInvoice to help small businesses deal with receipt and invoice chaos. Here's exactly what data we collect, why we need it, and what we do with it. No legal mumbo-jumbo.

What We Collect

Account Information

  • Your email address (for login and notifications)
  • Name (if you sign in with Google)
  • Payment details (handled by Stripe - we never see your card number)
  • Company name (optional, if you add it)

Your Documents (receipts & invoices)

  • Receipt and invoice files you upload (PDFs, images)
  • Extracted data from those documents (vendor names, amounts, line items, etc.)
  • Processing history and timestamps

Usage Data

  • How many documents you process
  • Which features you use
  • Basic analytics (page views, session duration)
  • Error logs when something breaks

How We Use Your Data

  • To extract your receipt & invoice data - That's literally why you're here
  • To process payments - So we can keep the lights on
  • To send important emails - Password resets, payment receipts, critical updates
  • To improve the service - Fix bugs, make extraction more accurate
  • To enforce usage limits - Make sure you're within your plan limits

Who We Share With

We only share your data with services that help run ExtractInvoice:

  • Firebase (Google) - Stores your account, documents, and extracted data
  • Stripe - Processes payments (they're the gold standard)
  • AI Processing Partners - Industry-leading providers that extract data from your documents (receipts/invoices)
  • Resend - Sends transactional emails (password resets, receipts)

We will NEVER: Sell your data, share it with advertisers, or use your documents to train AI models.

Your Invoice Data & AI

Important stuff about AI processing:

  • Your invoices are processed by state-of-the-art AI technology optimized for your plan
  • These providers process your data but don't store it or use it for training
  • We delete processed images from our servers after extraction (keeping only the extracted data)
  • You can download and delete all your data anytime

Security

  • All data is encrypted in transit (HTTPS everywhere)
  • Files are stored in Firebase Storage with access controls
  • We use Firebase Security Rules to protect your data
  • Payment info never touches our servers (Stripe handles it)
  • We enable App Check to prevent abuse

Your Rights

You can always:

  • Export your data - Download all extracted document data as CSV
  • Delete your account - Email us and we'll wipe everything within 48 hours
  • Opt out of emails - Except the legally required ones (receipts, security alerts)
  • See what we have - Email us for a full data export

Cookies & Tracking

  • Essential cookies - For login and security (can't turn these off)
  • Firebase Analytics - Basic usage stats (page views, user count)
  • No creepy tracking - No Facebook pixels, no retargeting, no BS

Data Retention

  • Active accounts: We keep your data as long as you're a customer
  • Cancelled accounts: Deleted after 90 days (in case you change your mind)
  • Document files (receipts/invoices): Deleted from storage 30 days after processing
  • Extracted data: Kept until you delete it or close your account

Changes to This Policy

If we make big changes, we'll email you. Small clarifications might happen without notice. The date at the top shows when we last updated this.

Contact Us

Questions? Concerns? Just want to chat?

Email: hello@extractinvoice.app
Response time: Within 2 hours during business hours (9-5 PST, Mon-Fri)

California & GDPR Stuff

If you're in California or Europe, you have extra rights. We already follow GDPR and CCPA:

  • Right to access your data (email us)
  • Right to delete your data (email us)
  • Right to correct inaccurate data (you can do this in your dashboard)
  • Right to data portability (CSV export)
  • Right to opt-out of sale (we don't sell data anyway)