Account boundary
Only your signed-in account can access your receipt collection.
Security & privacy
Security starts with clear control.
Receipts are personal records. RECEIPTS treats them as user-owned data that should be authenticated, reviewable, exportable, and explained without inflated trust claims.
Authenticated workspace
Receipt recordMerchant, date, total, item context
Private accountEditable fieldsDelete controlsExport path
Controls
Trust comes from practical product behavior.
The security page should say what the product actually does, where users keep control, and what is still subject to future hardening.
Private purchase context
Receipts can reveal locations, habits, gifts, health needs, travel, family routines, and business activity.
Review, edit, delete
The product keeps user review, field correction, record deletion, and account-level control in the main workflow.
Exports before lock-in
Structured exports are part of the product direction so users can move their own purchase records when needed.
Data path
From authentication to user action.
The service is moving from the old Firebase-backed site into a production Next.js experience while continuing to rely on authenticated user boundaries for app access.
1
Sign in
Firebase authentication identifies the account before receipt tools load.
2
Upload
Receipt files become user-owned records with extracted fields that can be reviewed.
3
Extract
AI assists with merchant, date, total, tax, items, category, and notes where available.
4
Control
Users can search, edit, export, and delete records from the authenticated workspace.
Plain promises
What we avoid promising
Good security communication is specific. It should not borrow trust from certifications, guarantees, or technical claims the current product has not yet earned.
We describe current product behavior plainly and update policy pages as the service evolves.
We keep legal, tax, and accounting responsibility with the user and their qualified advisors.
We avoid marketing audited compliance, impossible extraction accuracy, or absolute protection before those controls exist.
Data policy
Keep product behavior transparent.
The data policy explains how records, contact submissions, account workflows, and user controls should be represented as RECEIPTS moves into production.