Download now

Privacy Policy

Privacy Policy

Last updated: 3 March 2026

Version: 2.1

This Privacy Policy describes how Sheetify Limited (“we”, “us”, “our”), a company registered in England and Wales (registered address: 1 Oak Court, 67–72 Bethel Road, Sevenoaks, England, TN13 3UE), collects, uses, and shares your personal data when you use the Sheetify mobile application (“the App”).

Terms used in this Privacy Policy have the same meaning as in our Terms of Service unless otherwise defined. “Personal data” means any information that identifies or could identify you. “Processing” means any operation performed on your personal data, such as collecting, storing, using, or deleting it.

By using the App, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the App.

We collect only the personal data that is reasonably necessary to provide, maintain, and improve Sheetify, as described in this policy.

1. What We Collect

1.1 Information You Provide

  • Account information: When you create an account, we collect your email address and display name. If you sign in with Google, we receive the profile information you authorise Google to share (typically name and email). You can also use the App with an anonymous account without providing personal identity information.
  • Receipt images: When you use the scanning feature, you provide photos of receipts from your device camera or photo library. These images are processed to extract text (see Section 3).
  • Support messages: If you contact us through the in-app chat, we collect the content of your messages.

1.2 Information Collected Automatically

  • Usage data: We collect information about how you use the App, including which features you use and how often.
  • Device information: Device type, operating system and version, app version, language settings, and a device identifier.
  • Subscription data: Your subscription status and billing country, shared with us by the app stores via our subscription management provider.

1.3 Information We Do Not Collect

  • We do not collect your precise location.
  • We do not access your contacts or files outside of the photos you explicitly select or capture for receipt scanning.
  • We do not sell your personal data to anyone.

2. How We Use Your Data

We use your personal data to:

  • Provide the service: Process your receipt images, extract text, and send the results to your connected Google Sheets.
  • Manage your account: Authenticate you, manage your subscription, and store your preferences.
  • Improve the App: Understand usage patterns to fix bugs and improve features.
  • Provide support: Respond to your questions via in-app chat.
  • Communicate with you: Send service-related messages (e.g. subscription changes, important updates). If you are a current or former user, we may occasionally contact you to request feedback or share relevant product updates. Every such message includes a way to opt out of future communications.

For details on the legal basis for each use, see Section 7 (Your Rights — UK and EU Residents).

3. AI Processing of Receipt Images

When you scan a receipt, the App sends your receipt image to Google’s Gemini AI model (via Google’s Firebase platform) for text extraction. This means:

  • Your receipt image is transmitted to Google’s servers.
  • Google’s AI extracts the text (vendor name, amounts, dates, line items, category) and returns it to the App.
  • Google does not use data sent via this API to train its AI models.
  • The extracted text is stored in your account and, if you choose, sent to your Google Sheets.

You must consent to this processing before your first scan. The App will ask for your explicit consent before any receipt image is sent to Google. If you decline, no images are transmitted, but you will not be able to use the receipt scanning feature.

Your receipt images may contain sensitive financial information. By consenting to AI extraction, you acknowledge that this data is transmitted to Google for processing.

Under the EU AI Act, we inform you that the receipt scanning feature uses an automated AI system (Google Gemini) to extract and categorise data from your receipt images. You may contact support@sheetify.io to request information about how a specific result was generated.

4. Third-Party Service Providers (Sub-Processors)

We use third-party service providers to operate the App. These providers process data on our behalf and only receive the data necessary for their function. We do not sell your data to any provider.

Our service providers fall into the following categories:

  • Cloud infrastructure and authentication: We use cloud hosting providers to store your account data, receipt images, extracted text, and to handle sign-in. Data may be processed in the US and EU.
  • AI text extraction: Receipt images are sent to a third-party AI provider for text extraction (see Section 3). Images are processed transiently and are not retained by the provider for training purposes.
  • Analytics: We use analytics providers to understand usage patterns and improve the App. These providers receive usage events, device information, and anonymous identifiers.
  • Subscription management: We use providers to manage subscriptions and process billing information shared by the app stores.
  • Customer support: We use a support platform to provide in-app chat. This provider may receive your name, email, support messages, and device information.

All providers are bound by data processing agreements. For transfers from the UK/EEA to the US, we rely on Standard Contractual Clauses and each provider’s compliance frameworks (see Section 8). A full list of sub-processors is available on request by contacting support@sheetify.io.

Tracking Technologies

Sheetify does not use browser cookies within the mobile app. We use software development kits (SDKs) for analytics, crash reporting, in-app support, and subscription management. These SDKs may use device identifiers, instance IDs, and similar technologies to recognise your device between sessions.

You can limit analytics collection by adjusting your device’s privacy settings or by contacting us at support@sheetify.io.

Our website (sheetify.io) may use analytics tools to collect aggregated visitor statistics.

5. Google Drive and Sheets Integration

The App allows you to connect your Google account to store receipt data in your own Google Drive and Google Sheets. When you connect:

  • You authorise the App to create folders, upload files, and write to spreadsheets in your Google Drive.
  • Both receipt images and extracted text may be sent to your Google Drive.
  • Your Google account credentials are handled by Google’s OAuth system. We do not see or store your Google password.

You can disconnect your Google account from the App at any time via the settings screen.

6. Data Retention

  • Account and receipt data: Retained for as long as your account is active. If you request deletion, we will delete your data within 30 days.
  • Receipt images in your Google Drive: Remain in your Google account and are managed by you.
  • Analytics data: Retained for up to 14 months.
  • Subscription data: Retained as required by tax and financial regulations (typically 7 years).

7. Your Rights

All Users

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request that we correct inaccurate data.
  • Deletion: Request that we delete your personal data. Contact support@sheetify.io.
  • Opt out of communications: Every non-essential email includes an unsubscribe option.

UK and EU Residents (GDPR / UK GDPR)

You also have the right to:

  • Data portability: Receive your data in a structured, machine-readable format.
  • Restrict processing: Ask us to limit how we use your data.
  • Object to processing: Object to our use of your data for analytics.
  • Withdraw consent: Where processing is based on consent (e.g. AI receipt extraction), you may withdraw it at any time.
  • Lodge a complaint: Contact your local data protection authority. In the UK: the Information Commissioner’s Office (ICO).

Legal basis for processing:

  • Contract (GDPR Art. 6(1)(b)): Providing the scanning service, managing your account, processing subscriptions.
  • Consent (GDPR Art. 6(1)(a)): AI processing of receipt images via Google Gemini.
  • Legitimate interest (GDPR Art. 6(1)(f)): Analytics, product improvement, customer support, and contacting former users for feedback (with opt-out). Where we rely on legitimate interest (for example, to send service-related communications to former users), we have assessed that our interest in informing users of relevant product updates does not override their privacy rights, taking into account the limited nature and frequency of such communications and the ease of opting out. You may object to this processing at any time by contacting support@sheetify.io.

California and Other US State Residents

Under the California Consumer Privacy Act (CCPA/CPRA), the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), the Connecticut Data Privacy Act (CTDPA), and similar US state privacy laws:

  • You have the right to know what personal information we collect and to request its deletion.
  • We do not sell your personal information.
  • We do not use your personal information for profiling in furtherance of decisions that produce legal or similarly significant effects.
  • We will not discriminate against you for exercising your privacy rights.

To exercise any rights, contact support@sheetify.io.

8. Data Transfers

Your data may be transferred to and processed in countries outside your own, including the United States. For transfers from the UK/EEA, we rely on Standard Contractual Clauses and our providers’ compliance frameworks.

9. Data Security

We use commercially reasonable measures to protect your data, including encrypted connections (HTTPS/TLS) for all data in transit, access controls on our database and storage, and secure on-device storage for sensitive credentials. No method of electronic transmission is 100% secure, but we take reasonable steps to protect your information.

10. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware of it. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay, describing the nature of the breach, the likely consequences, and the measures we have taken or propose to take.

11. Children’s Privacy

The App is intended for users aged 13 and above. Users between 13 and 16 must have verifiable parental or guardian consent to use the App (in accordance with GDPR Art. 8 and applicable national laws). We do not knowingly collect data from children under 13. If you believe a child under 13 has provided us with personal data, contact support@sheetify.io and we will delete it promptly.

12. Changes to This Policy

We may update this policy from time to time. We will update the date at the top, notify you of material changes via email or in-app notice at least 30 days before they take effect, and post the revised policy at sheetify.io/privacy/.

13. Contact Us

Questions or data rights requests:

  • Email: support@sheetify.io
  • Address: Sheetify Limited, 1 Oak Court, 67–72 Bethel Road, Sevenoaks, England, TN13 3UE

14. Governing Law

This Privacy Policy is governed by the laws of England and Wales. See also our Terms of Service.