Privacy policy

What we collect

Shopistats stores receipt details, budget categories, and optional bank/Plaid connections solely to deliver the features you opt into. We never sell or share this information with advertisers.

Local-first storage

Your receipts and budgets live on-device by default. Cloud sync is end-to-end encrypted and an optional premium feature.

Third-party services

Plaid is used for secure bank ingestion and account verification, while Firebase powers authentication, Firestore storage, analytics, and crash reporting. Google Gemini powers our AI receipt parsing; we send the receipt image to Gemini’s multimodal API so it can handle OCR and entity extraction. Requests are encrypted in transit and contain no bank credentials, but they do include the image and any metadata needed to process it. Gemini processes the data solely to return structured receipt information, and each vendor meets SOC 2 requirements.

AI processing & Gemini

Shopistats relies on AI to function. Every receipt you submit is transmitted to Google Gemini for OCR, line-item parsing, and categorization—there is no non-AI fallback. Gemini may temporarily cache prompts for abuse prevention but, per Google’s enterprise commitments, those prompts are not used to train public models. We store Gemini’s structured output only as long as needed to sync your receipts across devices or comply with legal obligations. If using the free-tier, we may store Gemini's output anonymously for future improvement/internal metrics. If you do not want receipts processed by Gemini, the service cannot be used.

Your rights

Need data deleted or exported? Email developerbouk@gmail.com from the address tied to your account and we’ll respond within 72 hours.

Updates

This policy was updated on December 15, 2025. We’ll notify you in the app before any material changes.