1. Information We Collect

When you create an account, we collect your email address and a hashed version of your password. We never store your password in plain text.

If you connect your Gmail account, we request read-only access to scan for subscription-related emails. We cannot send, delete, or modify your emails. OAuth tokens are encrypted at rest using AES-256-GCM encryption.

If you upload bank statements, the CSV file is processed in memory and only the detected subscription data you approve is stored. Raw CSV files are not retained.

2. How We Use Your Information

To provide subscription tracking and reminder notifications
To detect recurring subscriptions from email or bank data you provide
To send you renewal and trial-ending reminders via email or push notifications
To process payments if you upgrade to premium

3. Data Storage and Security

Your data is stored in encrypted databases. OAuth tokens are encrypted with AES-256-GCM. Passwords are hashed using bcrypt. All connections use TLS encryption. We do not sell, share, or provide your data to third parties.

4. Third-Party Services

Google Gmail API: Used only with your explicit consent for email scanning
Stripe: Processes premium subscription payments securely
Resend: Sends transactional emails (reminders, notifications)

5. Your Rights

You can disconnect your Gmail account at any time from Settings. You can delete your account and all associated data by contacting us. You can export your subscription data from the dashboard.

6. Contact

For privacy concerns, email us at [email protected]