Last Updated: November 30, 2025
This Privacy Policy explains how Proofey collects, uses, and protects your data. We are committed to complying with global privacy laws including GDPR, CCPA, and emerging AI regulations.
Welcome to Proofey! We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how Proofey ("we," "our," or "us") collects, uses, shares, and safeguards your information when you use our financial receipt management application (the "Service"). It also describes your rights and how you can exercise them. Proofey serves users around the world, and we strive to comply with all applicable privacy and technology regulations, including the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) (as amended by CPRA), and emerging laws governing AI and data. By using Proofey, you agree to the practices described in this Policy. If you do not agree, please discontinue use of the Service.
This Policy applies to information we collect through our app and any related services, features, or content. It does not cover any third-party services that you may access through Proofey (except our service providers as described below). We may update this Policy from time to time to stay compliant with new laws and technologies, and we will notify you of any material changes.
We collect information you provide directly to us, such as when you create an account, update your profile, or contact us for support. This includes: (a) Account Information: When you create a Proofey account, we collect identifiers such as your name, email address, and a password. We may also collect contact details and profile information. (b) Financial Data via Linked Accounts: If you choose to connect your bank or credit card accounts to Proofey, we will access your financial transaction data through our trusted integration partner, Plaid. This may include your account identifiers, account type, balances, and transaction details (dates, merchants, amounts, descriptions) from the linked accounts. By using our bank linking feature, you grant Proofey and our partner Plaid the authority to access and transmit your financial information from your financial institution. Proofey uses this financial data solely to match transactions with your receipts and to provide you with insights; we do not receive or store your bank login credentials (those are handled securely by Plaid). (c) Receipt Content: Proofey allows you to upload or capture images of receipts, or forward digital receipts, to organize your expenses. The content of these receipts (which may include store/merchant name, items purchased, prices, dates, totals, taxes, and possibly your name or last four digits of a card if shown on the receipt) is collected by us. We process the text and data from your receipts using Optical Character Recognition (OCR) technology to extract line items, totals, merchant info, and other relevant details. (d) Device and Technical Data: We gather data about the device and app version you use. This can include your device type/model, operating system and version, unique device identifiers, browser type (if applicable), preferred language, and the Internet Protocol (IP) address from which you access the Service. (e) Communications and Support: If you contact us for support, provide feedback, or otherwise communicate with us, we will collect the information you choose to share.
We process your personal data to operate and improve the Service, to provide AI-powered features (like automatic receipt parsing and categorization), to communicate with you, for customer support, for security/fraud prevention, and to comply with legal obligations. We do not use your data for any purposes incompatible with these objectives, and we do not currently use your personal data for advertising or sell your data. We use the information we collect for the following purposes: (a) Provide and Enhance the Service: We use your information to operate Proofey's core functionality, including using your receipt data and financial transaction data to automatically match receipts to expenses, categorize your spending, and present you with organized expense records. (b) AI-Powered Features: Proofey leverages Artificial Intelligence (AI) and machine learning services to enhance your experience. We use AI (through OpenAI's platform) to interpret and categorize the content of your receipts, suggest expense categories, or extract insights. Your receipt text and related data may be sent to our AI service provider (OpenAI) for processing. (c) Communications: We use contact information (like your email) to send essential service-related communications, including verification emails, password reset messages, transaction or receipt alerts, and confirmations or important notices about the Service. (d) Improvement and Analytics: We may use aggregated, anonymized, or de-identified data about how users use Proofey to understand and improve our Service. (e) Security and Fraud Prevention: We process certain data to keep Proofey and our users safe, including using device/IP information to detect unusual account access.
For individuals in the European Economic Area (EEA), United Kingdom, or other regions with similar laws, we rely on certain legal grounds to process your personal data: (a) Performance of a Contract: When you sign up for and use Proofey, you enter into a user agreement (our Terms of Service). We need to process certain personal data to fulfill our obligations under that contract. (b) Consent: We will rely on your consent in cases where we ask for it explicitly. For instance, we ask your consent to connect to your bank accounts, and by doing so you consent to us accessing and processing your financial transaction data. (c) Legitimate Interests: We may process your data for our legitimate business interests, provided such processing is not overridden by your rights and interests. Examples include improving and securing our service, analyzing usage to better serve our customers, preventing fraud, and developing new features. (d) Legal Obligation: In some cases, we have a legal obligation to process certain data – for example, retaining transaction records to comply with financial regulations or responding to lawful requests from authorities.
We do not sell your personal information to third parties. We only share your data in limited situations: (a) Service Providers: We use reputable third-party companies to perform certain functions on our behalf, including: • Banking Integration (Plaid): When you connect financial accounts, we use Plaid to retrieve your transaction data securely. • Cloud Storage and Database (Supabase): Your data is stored on secure servers provided by Supabase. • Email and Notification Services (SendGrid): We use SendGrid to send emails to you. • Subscription Management (RevenueCat, App Stores): We utilize RevenueCat to manage in-app subscriptions. • Artificial Intelligence Service (OpenAI): We share certain data with OpenAI to power Proofey's AI features. OpenAI is prohibited from using our users' data for its own purposes. • Document Conversion (CloudConvert): For processing receipts in various file formats. (b) Legal Compliance and Protection: We may disclose your information when necessary to comply with applicable laws or valid legal processes. (c) Business Transfers: If Proofey undergoes a business transition such as a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction. (d) With Your Consent: We will share your personal data with third parties only if you direct us to or explicitly consent to such sharing.
Proofey uses Plaid Inc. ("Plaid") to connect your financial accounts. You are redirected to Plaid's secure interface, and Proofey never sees or stores your bank login credentials. Plaid may provide us with account name, type, institution metadata, balances, and transaction history. Plaid's Privacy Policy governs how Plaid processes your data: https://plaid.com/legal/#end-user-privacy-policy. You may disconnect your bank accounts at any time, which also removes Plaid tokens and associated financial data stored by us.
Proofey is a global service. The data we collect from you may be transferred to, stored, and processed in countries other than your own. Primarily, your data will likely be stored in the United States (where many of our service providers are based, and where our servers may reside). If you are located in the European Union (EU), United Kingdom, or another region with data transfer restrictions, we rely on legal mechanisms such as the European Commission's Standard Contractual Clauses (SCCs) to govern transfers of personal data from the EEA/UK to countries that are not deemed to have adequate data protection laws. By using Proofey, you understand that your personal data will be transferred to our systems and third parties in various countries as needed for the purposes described.
We take the security of your data seriously and implement a combination of technical and organizational measures to protect it. However, no system can be guaranteed 100% secure. Our security measures include: (a) Encryption: All communication between Proofey apps/clients and our servers is encrypted using HTTPS/TLS. We also employ encryption at rest for stored data in our databases and backups. (b) Access Controls: Access to personal data within our organization is strictly limited. Only authorized personnel with a need to perform tasks can access user data. (c) Security Testing and Updates: We regularly update our software and dependencies to address security vulnerabilities. We employ firewalls and network security monitoring to protect our infrastructure. (d) Third-Party Security: We ensure that our third-party service providers also employ strong security measures. In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and any applicable regulator within the required time frames. You also play a role in keeping your data safe. We urge you to use a strong, unique password for Proofey and to keep it confidential.
We keep your personal data only as long as necessary for the purposes it was collected, or as required by law. (a) Active Account Data: We retain your personal information for as long as you maintain an account with Proofey. Your receipts, transactions, and other account data will remain available to you until you choose to delete them or close your account. (b) Account Deletion: You have the right to delete your Proofey account at any time. When an account is deleted, we will remove or anonymize personal data from our active databases. However, your data may persist in secured backups or archive systems for up to 60 days. This delay is in place to allow recovery from disasters or accidental deletions. (c) Retention for Legal/Legitimate Purposes: In some cases, even after account deletion, we might retain certain information if necessary for legal obligations or legitimate interests, such as compliance with tax, audit, or accounting requirements. (d) Anonymized and Aggregated Data: We may convert some of your data into an anonymized form after a certain time, for analytical purposes. This non-personal data may be retained indefinitely since it no longer contains personal information.
You have rights regarding your personal information. These include the right to access it, correct it, delete it, and in some cases, port it or object to certain processing. (a) Access and Portability: You have the right to request a copy of the personal data we hold about you. You can view a lot of this information directly in the app, or contact us for a comprehensive export. (b) Rectification (Correction): If any of your personal information is inaccurate or incomplete, you have the right to correct it by editing your profile or updating receipts/transactions in the app. (c) Deletion: You have the right to delete your personal data. You may delete individual items or your entire account at any time. (d) Restriction of Processing: You can request that we restrict processing of your data in certain circumstances. (e) Objection to Processing: You have the right to object to our processing of your personal data when it is based on legitimate interests or when used for direct marketing. (f) Withdraw Consent: Where we rely on your consent, you have the right to withdraw that consent at any time. (g) Data Portability: You can ask to receive your personal data in a structured, commonly used, machine-readable format. We will not discriminate against you for exercising any of these rights.
If you are a resident of California, or in certain other states with privacy laws, you may have the following rights: (a) Right to Know: You can request that we disclose the specific pieces and categories of personal information we have collected about you. (b) Right to Delete: You can request that we delete personal information we have collected from you. (c) Right to Correct: You can request that we correct inaccurate personal information we hold about you. (d) Right to Data Portability: You can request a copy of your data in a readily usable format. (e) Right to Opt-Out of "Sale" or "Sharing": We do not sell your personal data for money, and we do not share it for cross-context behavioral advertising. (f) Non-Discrimination: We will not discriminate against you for exercising any of these rights. (g) Authorized Agent: California residents can designate an authorized agent to make requests on their behalf. To exercise these rights, contact us at hello.proofey@gmail.com.
If you are located in the European Union, United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) provides you with additional rights, including data protection, data subject access requests, and the right to lodge complaints with your local data protection authority. You have the right to lodge a complaint with your supervisory data protection authority if you believe we have infringed your privacy rights. We encourage you to contact us first, so we can address your concerns directly.
Proofey is not intended for use by children or minors under the age of 18. We do not knowingly collect personal information from children. If you are under the age of 18, you should only use Proofey with the involvement and consent of a parent or guardian. Our Service is designed for adults (or at least older teenagers) who have personal finances and bank accounts. By using Proofey, you represent that you are either at least 18 years old or that you are a competent minor (at least 13, or a higher age of consent for data processing in your jurisdiction such as 16 in the EU) using the Service with parental consent. We do not deliberately collect information from children under 13. If you are a parent or guardian and believe that your child under 13 has created an account with Proofey or provided personal information to us without your consent, please contact us immediately. We will take steps to remove the data and delete the account of the underage user.
Analytics tools may collect device identifiers and usage patterns. You may disable tracking from your device settings, but certain features may not function properly. We may use internal analytics or third-party analytics tools to collect error logs, crash reports, and performance data about the app's behavior on your device. This helps us troubleshoot issues and improve stability. Such data generally does not identify you personally, but it may include device identifiers or user IDs and context of the error.
Our Service may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information. Whenever your data is shared with a third-party service (such as Plaid, OpenAI, etc.), your data is also subject to that third party's privacy policy. We encourage you to review the privacy notices of any third-party services you interact with through Proofey.
To request deletion of your account or associated data, visit: https://proofey-app.com/delete-account. This page explains the deletion process, what data is removed immediately, what data may be retained for legal reasons, and applicable retention periods. You may also initiate account deletion directly from within the app. Upon deletion: active data is removed promptly, residual data in logs or backups may persist temporarily, some data may be retained for legal compliance, fraud prevention, or billing disputes.
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. We will notify you of any significant changes and indicate the date of the latest revision at the top of the policy. Any changes will become effective when we post the revised Policy. If we make material changes, we will take additional steps to inform you – such as sending an email notification and/or displaying a prominent notice within the app – and, if required by law, we might obtain your consent for the new processing. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. If you disagree with any changes to the Privacy Policy, you should stop using the Service and you may request us to delete your data.
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at: Email: hello.proofey@gmail.com You can also reach out through the app's support/contact section, and we will respond via email. We will be happy to answer your questions or address any issues you have about your privacy and data security. Your trust is important to us, and we are committed to safeguarding your personal information while providing you with a useful and compliant service.
hello.proofey@gmail.com
For GDPR and privacy inquiries, you can reach our Data Protection Officer via email. We are committed to resolving any issues in a fair and transparent manner.
Thank you for using Proofey! We appreciate the opportunity to help you manage your finances, and we take the responsibility of protecting your data seriously.