This page describes what the Tracklified app actually does with your data, based on what's in the product. For the binding policy (subprocessor terms, legal compliance, data-handling commitments), see the Privacy Policy.
What the app collects
- Account info from your auth provider — email address, and if your provider shares them, your name and avatar. Clerk is the auth provider.
- Receipt images you upload via web, mobile, email forward, or the Chrome extension
- Extracted receipt data — merchant, date, amount, line items — parsed from the image by AI
- Usage analytics — which features get used, error rates
- Stripe payment info — handled by Stripe directly; Tracklified never sees card numbers
What the app doesn't collect
- Contacts, calendar, or location
- Browsing data outside the Chrome extension's declared scope (bank sites for matching, Gmail for the save-email action, local file/PDF pages,
tracklified.comfor the auth bridge, and the current tab when you explicitly trigger popup actions like Scan this page or Report incorrect receipt matching)
Mobile photo scanning (opt-in)
The mobile app includes an optional background photo scanner. When you enable it, the app runs OCR locally on your device to detect receipt candidates in new photos, then queues them for your review. Nothing gets uploaded until you confirm.
If you don't enable the scanner, it doesn't run.
Where data lives
- Receipt images — AWS S3
- Account and receipt data — PostgreSQL
- Receipt processing — images are sent to OpenAI's API for data extraction
OpenAI and receipt processing
When you upload a receipt, the image is sent to OpenAI's API to extract structured data. OpenAI's API terms and data-handling practices govern how that data is used. See OpenAI's documentation for current terms.
HIPAA
We are HIPAA-aware for medical receipts but are not currently a covered entity. If you need a BAA, email support@tracklified.com.
Deleting your data
See Delete your account for what the deletion flow does.
Your rights
- Export — Exports
- Delete — Settings → Delete account
- Correct — edit any field on any receipt
- Request info — privacy@tracklified.com
For policy-level commitments (CCPA, GDPR, subprocessor contracts, retention windows, "we don't sell your data," etc.), see the Privacy Policy.