Your books, yours.

1. The short version

• We collect the minimum data needed to run your ledger: account info, billing info, and the receipts you upload.
• We use Google's Gemini API to extract structured data from receipts. Receipts are processed at inference time only — never used to train models.
• We do not sell your data. Ever.
• You can export or delete your data at any time. Deletions cascade.

2. Who we are

Slipsheet is operated by Vorby Studios. This Privacy Policy applies to the Slipsheet website, application, and related services (the "Service"). The data controller is Vorby Studios. Contact: support@vorby.com.

3. What we collect

Account data

• Email address — for login, billing notices, and transactional communication.
• Authentication identifiers — managed by Supabase Auth (session tokens, password hash).
• Language preference — stored in a cookie or session to remember your choice.

Billing data

• Plan, subscription status, and usage — stored in our database.
• Payment details — handled by Stripe. We never receive or store your full card number. We store Stripe customer/subscription identifiers to reconcile your account.

Receipt content

• Original files you upload (PDF, JPG, PNG, HEIC) — stored in Supabase Storage, scoped to your account.
• Extracted fields — vendor, date, totals, taxes, line items, categories, and any notes you add.
• Forwarded emails, if you use the email-in feature — including attachments we process as receipts.

Integration data

• If you connect Google Sheets, Microsoft Excel, or similar services, we store OAuth tokens and the IDs of the specific spreadsheets you've authorized. We only read/write those specific files.

Operational data

• Server logs (IP address, user agent, request path, timestamps) for debugging and security monitoring.
• Basic product analytics to understand feature usage in aggregate. We do not sell or share analytics data.

4. How we use your data

• To run the Service — process receipts, store your ledger, serve exports, sync integrations.
• To bill you — charge your plan, honor cancellations, send billing emails.
• To support you — respond when you email us, investigate issues you report.
• To secure the Service — detect abuse, investigate anomalies, prevent fraud.
• To comply with law — tax, accounting, or lawful requests from authorities.

We do not use Your Content to train machine-learning models, and we do not sell Your Content or your personal data to third parties.

5. AI extraction and Google Gemini

Receipt extraction is performed by the Google Gemini API. When you upload a receipt, the file (or a rendered image of it) is sent to Gemini with a prompt that asks the model to return structured fields. Per Google's API terms for paid services, inputs and outputs are not used to train Google's models. The extraction happens at inference time; we discard the request context after the response returns.

The Google Gemini privacy practices are governed by Google's own policies; see Google's Gemini API terms for their current commitments.

6. Subprocessors

We rely on the following service providers to operate Slipsheet:

• Supabase — database, authentication, and file storage.
• Google Cloud (Gemini API) — receipt extraction.
• Stripe — payment processing and subscription management.
• Google Workspace APIs — optional Google Sheets sync, if you authorize it.
• Microsoft Graph — optional Excel sync, if you authorize it.
• Hosting providers — for serving the application and static assets.
• Email delivery providers — for transactional email.

Each subprocessor receives only the data necessary to perform its function. We may update this list as our infrastructure evolves; material changes will be reflected here.

7. Data retention

• Active accounts: we retain Your Content for as long as your account is active.
• Deletion: when you delete a receipt, related extractions and attachments are deleted together. When you close your account, we delete account data and Your Content within 30 days, except where we must retain records for legal or tax purposes.
• Backups: some data may persist in encrypted backups for up to 90 days after deletion before backup rotation expires.
• Billing records: invoices and transaction records are retained as required by applicable tax law.

8. Security

We use industry-standard safeguards: encrypted transport (HTTPS/TLS), encryption at rest for stored files, scoped database access via Supabase Row-Level Security, and strict credential management for API keys. No system is perfectly secure, but we take this seriously. If you suspect a security issue, write to support@vorby.com.

9. Your rights

Depending on where you live, you may have rights to:

• Access the personal data we hold about you.
• Correct or update inaccurate data.
• Delete your data ("right to be forgotten").
• Export your data in a portable format.
• Object to or restrict certain processing.
• Withdraw consent where processing is based on consent.

Most of these can be exercised directly in the app: edit or delete receipts, export the ledger, cancel your subscription, close your account. For anything that isn't self-serve, email support@vorby.com and we'll respond within a reasonable timeframe.

10. Cookies

We use a small number of cookies: a session cookie for authentication, and a cookie to remember your language preference. We do not use third-party advertising cookies or cross-site tracking.

11. International transfers

Slipsheet is operated from the United States. If you access the Service from outside the US, your data will be transferred to and processed in the US and other countries where our subprocessors operate. We rely on appropriate safeguards (such as standard contractual clauses, where applicable) for these transfers.

12. Children

The Service is not directed at children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with data, please contact support@vorby.com and we will delete it.

13. Changes to this Policy

If we make material changes to this Policy, we'll notify you by email or in-app notice before the changes take effect. The "Effective" date at the top of this page reflects the most recent update.

14. Contact

Questions, requests, or concerns — support@vorby.com. We read everything.