Privacy Policy - Billendar

1. Introduction

Billendar ("we", "us", or "our") operates the web application at billendar.app. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

By using Billendar, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the service.

2. Information We Collect

Account Information

When you sign up with Google OAuth, we receive:

Your name
Your email address
Your Google profile picture (if available)

Bill and Payment Data

Information you create or import into Billendar:

Bill names, amounts, due dates, and categories
Payment status and history
Uploaded receipt images and documents
Notes and tags you attach to bills

Gmail Data (Optional)

If you choose to connect your Gmail account, we request read-only access to scan for bills, receipts, and payment confirmations. We extract structured bill data (payee, amount, due date) from relevant emails. We do not store raw email content - only the extracted bill information.

Usage Data

We automatically collect limited technical information such as browser type, device type, and general usage patterns to improve the service. We do not use third-party analytics trackers.

3. How We Use Your Information

We use the information we collect to:

Provide, operate, and maintain the Billendar service
Detect bills and payment confirmations from your Gmail (if connected)
Send you bill due-date reminders and notifications
Scan and extract data from uploaded receipts
Improve and personalize your experience
Respond to your support inquiries

4. What We Do NOT Do

We do NOT sell, rent, or share your personal data with advertisers or data brokers. We do NOT send, delete, or modify your emails. We do NOT use your data for ad targeting. We do NOT allow third parties to access your bill data.

5. Google API Services User Data Policy

Billendar's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, Billendar:

Only requests the minimum Gmail scopes needed (read-only access)
Uses Google user data solely to provide bill detection and receipt scanning features
Does not transfer Google user data to third parties except as necessary to provide the service
Does not use Google user data for advertising or to build advertising profiles
Does not allow humans to read your email content unless you explicitly consent, or it is required for security or legal compliance

6. Data Sharing

We may share data only in these limited circumstances:

Service providers: We use Supabase (database/auth), Vercel (hosting), Stripe (payments), and AI providers (bill/receipt analysis) to operate the service. These providers process data only on our behalf and are bound by their own privacy commitments.
Legal compliance: We may disclose information if required by law, subpoena, or legal process.
Business transfer: If Billendar is acquired or merged, user data may be transferred. You will be notified of any such change.

7. Data Retention

We retain your account and bill data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are legally required to retain it.

Backups that may contain your data are automatically purged on a rolling 90-day cycle.

8. Your Rights

You have the right to:

Access your data: View all bill and account data through the app
Export your data: Download your bill data at any time from account settings
Delete your account: Permanently delete your account and all associated data
Revoke Gmail access: Disconnect Gmail at any time from your account settings or from your Google account permissions
Withdraw consent: Stop using optional features (like Gmail scanning) at any time
Rectification: Update or correct your personal information

To exercise any of these rights, contact us at support@billendar.app or use the relevant controls in your account settings.

9. Data Security

We implement industry-standard security measures to protect your data:

All data is encrypted in transit using TLS 1.2+
Data at rest is encrypted using AES-256
Our infrastructure providers (Vercel, Supabase) maintain SOC 2 compliance
Database access is restricted with Row Level Security - each user can only access their own data
Authentication is handled through Google OAuth via Supabase Auth - we never store passwords

For more details, see our Security page.

10. Cookies

Billendar uses minimal cookies, limited to:

Authentication cookies: To keep you signed in
Session cookies: To maintain your session state

We do not use advertising cookies, tracking cookies, or third-party analytics cookies.

11. Children's Privacy

Billendar is not intended for use by anyone under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected data from a child under 13, we will delete it promptly. If you believe a child under 13 has provided us personal information, please contact us at support@billendar.app.

12. International Data Transfers

Billendar's infrastructure is hosted in the United States. If you access the service from outside the US, your data may be transferred to and processed in the US. By using the service, you consent to this transfer. We take measures to ensure your data is treated securely regardless of where it is processed.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice within the app or sending an email. Your continued use of Billendar after changes take effect constitutes your acceptance of the revised policy.

14. Contact Us

If you have questions or concerns about this Privacy Policy, contact us at:

Billendar
Email: support@billendar.app
Website: billendar.app