← Back to Resibow

Privacy Policy

Last updated: 2026-05-09

The plain-English version

We don't sell your data. We don't advertise on your data. You own your receipts and expenses. You can export everything anytime. You can delete everything anytime. Your card details never touch our servers — Stripe handles all payments.

What we collect

  • Email address — required to sign in (we use magic links, no passwords).
  • Receipt images you upload — stored encrypted at rest in Supabase Storage, scoped to your account only via row-level security.
  • Extracted receipt text + parsed fields — merchant, total, date, category, currency, notes.
  • Plan + usage counters— which plan you're on, how many receipts you've processed.
  • Stripe customer ID — if you upgrade. We never see your card number.

What we do NOT collect

  • Card numbers, partial card digits, or CVV codes (Stripe handles all of this)
  • Your contacts, location, or phone identifiers
  • Receipt data from anyone but you (no aggregate selling)

How receipt parsing works

When you upload a receipt, the image is sent to Supabase Storage (encrypted at rest, scoped to your account only) and sent to Anthropic's Claude vision API for parsing into structured fields (merchant, total, date, category, currency).

Per Anthropic's API terms, your receipt images are NOT used to train their models. The image is processed once for extraction and discarded by Anthropic; only the structured fields (and the original image you uploaded) are kept in our database.

Your data, your control

  • Export — Pro and Lifetime users can export all receipts as CSV anytime.
  • Delete— From your account dropdown → "Delete account", you can delete every receipt, image, and personal record permanently. This is irreversible.
  • Access — Email hi@resibow.com for any data-access request.

Philippine Data Privacy Act

Resibow complies with RA 10173 (Data Privacy Act of 2012). You have the right to be informed, access, object, erase, and rectify your data. Our Data Protection Officer can be reached at dpo@resibow.com.

Service providers

We use these third parties to run Resibow:

  • Supabase — auth + database + receipt image storage (US/EU regions)
  • Vercel — application hosting
  • Stripe — payment processing (your card never touches our servers)
  • Anthropic — OCR text parsing only (no training on your data)

Changes to this policy

If we change anything material, we'll email you. We won't quietly expand what we do with your data without telling you.

Contact

Questions: hi@resibow.com