Slipp

Welcome to Slipp. We value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and share your information when you use our mobile application ("App"). By using the App, you agree to the collection and use of information in accordance with this policy.

• Account Information: When you register, we collect your username, email address, and password (stored securely as a cryptographic hash). We also store an authentication token (JWT) for session management.
• Receipt Images: We collect images of receipts you upload via camera or photo gallery. These images are stored on our servers and processed using AI/OCR technology via an external processing service (n8n workflow engine).
• Extracted Receipt Data: From each receipt, we extract and store: store/merchant name, store address, branch name, merchant category, receipt date and time, receipt number, cash register number, total amount, subtotal, currency, tax amount, tax rate, total discount, and the complete raw JSON response from AI analysis.
• Payment Information on Receipts: We extract and store payment method (e.g., cash, credit card) and the last 4 digits of the card used (if applicable) as shown on the receipt.
• Receipt Item Details: For each item on a receipt, we collect: item name, barcode number (if available), product category hierarchy, quantity, unit, unit price, total price, tax rate, product tags, perishability information (whether the product is perishable, estimated expiry days, suggested consume-by date), and warranty information (whether the item is a durable good, estimated warranty duration in months, warranty end date).
• AI Spending Analysis: Our AI engine categorizes each receipt into a spending category (e.g., Grocery, Electronics) and assigns a spending mood indicator (e.g., Need, Want). It also determines whether the purchase is a business expense.
• Credit & Transaction Data: We track your credit balance within the App, including transaction history (credit purchases, usage deductions for receipt scans, and trial credits). Plan credits reset on renewal, while purchased credits never expire. Switching from a monthly to an annual plan preserves your existing credits.
• Subscription Data: If you subscribe to a premium plan, we store your subscription details including plan type, purchase date, expiration date, auto-renewal status, and subscription status. Subscription management is handled via RevenueCat, which may collect transaction identifiers. Users can upgrade from monthly to annual plans.
• Feedback & Reports: If you submit feedback (feature requests, suggestions, complaints) or report receipt issues (wrong date, wrong total, missing items, wrong merchant), we store the content of your submissions along with your user ID.
• Device Information: We collect information about your mobile device, including device model, operating system version, and unique device identifiers (Device ID) for functionality and security purposes.
• Push Notification Token: We collect your Firebase Cloud Messaging (FCM) token to send you push notifications about warranty reminders and app updates. You can disable notifications at any time from the app settings.
• Usage & Analytics Data: We collect anonymous data on how you interact with the App via Google Firebase Analytics to improve user experience.
• Crash Logs: In the event of an error, we collect crash logs via Firebase Crashlytics to help us identify and fix issues.
• Local Device Storage: We store certain preferences locally on your device using SharedPreferences, including your login session data, onboarding completion status, notification preferences, and muted warranty notification settings. This data remains on your device and is not transmitted to our servers.

To provide our services, the App requires the following permissions:

• Camera: Required to take photos of your receipts for scanning.
• Photo Gallery / Storage: Required to upload existing receipt images from your device.
• Notifications: Required to send you push notifications about expiring warranties, scheduled warranty reminders, and important app updates.
• Internet: Required to communicate with our servers for receipt processing, account management, and data synchronization.
• Boot Completed: Required to restore scheduled warranty reminder notifications after device restart.
• Exact Alarm: Required to schedule precise warranty expiry reminder notifications at the correct times.

We use the following third-party services. We rely on your consent, the performance of our contract with you, and our legitimate interests to process this data:

• Google Firebase: Used for analytics (Firebase Analytics), crash reporting (Firebase Crashlytics), and push notifications (Firebase Cloud Messaging / FCM). Google Analytics for Firebase Terms. (Basis: Legitimate Interest & Performance of Contract)
• n8n AI/OCR Engine: Receipt images you upload are processed by our automated engine for data extraction. (Basis: Performance of Contract)
• RevenueCat: Used for subscription management. We share your email address and unique identifier with RevenueCat to associate your subscription across devices. (Basis: Performance of Contract) RevenueCat Privacy Policy.

Your data is processed based on the following legal grounds:

• Performance of Contract: To process and organize receipts, manage account registration, process subscriptions via RevenueCat, and track warranty expiry dates.
• Legitimate Interests: To analyze spending habits, provide financial insights, improve app performance via analytics, and fix technical issues.
• Legal Obligation: To comply with tax laws or other legal requirements.

Data Retention: Your data is retained as long as your account is active. Upon account deletion, your personal account details, receipt images, and extracted receipt data are permanently removed. However, to comply with global tax laws and accounting regulations, records of financial transactions, credit purchases, and subscription history are retained in an anonymized format (disconnected from your personal identity) for the legally required period.

Data Security: We use industry-standard encryption (bcrypt, HTTPS/TLS) to protect your data.

Depending on your location, you have rights to access, rectify, or erase your personal data, restrict or object to processing, and data portability.

If you are in the European Economic Area (EEA), your data is protected under the GDPR. Note that some data is processed by providers in the United States (Google, RevenueCat). We ensure protection through Standard Contractual Clauses (SCCs) to maintain a high level of data safety.

8.1. Terms: By using Slipp, you agree to these terms. You must be 18+ or have parent/guardian consent.
8.2. Responsibility: You are responsible for your account security and the legality of uploaded receipts.
8.3. OCR Accuracy: AI analysis is provided "as is". We do not guarantee 100% accuracy of receipt data; please verify results.
8.4. Governing Law: These terms are governed by the laws of Turkey. Disputes are subject to Istanbul Courts.

California residents have rights regarding the collection and disclosure of their personal information.

If you have any questions, please contact: t.gencosman@gmail.com (Tolga Gencosman)