Understanding how Receiptor AI handles your data is important — especially when connecting email accounts that contain financial information. Here is a straightforward breakdown of what access we have, how we protect your data, and how you stay in control.
We never ask for or store your email password.
When you connect an inbox, you authorise access through your email provider's own login screen.
The connection is read-only — Receiptor can scan your inbox for documents but cannot send, delete, or modify any emails.
We do not store email content. Only the extracted financial document is kept.
This permission is optional and entirely separate from the read-only access used to scan for documents.
It must be explicitly authorised by you, per inbox, from Collect → Emails → Settings → Permissions.
If you never enable it, Receiptor has no ability to send emails from your account.
We only access messages sent to that specific Receiptor AI chat — we have no access to your other WhatsApp or iMessage conversations.
All data is stored on AWS infrastructure in the EU region (Europe). This applies regardless of where you are located — your data stays in EU-based servers.
Encryption at rest: AES-256
Encryption in transit: TLS 1.2+ and SSL
Access controls: Role-based internal access with logging.
Multi-factor authentication: Required for all internal systems.
CASA Type 2 certified: Cloud Application Security Assessment, Type 2.
SOC 2: In progress.
Backups: Automated every 6 hours, encrypted and stored offline, retained for 7 days.
We do not use your documents or data to train AI models — neither ours nor third-party models (OpenAI, Azure, AWS).
We do not sell, rent, or trade your data to third parties.
We do not extract or store full credit card numbers or bank account numbers. Only the last 4 digits and card network are captured if present.
Go to Profile -> Connected Apps to see every app and inbox you've authorised.
You can revoke access to any connection from this screen at any time.
GDPR: We comply with the General Data Protection Regulation for all EU and UK users.
CCPA: We comply with the California Consumer Privacy Act for California residents.
If you have questions about privacy or security, contact us via the in-app chat or at [email protected]. Our Data Protection Officer is Romeo Bellon.