Spendflow | Sync receipts from your email & WhatsApp, track expenses in real-time, and never miss a deduction.

Login
Join For Free
Menu
Login
Join For Free
Menu
Login
Join For Free

Privacy Policy | Spendflow

Effective Date: January 1. 2025.

SpendFlow (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect your information when you use the SpendFlow app and services (the “Service”). By using SpendFlow, you agree to the terms of this Privacy Policy.

1. Information We Collect

We collect various types of information to provide and improve our Service. This includes:

1.1 Account Information

  • Full name, email address, and phone number when you create an account.
  • Business details (if applicable), including company name, role, and tax identification number.
  • Login credentials and authentication tokens for connected services.
  • Billing and payment information for subscriptions and transactions.

1.2 Financial & Transaction Data

  • Receipt images, invoices, and transaction details uploaded or forwarded to SpendFlow.
  • Data extracted from email providers (Gmail, Outlook) and financial institutions with user authorization.
  • Categorization and metadata from receipts, including amounts, merchant details, timestamps, and payment methods.
  • Expense reports, approval workflows, and reimbursement details.
  • Budgeting and spending analytics based on user activity.

1.3 Device & Usage Information

  • IP address, device type, operating system, browser type, and version.
  • Application logs, error reports, and feature usage patterns.
  • Cookies and tracking technologies to enhance user experience and security.
  • Location data (only if explicitly permitted by the user) to enable features like currency conversion or tax calculations.

1.4 Third-Party Integrations

  • Data from connected services, including accounting software (QuickBooks, Xero), payroll providers, and financial APIs.
  • Permissions granted for secure access to third-party sources.
  • Interaction logs for synced data and transactions.

2. How We Use Your Information

We use collected data to:

  • Provide core SpendFlow functionalities such as receipt scanning, expense categorization, and financial reporting.
  • Sync and reconcile transactions from linked financial accounts.
  • Automate approvals and reimbursement workflows.
  • Detect fraudulent activity and ensure compliance with tax regulations.
  • Personalize user experience with spending insights and budget recommendations.
  • Improve our products through analytics, research, and AI enhancements.
  • Important: Data obtained via Google Workspace APIs is used strictly to provide user-requested features such as email receipt extraction and financial record generation. This data is not used to develop, improve, or train generalized AI or machine learning models.
  • Communicate service updates, support messages, and promotional offers (if opted-in).
  • Comply with legal and regulatory requirements.

3. How We Share Your Information

We do not sell your data. However, we may share information in the following scenarios:

3.1 Service Providers & Partners

We work with trusted third-party vendors to support:

  • Cloud hosting, database storage, and encryption services.
  • AI-powered receipt scanning and document processing.
  • Secure payment gateways and subscription management.
  • Customer support and live chat assistance.

3.2 Business & Enterprise Accounts

If you are using SpendFlow through an employer or business account, your data may be shared with your organization’s administrators and finance teams.

3.3 Compliance & Legal Requirements

We may disclose user data when required to:

  • Comply with laws, regulations, and court orders.
  • Enforce agreements and protect legal rights.
  • Investigate fraud, security threats, or policy violations.

3.4 Business Transactions

In the event of a merger, acquisition, or company restructuring, your data may be transferred as part of the business transaction.

4. Compliance & Regulatory Requirements

SpendFlow adheres to applicable data protection laws and financial regulations, including:

  • General Data Protection Regulation (GDPR) for users in the European Union.
  • California Consumer Privacy Act (CCPA) for residents of California, USA.
  • Payment Card Industry Data Security Standard (PCI DSS) for secure payment processing.
  • Anti-Money Laundering (AML) & Know Your Customer (KYC) Regulations where applicable.
  • Tax Compliance Laws for accurate financial reporting.

We continuously monitor and update our practices to ensure compliance with evolving regulations.

5. Data Security

We implement strict security measures to safeguard user data, including:

  • End-to-end encryption of sensitive information during transmission and storage.
  • OAuth authentication and multi-factor authentication (MFA) for account protection.
  • Regular security audits, penetration testing, and vulnerability assessments.
  • Role-based access controls (RBAC) to restrict data access internally.

While we take industry-standard precautions, no system is entirely immune to cyber threats. Users are advised to protect their login credentials and report any suspicious activity.

6. Data Retention

We retain personal data only as long as necessary to:

  • Provide uninterrupted service to users.
  • Fulfill legal, tax, and accounting obligations.
  • Improve features through anonymized analytics.

Users may request data deletion at any time, subject to compliance regulations.

7. Your Rights & Choices

Depending on your location, you may have the right to:

  • Access, update, or delete your personal information.
  • Withdraw consent for data processing and marketing communications.
  • Download an export of your financial data.
  • Restrict certain types of data sharing.

Requests can be submitted via [Insert Contact Email].

8. Cookies & Tracking Technologies

SpendFlow uses cookies and similar technologies to:

  • Improve app performance and user navigation.
  • Store session preferences and auto-fill forms.
  • Analyze trends and optimize features.
  • Prevent fraudulent logins and unauthorized access.

Users can manage cookie preferences through browser settings.

9. Third-Party Links & Integrations

SpendFlow may contain links to third-party websites or integrate with external services. We are not responsible for their privacy practices. Users should review those privacy policies independently.

10. International Data Transfers

SpendFlow operates globally, which may require transferring data across different jurisdictions. We ensure compliance with:

  • GDPR (General Data Protection Regulation) for EU users.
  • CCPA (California Consumer Privacy Act) for US users.
  • Other applicable data protection laws.

11. Children’s Privacy

SpendFlow is not intended for use by individuals under 18 years of age. We do not knowingly collect personal data from minors. If we discover such data has been collected, we will take steps to delete it promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices. Updates will be communicated via email, app notifications, or our website. Continued use of the Service after updates constitutes acceptance of the revised policy.

13. Contact Us

For any questions, concerns, or data-related requests, contact us at: info@spendflow.co

SpendFlow is committed to transparency, security, and user control over personal data. Thank you for trusting us with your expense management needs.