1. Summary
Vault for Receipts is designed around a simple privacy principle: your receipts, photos, and financial data stay on your iPhone. We do not operate cloud servers that store your receipt images, OCR-extracted text, mileage logs, or expense data. Optical character recognition (OCR), receipt detection, categorization, IRS compliance checks, and report generation all run locally using Apple's Vision framework and on-device storage.
Some optional features touch services outside your device, and those are explained below. If you do not use those features, no information beyond what is required by Apple to deliver the App leaves your iPhone.
2. Information We Process
2.1 Information processed only on your device (never transmitted)
- Photo library content — when you grant photo access, the App reads images from your library to detect receipts. Image bytes never leave the device.
- Receipt images and OCR text — text extracted from receipts (vendor, amount, date, line items, attendees, business purpose) is stored only in your local app database and the Files app folder on your device.
- Camera captures — photos taken inside the App via the document scanner remain on-device.
- GPS mileage data — location coordinates collected during a tracked trip are stored only on your device. The App does not transmit location to any server.
- Contacts data — when you use the Split Check feature, contacts you select are read locally to populate a participants list. No contact data is uploaded.
- Expense reports and CSV exports — generated locally; you choose when and where to share them via iOS share sheet.
2.2 Information processed by third parties (only if you use the relevant feature)
| Feature | Third party | Data involved | Purpose |
|---|---|---|---|
| Sign in with Apple | Apple Inc. | Apple ID identifier, optional name and email (you choose what to share) | Optional account login to sync subscription state and preferences across your devices |
| Subscription billing | Apple Inc. (App Store) | Apple ID, payment method (handled entirely by Apple) | Process Premium subscription purchases. We never see your payment details. |
| Email forwarding ("receipts@" address) | Cloudflare, Inc. (Workers and Email Routing) | Forwarded email content, sender address, attachments | Receive receipts you forward by email and route them to your account. Email content passes through Cloudflare infrastructure but is not retained beyond what is necessary to deliver the message to the App. |
| Currency exchange rates | frankfurter.app (European Central Bank rates) | Currency code requests (no personal data) | Convert receipt amounts when receipts are in foreign currencies |
| Advertising (free tier only) | Google AdMob | Device advertising identifier, IP address, ad interaction events (subject to your iOS Tracking Transparency choice) | Display banner ads in the free version. Premium subscribers see no ads. You can opt out of ad tracking in iOS Settings → Privacy & Security → Tracking. |
| App Store services | Apple Inc. | Standard App Store telemetry per Apple's privacy policy | Crash reporting, App Store analytics, TestFlight feedback |
2.3 Information we do not collect
- We do not maintain a server-side database of your receipts.
- We do not sell or rent personal data to anyone.
- We do not use your receipt images, OCR text, or expense data to train machine learning models.
- We do not track your location outside of the GPS mileage feature, which only runs while you have explicitly started a trip or enabled background tracking.
- We do not require an account to use the core scanning features.
3. How Permissions Are Used
| iOS permission | Why the App requests it | Required? |
|---|---|---|
| Photo Library | Find and read receipt images for OCR. "Full Access" produces best results; "Limited Access" works but only sees photos you pick. | Required for the photo-scanning workflow. |
| Camera | Capture receipts using Apple's document scanner. | Optional — only if you use the in-app camera. |
| Location (When in Use / Always) | Track GPS mileage trips. "Always" is required for background trip tracking; "When in Use" works for foreground tracking only. | Optional — only if you use the Mileage feature. |
| Contacts | Populate the participant list when splitting a receipt. | Optional — only if you use the Split Check feature. |
| Notifications | Alert you when forwarded receipts arrive or when a tracked trip is detected. | Optional. |
| App Tracking Transparency | If granted (free tier only), allows AdMob to serve more relevant ads. Denying does not disable the App. | Optional. |
4. Data Storage and Retention
Receipt images are stored as JPEG files in the iOS Files app at On My iPhone → ReceiptVault → Receipts → [Year]. Receipt metadata (extracted fields, categorization, IRS compliance state, export history) is stored in a local SQLite database within the App's container. Both persist until you delete them or remove the App.
If you delete the App, the Files app folder remains on your device and continues to hold your receipt JPEGs. Your records are yours. The local database within the App is removed when the App is deleted.
Forwarded email receipts pass through Cloudflare infrastructure only long enough to be routed to your account. We do not maintain a long-term archive of forwarded email content on our infrastructure.
Apple retains subscription, App Store, and Sign in with Apple records under Apple's own privacy policy and retention rules, which we do not control. See apple.com/legal/privacy.
5. Children's Privacy (COPPA)
Vault for Receipts is intended for users 17 years of age and older and is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has used the App and provided personal information, contact us at support@receiptvault.pro and we will take reasonable steps to address it.
6. Your Rights
6.1 All users
- Access: all your receipt data is on your device. Open the App to view it; export to CSV via Settings → Data → Export Full History.
- Deletion: delete individual receipts inside the App, reset export history in Settings, or delete the App from your device.
- Portability: export your full history as CSV, or any expense report as PDF/QuickBooks/Xero/FreshBooks/Wave format, at any time.
- Withdraw permissions: revoke any iOS permission at any time in iOS Settings → Privacy & Security.
6.2 California residents (CCPA / CPRA)
Because the App processes personal data only on your device and we do not maintain a server-side store of your receipt content, we generally do not have personal information about you in the sense regulated by CCPA. To the extent we are deemed a "business" under CCPA, you have the right to know what personal information we collect (described above), to request deletion, to correct inaccuracies, and to opt out of sale or sharing of personal information for cross-context behavioral advertising. We do not sell personal information. To exercise these rights, email support@receiptvault.pro with the subject line "CCPA Request."
6.3 European Economic Area, United Kingdom, and Switzerland (GDPR / UK GDPR)
If you are in the EEA, UK, or Switzerland, the legal basis for processing the limited personal information we receive (such as your Apple ID identifier when you use Sign in with Apple, or AdMob device identifiers if you have not opted out) is your consent (Article 6(1)(a)) or our legitimate interest in delivering and securing the App (Article 6(1)(f)). You have the right to access, rectify, erase, restrict processing of, and port your personal data, and the right to object to processing and to lodge a complaint with your supervisory authority. Email support@receiptvault.pro with the subject line "GDPR Request."
6.4 Account deletion
If you used Sign in with Apple to create an account in the App, you may delete the account from inside the App at Settings → Account → Delete Account, which removes any sync state and preference data tied to that Apple ID identifier. You may also revoke the Sign in with Apple connection from iOS Settings → Apple ID → Sign-In & Security → Apps Using Apple ID.
7. Security
Receipt images and metadata are stored within the App's iOS sandbox, protected by your device's secure enclave and Data Protection class. Access requires your device passcode or biometric authentication. We use industry-standard TLS for any communication with third-party services described in Section 2.2. No system is perfectly secure; you are responsible for protecting your device passcode and Apple ID.
8. International Transfers
Cloudflare and Apple operate global infrastructure and may process data outside your home country. Where required, these providers rely on Standard Contractual Clauses or equivalent transfer mechanisms.
9. Changes to This Policy
We may update this Privacy Policy as the App evolves or as required by law. Material changes will be reflected in the "Last updated" date above and, when significant, called out in the App. Continued use after a change constitutes acceptance of the revised policy.
10. Contact
Questions or requests:
Corwin Petty
605 Tunbridge Dr
Bentonville, AR 72712
United States
Email: support@receiptvault.pro