Privacy policy

Folkslip is operated by Folksoft Oy.

What we collect

When you sign in with Google, we receive your name, email address, and profile picture. When you connect a Gmail account for scanning, we request read-only access to your inbox to identify and parse receipt emails.

How we use your data

• Receipt scanning: We read email metadata and content solely to identify receipts and extract structured data such as amounts, dates, and provider names.
• Account management: Your email and profile information are used to maintain your account and display your identity within the app.
• No selling: We never sell, rent, or share your personal data or email content with third parties for advertising or marketing purposes.

Gmail & Google API

Folkslip's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We only access Gmail data when you explicitly trigger a scan or connect an account. We do not store raw email content. Only the extracted receipt data.

Data storage & security

Your data is stored in a secure PostgreSQL database. OAuth tokens are encrypted at rest. We use HTTPS for all communications. Access tokens are refreshed automatically and revoked when you disconnect an account.

Data retention & deletion

You can disconnect any Gmail account at any time, which revokes our access. You can request full account deletion by contacting us. This permanently removes all your data including receipts, tokens, and profile information.

Cookies

We use a session cookie to keep you signed in. We do not use tracking cookies or third-party analytics.

Changes to this policy

We may update this policy from time to time. We will notify you of significant changes via email or an in-app notice.

Contact

Questions about this policy? Reach out at privacy@folkslip.com.