Receipto - Privacy-First AI Receipt Scanner for Freelancers & Tax Prep

1. Introduction

This Data Processing Addendum ("DPA") forms part of the Terms of Service ("Agreement") between AppWrapp, LLC ("Processor") and the user or entity utilizing the Receipto service ("Controller").

This DPA applies to the extent that AppWrapp, LLC processes Personal Data on behalf of the Customer in the course of providing the Service.

2. Definitions

"GDPR" means the General Data Protection Regulation (EU) 2016/679.
"CCPA" means the California Consumer Privacy Act of 2018.
"Personal Data" means any information relating to an identified or identifiable natural person uploaded to the Service (e.g., names on receipts, email addresses).
"Sub-processor" means any third party engaged by AppWrapp, LLC to process Personal Data.

3. Processing of Data

3.1 Roles

For the purposes of GDPR, the Customer is the Controller (decides why data is collected) and AppWrapp, LLC is the Processor (processes data on the Controller's instructions).

3.2 Scope and Purpose

AppWrapp, LLC will process Personal Data solely to provide the Receipto Service, including:

Extracting text and data from receipt images (OCR and AI processing).
Storing and organizing expense data in user and organization accounts.
Providing team workspace features (member management, receipt approval workflows, custom fields).
Generating exportable reports (CSV, PDF).
Processing subscription payments (web: via Stripe; iOS: via Apple In-App Purchase).
Sending push notifications for reminders and alerts (via Firebase Cloud Messaging).
Monitoring application stability and diagnosing errors (via Sentry).

3.3 Duration

Processing continues for the duration of the Customer's subscription and up to 30 days after termination (for data deletion cycles), unless otherwise required by law.

4. Sub-processors

The Customer grants AppWrapp, LLC general authorization to engage the following Sub-processors to provide the Service. We will ensure all Sub-processors are bound by data protection obligations compatible with this DPA.

Sub-processor	Role	Data Processed	Location
Supabase, Inc.	Database Hosting & Authentication	Email, account data, receipt data, organization data	USA / EU
Cloudflare, Inc.	File Storage (R2) & CDN	Receipt images, app static assets	Global
OpenAI, LLC	AI Receipt Processing	Receipt images and extracted text (training opt-out enforced via enterprise API)	USA
Amplitude, Inc.	Product Analytics	Usage events, user properties (email, subscription tier, onboarding data, user ID)	EU data center
UXCam, Inc.	Session Replay	Screen recordings, user properties (email, subscription tier). All text input fields are masked.	EU
RevenueCat, Inc.	Subscription Management & Attribution	User ID, subscription transaction history, device identifier (for Apple Search Ads attribution, with user ATT consent)	USA
Apple, Inc.	iOS In-App Purchase	Purchase transactions (processed on-device by Apple; AppWrapp receives subscription status only)	Global
Stripe, Inc.	Web Payment Processing	Name, email, billing address (web subscriptions only; no mobile)	Global (PCI-DSS compliant)
Google Firebase (FCM)	Push Notifications	FCM device token, notification delivery metadata	USA
Sentry, Inc.	Crash Reporting & Error Monitoring	Crash logs, error stack traces, user ID, subscription tier	USA

We explicitly opt out of data training for all AI providers. Receipt data is processed via enterprise APIs and is never used to train public AI models.

Notes: Amplitude handles event analytics only. Session replay is handled by UXCam, not Amplitude. Apple IAP processes mobile payments natively. Stripe is used for web subscriptions only.

We will notify Customers of any changes to this list via email or website updates at least 30 days in advance.

5. Security Measures

AppWrapp, LLC implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

Encryption: Data is encrypted in transit (TLS 1.3) and at rest (AES-256).
Access Control: Access to production data is restricted to authorized personnel with 2FA.
Vendor Management: Evaluating the security practices of all Sub-processors.
Crash Monitoring: Application errors are captured by Sentry with user context (user ID, subscription tier) to enable diagnosis. Raw receipt data is not included in error logs.
Session Replay Masking: UXCam session recordings automatically mask all text input fields. Financial values on receipts are not captured in recordings.
ATT Consent for Attribution: Device identifiers used for advertising attribution (RevenueCat / Apple Search Ads) are only collected after explicit iOS App Tracking Transparency (ATT) consent from the user.

6. International Data Transfers

If Personal Data is transferred from the European Economic Area (EEA) to the United States (or other third countries), AppWrapp, LLC relies on:

Standard Contractual Clauses (SCCs): We agree to abide by the European Commission's SCCs for the transfer of data to processors established in third countries.

Where Sub-processors maintain EU data centers (Amplitude, UXCam, Supabase EU region), Customer data for EU users is processed within the EEA where possible and does not require onward transfer.

7. iOS Platform and Apple Data Processing

For users of the Receipto iOS application:

Apple In-App Purchase: Subscription transactions are processed by Apple, Inc. on-device. AppWrapp, LLC receives subscription status and entitlement information from RevenueCat but does not receive raw payment card data.
Push Notifications: Firebase Cloud Messaging (FCM) tokens are stored per user in Supabase to enable scheduled reminders and alerts. Users can disable notifications in iOS Settings.
App Tracking Transparency (ATT): On iOS 14.5+, Receipto requests ATT permission before collecting a device identifier for advertising measurement (Apple Search Ads attribution). This identifier is processed by RevenueCat. If the user declines ATT, no device identifier is collected for advertising purposes.

8. Data Subject Rights

AppWrapp, LLC will assist the Customer, to the extent possible, in fulfilling their obligation to respond to requests from individuals exercising their rights (e.g., "Right to be Forgotten", "Right to Access").

Tools: Customers can export or delete data directly within the Receipto application.
Support: If the automated tools are insufficient, Customers may contact support@receipto.app.

9. Data Breach Notification

In the event of a confirmed Personal Data Breach affecting Customer data, AppWrapp, LLC will:

Notify the Customer without undue delay (within 72 hours of becoming aware).
Provide details regarding the nature of the breach and mitigation steps.

10. Audit Rights

Upon written request, AppWrapp, LLC will make available to the Customer information necessary to demonstrate compliance with this DPA. If a formal audit is legally required, it shall be conducted at the Customer's expense, during normal business hours, and with reasonable notice.

11. Contact

For any questions regarding this DPA or data privacy:

AppWrapp, LLC

Email: support@receipto.app

Address: 651 N Broad St, Suite 201, Middletown, DE 19707

End of DPA

1. Introduction

This Data Processing Addendum ("DPA") forms part of the Terms of Service ("Agreement") between AppWrapp, LLC ("Processor") and the user or entity utilizing the Receipto service ("Controller").

This DPA applies to the extent that AppWrapp, LLC processes Personal Data on behalf of the Customer in the course of providing the Service.

2. Definitions

"GDPR" means the General Data Protection Regulation (EU) 2016/679.
"CCPA" means the California Consumer Privacy Act of 2018.
"Personal Data" means any information relating to an identified or identifiable natural person uploaded to the Service (e.g., names on receipts, email addresses).
"Sub-processor" means any third party engaged by AppWrapp, LLC to process Personal Data.

3. Processing of Data

3.1 Roles

For the purposes of GDPR, the Customer is the Controller (decides why data is collected) and AppWrapp, LLC is the Processor (processes data on the Controller's instructions).

3.2 Scope and Purpose

AppWrapp, LLC will process Personal Data solely to provide the Receipto Service, including:

Extracting text and data from receipt images (OCR and AI processing).
Storing and organizing expense data in user and organization accounts.
Providing team workspace features (member management, receipt approval workflows, custom fields).
Generating exportable reports (CSV, PDF).
Processing subscription payments (web: via Stripe; iOS: via Apple In-App Purchase).
Sending push notifications for reminders and alerts (via Firebase Cloud Messaging).
Monitoring application stability and diagnosing errors (via Sentry).

3.3 Duration

Processing continues for the duration of the Customer's subscription and up to 30 days after termination (for data deletion cycles), unless otherwise required by law.

4. Sub-processors

Sub-processor	Role	Data Processed	Location
Supabase, Inc.	Database Hosting & Authentication	Email, account data, receipt data, organization data	USA / EU
Cloudflare, Inc.	File Storage (R2) & CDN	Receipt images, app static assets	Global
OpenAI, LLC	AI Receipt Processing	Receipt images and extracted text (training opt-out enforced via enterprise API)	USA
Amplitude, Inc.	Product Analytics	Usage events, user properties (email, subscription tier, onboarding data, user ID)	EU data center
UXCam, Inc.	Session Replay	Screen recordings, user properties (email, subscription tier). All text input fields are masked.	EU
RevenueCat, Inc.	Subscription Management & Attribution	User ID, subscription transaction history, device identifier (for Apple Search Ads attribution, with user ATT consent)	USA
Apple, Inc.	iOS In-App Purchase	Purchase transactions (processed on-device by Apple; AppWrapp receives subscription status only)	Global
Stripe, Inc.	Web Payment Processing	Name, email, billing address (web subscriptions only; no mobile)	Global (PCI-DSS compliant)
Google Firebase (FCM)	Push Notifications	FCM device token, notification delivery metadata	USA
Sentry, Inc.	Crash Reporting & Error Monitoring	Crash logs, error stack traces, user ID, subscription tier	USA

We explicitly opt out of data training for all AI providers. Receipt data is processed via enterprise APIs and is never used to train public AI models.

Notes: Amplitude handles event analytics only. Session replay is handled by UXCam, not Amplitude. Apple IAP processes mobile payments natively. Stripe is used for web subscriptions only.

We will notify Customers of any changes to this list via email or website updates at least 30 days in advance.

5. Security Measures

AppWrapp, LLC implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

Encryption: Data is encrypted in transit (TLS 1.3) and at rest (AES-256).
Access Control: Access to production data is restricted to authorized personnel with 2FA.
Vendor Management: Evaluating the security practices of all Sub-processors.
Crash Monitoring: Application errors are captured by Sentry with user context (user ID, subscription tier) to enable diagnosis. Raw receipt data is not included in error logs.
Session Replay Masking: UXCam session recordings automatically mask all text input fields. Financial values on receipts are not captured in recordings.
ATT Consent for Attribution: Device identifiers used for advertising attribution (RevenueCat / Apple Search Ads) are only collected after explicit iOS App Tracking Transparency (ATT) consent from the user.

6. International Data Transfers

If Personal Data is transferred from the European Economic Area (EEA) to the United States (or other third countries), AppWrapp, LLC relies on:

Standard Contractual Clauses (SCCs): We agree to abide by the European Commission's SCCs for the transfer of data to processors established in third countries.

Where Sub-processors maintain EU data centers (Amplitude, UXCam, Supabase EU region), Customer data for EU users is processed within the EEA where possible and does not require onward transfer.

7. iOS Platform and Apple Data Processing

For users of the Receipto iOS application:

Apple In-App Purchase: Subscription transactions are processed by Apple, Inc. on-device. AppWrapp, LLC receives subscription status and entitlement information from RevenueCat but does not receive raw payment card data.
Push Notifications: Firebase Cloud Messaging (FCM) tokens are stored per user in Supabase to enable scheduled reminders and alerts. Users can disable notifications in iOS Settings.
App Tracking Transparency (ATT): On iOS 14.5+, Receipto requests ATT permission before collecting a device identifier for advertising measurement (Apple Search Ads attribution). This identifier is processed by RevenueCat. If the user declines ATT, no device identifier is collected for advertising purposes.

8. Data Subject Rights

Tools: Customers can export or delete data directly within the Receipto application.
Support: If the automated tools are insufficient, Customers may contact support@receipto.app.

9. Data Breach Notification

In the event of a confirmed Personal Data Breach affecting Customer data, AppWrapp, LLC will:

Notify the Customer without undue delay (within 72 hours of becoming aware).
Provide details regarding the nature of the breach and mitigation steps.

10. Audit Rights

11. Contact

For any questions regarding this DPA or data privacy:

AppWrapp, LLC

Email: support@receipto.app

Address: 651 N Broad St, Suite 201, Middletown, DE 19707

End of DPA

Data Processing Addendum (DPA)

1. Introduction

2. Definitions

3. Processing of Data

3.1 Roles

3.2 Scope and Purpose

3.3 Duration

4. Sub-processors

5. Security Measures

6. International Data Transfers

7. iOS Platform and Apple Data Processing

8. Data Subject Rights

9. Data Breach Notification

10. Audit Rights

11. Contact

Data Processing Addendum (DPA)

1. Introduction

2. Definitions

3. Processing of Data

3.1 Roles

3.2 Scope and Purpose

3.3 Duration

4. Sub-processors

5. Security Measures

6. International Data Transfers

7. iOS Platform and Apple Data Processing

8. Data Subject Rights

9. Data Breach Notification

10. Audit Rights

11. Contact