1. Introduction

Welcome to MyPaymentsLog ("MyPaymentsLog," "we," "us," or "our").

This Privacy Policy explains how we collect, use, disclose, and protect your information when you access or use our web application, mobile application (if applicable), website, and related services (collectively, the "Services").

MyPaymentsLog provides read-only access to financial account information and transaction history, including summaries, filters, and visualizations based on user-selected criteria such as time range or payment method. Users may upload receipt images to transactions; we use optical character recognition ("OCR") to extract text so users can create item-level breakdowns.

We do not initiate, process, transmit, or facilitate payments between users and we do not move, hold, or transfer funds.

By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy.

2. Information We Collect

A. Information You Provide Directly

When you create or use an account, we may collect:

• Full name
• Email address
• Phone number (if provided)
• Mailing or residential address (if provided)
• Account profile information
• Communications with us (support requests, feedback, messages)

You may choose not to provide certain information, but some features may not function properly without it.

B. Financial Account Information (via Third-Party Providers)

You may connect bank accounts and credit/debit cards through secure third-party financial data providers (such as Plaid).

We do not collect or store:

• Bank login credentials
• Full bank account numbers
• Full credit or debit card numbers
• Card expiration dates
• CVV codes

We may receive and store limited information, including:

• Last four digits of connected accounts or cards
• Account type (checking, savings, credit, debit)
• Card network (e.g., Visa, Mastercard)
• Account nickname provided by the user
• Transaction history, dates, and merchant descriptions

All financial data access is:

• Authorized by the user
• Provided through secure, tokenized connections
• Limited to read-only permissions

We cannot initiate transactions, transfer funds, or modify your bank account.

C. Transaction History Data

When a financial account is linked, we may access and display historical transaction data, including:

• Transaction amounts
• Transaction dates
• Merchant names or descriptions
• Account identifiers (last four digits only)

This data is used to generate summaries, charts, trends, filters, and visualizations for personal financial tracking.

Transaction history availability and historical depth depend on the financial institution and permissions granted.

D. Receipt Upload and OCR Data

If you upload a receipt, we collect:

• Receipt images (photo or scanned copies)
• Text extracted from the image via third-party OCR providers (e.g., Google Cloud Vision)
• Line-item data you add or edit

Receipt images and extracted text:

• Are used solely to provide the receipt breakdown feature
• Are not used for advertising
• Are not sold

Receipt images may be transmitted securely to our OCR provider strictly for text extraction purposes.

You may delete uploaded receipts and associated line-item data at any time through the Services.

E. Automatically Collected Information

We may automatically collect:

• Device type, operating system, browser type
• IP address and approximate location
• Usage data (pages viewed, features used, session duration)
• Authentication and security logs
• Cookies and similar technologies

Cookies may be used for:

• Account authentication
• Analytics
• Fraud prevention
• Performance monitoring

You may disable cookies in your browser settings, though some features may not function properly.

F. Billing and Subscription Information

MyPaymentsLog offers a 7-day free trial requiring a payment card on file.

If you begin a trial or subscribe to the Pro plan, we may collect:

• Subscription status and plan type
• Billing dates and renewal dates
• Payment confirmations and transaction identifiers
• Last four digits of a payment card

All payments are processed securely by Stripe.

We do not store full credit card numbers, expiration dates, or CVV codes. Stripe processes and stores payment information in accordance with their own privacy and security standards.

Subscription and Trial Timing

• After the 7-day free trial, your subscription automatically renews at $5.99 per month unless canceled.
• If you cancel before the trial ends, you are not charged and access to Pro features ends immediately.
• Only one free trial is permitted per account.
• If canceled within seven (7) days of the first paid charge, a full refund may be issued. Access to paid features may end immediately upon refund.
• If canceled after seven (7) days, no refund is issued and access continues until the end of the billing period.

Detailed billing terms are governed by the Terms of Service.

3. How We Use Your Information

We use your information to:

• Create and manage user accounts
• Display transaction history
• Generate financial summaries and analytics
• Process subscription payments
• Provide receipt OCR and line-item breakdown features
• Provide customer support
• Improve functionality and user experience
• Monitor security and prevent fraud
• Comply with legal obligations

We do not sell personal or financial information.

4. Sharing of Information

We may share information only with:

• Financial data providers (e.g., Plaid)
• OCR providers (e.g., Google Cloud Vision)
• Payment processors (e.g., Stripe)
• Hosting, analytics, and infrastructure providers
• Legal authorities if required by law

Service providers are contractually required to protect information and use it only for authorized purposes.

We do not sell or rent personal data.

5. Data Security

We implement reasonable safeguards, including:

• Encrypted transmission (HTTPS/TLS)
• Secure authentication mechanisms
• Tokenized financial data handling
• Role-based access controls

However, no system can guarantee absolute security.

6. Data Retention

We retain information only as long as necessary to:

• Provide the Services
• Comply with legal obligations
• Resolve disputes
• Enforce agreements

If you cancel your subscription, we may retain limited metadata necessary for fraud prevention, legal compliance, and account restoration unless you request deletion.

7. Account Deletion

You may request deletion of your account at any time.

Upon deletion:

• Personal profile data will be removed or anonymized
• Connected financial accounts will be disconnected
• Receipt images and associated data will be deleted
• Certain records may be retained if legally required

Deletion requests may require identity verification.

8. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you may have the right to:

• Request access to personal information collected
• Request correction of inaccurate information
• Request deletion of personal information
• Request information about categories of data collected
• Opt out of sale or sharing (we do not sell personal data)

Requests may be submitted to:

[email protected]

We may verify your identity before fulfilling requests.

We will not discriminate against you for exercising privacy rights.

9. Do Not Track Signals

Our Services do not currently respond to browser "Do Not Track" signals.

10. Children's Privacy

The Services are not intended for individuals under 18.

We do not knowingly collect information from children.

11. International Users

Our Services are operated in the United States. If you access the Services from outside the U.S., your information may be transferred to and processed in the United States.

12. Changes to This Policy

We may update this Privacy Policy periodically. Updates will be posted with a revised effective date.

Continued use of the Services after changes constitutes acceptance.

13. Contact Us

If you have questions regarding this Privacy Policy or your data rights, contact:

[email protected]