Legal

Privacy Policy

Last updated 30 March 2026

rct-keep is a receipt management tool for individuals. Your receipts are sensitive financial records. We take that seriously. This policy explains what data we hold, how we use it, and the limits we place on ourselves.

The short version

  • Your data is yours. We do not sell it, share it, or use it to advertise to you.
  • We use your receipts only to provide the service to you.
  • We do not share your information with third parties except where strictly necessary to run the service (Stripe for payments, and no one else).
  • We may look at your data to fix a problem you've reported. We will not do so otherwise.

What we collect

Account information

When you create an account we store your name, email address, and a hashed version of your password (we cannot recover your password — only reset it). We also store your country and timezone, which are used to calculate financial years correctly.

Receipt data

The core of the service. When you upload a file, forward an email, or submit any receipt, we store:

  • The original file or email, exactly as received, unmodified
  • Extracted data: vendor name, amount, date, line items, categories, and any notes you add
  • The raw OCR output from AI processing
  • An edit history (a log of every change made to a receipt record)

This data is stored on servers we control, in Australia.

Usage data

We log basic operational data — things like when a job was processed, whether it succeeded, and how many receipts have been ingested. This is used to monitor the health of the service and nothing else. We do not use analytics services, tracking pixels, or third-party monitoring tools.

How we use your data

We use your data for one purpose: to provide rct-keep to you. Specifically:

  • To store, organise, and display your receipts
  • To run AI processing (OCR, parsing, categorisation) on files you submit
  • To send transactional emails (password resets, and nothing else)
  • To calculate your usage for subscription billing

We do not use your data to train AI models. When your receipts are processed by Claude (Anthropic's AI), they are sent to Anthropic's API under a data processing agreement that prohibits training on customer data.

Who can see your data

You

You have full access to everything you've submitted. You can view, edit, export, and delete your receipts at any time.

rct-keep staff

The people who run rct-keep (currently one person) have access to the database and file storage in order to operate and maintain the service. We may look at your account data in the following circumstances:

  • You've reported a bug or a problem with a specific receipt and asked us to investigate
  • We've detected an error in our system logs that points to your account
  • We're legally required to

We will not browse through your receipts out of curiosity. We will not use your financial records for any purpose other than fixing the problem at hand.

Third parties

We share data with exactly one external service:

  • Stripe — handles payment processing. When you subscribe, Stripe receives your name, email address, and payment card details. We never see or store your card number. Stripe's privacy policy is at stripe.com/privacy.

That is the complete list. We do not use advertising networks, data brokers, marketing platforms, or analytics services that involve sending your data to third parties.

AI processing

Receipt parsing uses Claude, an AI model made by Anthropic. When you submit a receipt, the file or extracted text is sent to Anthropic's API to extract structured data (vendor, amount, date, line items). This is governed by Anthropic's API terms, which include a commitment not to use customer data for model training. Receipt content is not stored by Anthropic beyond the duration of the API call.

Data retention

Your data is retained for as long as your account exists. If you delete a receipt it is soft-deleted (hidden from your view) and permanently removed after 90 days. If you close your account, all your data — receipts, files, and account information — is deleted within 30 days.

Security

All traffic is encrypted in transit via HTTPS. Passwords are hashed with bcrypt. Original receipt files are stored on private server storage not accessible via the web — they are served through authenticated PHP, not directly. Sessions use HttpOnly, SameSite cookies.

No security is perfect. If you discover a vulnerability, please email us at [email protected].

Your rights

You can:

  • Access your data — everything is visible in the app. You can export a CSV of your receipts from the Summary page.
  • Correct your data — edit any receipt field at any time.
  • Delete your data — delete individual receipts in the app, or contact us to close your account and remove everything.
  • Ask what we hold — email us and we'll tell you.

Cookies

We use one cookie: a session cookie that keeps you logged in. It contains no personal information. We do not use tracking cookies or third-party cookies of any kind.

Changes to this policy

If we make a meaningful change to this policy, we'll update the date at the top and email active users. We won't make changes that reduce your privacy rights without giving you the chance to close your account first.

Contact

Questions or concerns: [email protected]