Privacy Policy

1. Information we collect

Account information

When you create an account we collect your email address and display name. If you sign in with Google we receive your Google account email, name, and profile identifier; we do not receive your Google password. If you sign up with email and password, we store a one-way cryptographic hash of your password (never the password itself).

Receipt images

When you upload a photo of a receipt, the image is sent to our server and forwarded to our AI provider (Anthropic) for parsing. We do not store the image. The image is held in server memory only for the duration of the request and discarded immediately after parsing completes (whether the parse succeeds or fails). It is never written to disk and never copied to object storage.

Parsed receipt data

We store the structured data extracted from your receipt: merchant name, currency, line items (descriptions and amounts), tax and tip totals, and the per-person summary you finalize. We retain this data so you can revisit past splits.

Roster (names of people you have split with)

To make repeat splits faster, we save the names of people you have previously split a bill with. We store names only — these people do not have accounts and we do not collect their email addresses, phone numbers, or any other identifiers.

Payment information

Payments for credit packs are processed by Stripe, Inc. We do not collect or store your full card number, CVC, or expiry date. From Stripe we receive event metadata such as the payment status, amount, currency, and a reference to the credit pack purchased, which we record in our credit ledger for audit and accounting purposes.

Usage analytics

We use analytics tools to understand how the Service is used and to measure marketing effectiveness. These currently include or may include:

• Umami — a privacy-focused, self-hosted analytics tool that records page views and product events without using cookies and without collecting personal identifiers. We only deploy it in production environments.
• Meta Pixel (Facebook / Instagram) — used to measure ad performance and to retarget visitors. The Meta Pixel sets cookies and may transmit your IP address, browser information, and activity on our Service to Meta Platforms, Inc.
• TikTok Pixel — used for the same purposes on TikTok Ads. The TikTok Pixel sets cookies and may transmit similar information to TikTok Pte. Ltd. and its affiliates.

The product events we record describe how you use the Service (for example, which step of the split flow you reached, whether a scan succeeded, and which credit pack you selected). We do not include the contents of your receipts, the names of the people at your table, or any free-text you enter, in analytics events.

Local storage on your device

To make the app work, we store some data in your browser's local storage:

• In-progress split state — so a refresh in the middle of splitting a bill does not lose your work.
• First-touch attribution — when you arrive at our site we record the UTM parameters or referring website (if any) so we can understand which marketing channels work. The entry expires after 30 days.

This data lives only on your device and can be cleared at any time through your browser's settings.

Device and log information

Like most web services, our servers automatically log technical information when you interact with the Service, including your IP address, browser type and version, device type, the pages you request, and timestamps. We use this information for security, debugging, and abuse prevention.

2. How we use your information

We use the information described above to:

• Provide, operate, and maintain the Service;
• Process credit pack purchases and maintain your credit balance;
• Generate and store the per-person summaries you create, and surface the people you have split with before as quick picks;
• Communicate with you about your account, including transactional email such as account verification and password reset;
• Detect, investigate, and prevent fraud, abuse, and security incidents;
• Measure marketing effectiveness and improve the Service;
• Comply with legal obligations and enforce our Terms.

We do not sell your personal information. We do not use your receipt images or parsed receipt data to train AI models.

3. Who we share your information with

We share information with the following categories of third parties:

• Anthropic, PBC — receives your receipt images for parsing. Per Anthropic's terms applicable to API customers, your data is not used to train their models.
• Stripe, Inc. — processes payments. Stripe collects and handles your card details directly under Stripe's privacy policy.
• Google LLC — if you choose to sign in with Google, your authentication is handled by Google under their privacy policy.
• Neon, Inc. — hosts our primary database in their managed Postgres service.
• Analytics and advertising providers — Umami (self-hosted), Meta Platforms, Inc., and TikTok Pte. Ltd., as described above.
• Legal and regulatory authorities — when we are required to disclose information by law, court order, or to protect the rights, property, or safety of Zerowe, our users, or others.
• Successors — if Zerowe is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

4. Data retention

• Receipt images: not retained — discarded from server memory immediately after parsing.
• Account, scan history, and roster: retained for as long as your account is active. You may delete individual scans or your entire account at any time. After deletion we may retain limited records for up to 90 days in backups before they age out.
• Credit ledger and payment records: retained for at least seven (7) years to satisfy Canadian tax and accounting requirements.
• Server logs: typically retained for 90 days.

5. Your rights

Subject to applicable law, you have the right to:

• Access the personal information we hold about you;
• Correct inaccurate or incomplete information;
• Delete your account and the personal information associated with it;
• Export a copy of your data in a portable format;
• Withdraw consent to optional processing (such as marketing analytics);
• Lodge a complaint with the Office of the Privacy Commissioner of Canada or your local data protection authority.

If you are located in the European Economic Area, the United Kingdom, or California, you may have additional rights under the GDPR, UK GDPR, or CCPA respectively. To exercise any of these rights, email support@zerowe.app from the email address on your account.

6. Cookies and similar technologies

We use a small number of strictly-necessary cookies to keep you signed in. The analytics and advertising tools described above (Meta Pixel, TikTok Pixel) also set cookies on your device. You can control cookies through your browser settings; blocking cookies may make parts of the Service work less well.

7. International data transfers

Some of our service providers (including Anthropic, Stripe, Google, Meta, and TikTok) process data in jurisdictions outside Canada, including the United States and the European Union. By using the Service you consent to your information being transferred to and processed in those jurisdictions, subject to the safeguards required by applicable law.

8. Children

The Service is not directed to children under 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, please contact us at support@zerowe.app and we will take steps to delete it.

9. Security

We use industry-standard administrative, technical, and physical safeguards to protect your information, including encryption in transit, hashed passwords, and access controls on our infrastructure. No system is perfectly secure. If you become aware of a security issue, please report it to support@zerowe.app.

10. Changes to this Policy

We may update this Privacy Policy from time to time. If we make material changes we will notify you by email or through the Service before the changes take effect, and will update the effective date at the top of this page.

11. Contact

For privacy questions or requests, email support@zerowe.app. We aim to respond within 30 days.