Privacy Policy

Effective date: March 2026
Last updated: March 2026

GotReceipts (gotreceipts.io) ("we," "us," "our") respects your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

1. Information We Collect

Information you provide:

  • Email address: When you sign up for a Pro account or subscribe to our email newsletter. Used for authentication (magic link login) and to send you the content you requested.
  • Payment information: When you subscribe to Pro. Payment is processed entirely by Stripe. We do not store your credit card number, CVV, or full payment details on our servers. We receive and store your Stripe customer ID and subscription status only.

2. Information Collected Automatically

  • Analytics data: We use privacy-friendly analytics (Plausible or Fathom) that do not use cookies, do not track individuals across sites, and do not collect personal information. We see aggregate page views, referral sources, and general geographic regions (country level). We do not see your IP address, device fingerprint, or browsing history.
  • Server logs: Our hosting provider may temporarily log IP addresses and request data for security and performance purposes. These logs are not used for tracking and are automatically deleted.

3. Information We Do Not Collect

  • We do not use Google Analytics or any tracking-based analytics platform.
  • We do not sell, rent, or share your personal information with advertisers.
  • We do not build user profiles for advertising purposes.
  • We do not track your activity across other websites.
  • We do not collect financial account information, brokerage data, or investment portfolio details.

4. How We Use Your Information

Email address: Magic link authentication, subscription management, weekly newsletter (if opted in), and important service updates.

Stripe customer ID: Managing your Pro subscription and processing payments and refunds.

Analytics (aggregate): Understanding which pages are popular, improving the product, and identifying technical issues.

We will never use your email address to send unsolicited marketing. You will only receive emails you have explicitly opted into: magic link login codes, subscription confirmations, or the weekly newsletter.

5. Third-Party Services

We use the following third-party services that may process limited data:

  • Stripe (payments): https://stripe.com/privacy
  • Plausible or Fathom (analytics): https://plausible.io/privacy or https://usefathom.com/privacy
  • Cloudflare (CDN and security): https://www.cloudflare.com/privacy/
  • Email delivery provider (transactional email) for magic link and newsletter delivery only.
  • We do not share your information with any other third parties.

6. Cookies

  • Session cookie: If you are logged into a Pro account, a session cookie identifies your login state. This cookie is HttpOnly, Secure, and SameSite=Strict. It contains no personal information and expires when you close your browser or after a set period.
  • No tracking cookies: We do not use advertising cookies, analytics cookies, or third-party tracking cookies.
  • No cookie banner required: Because we only use strictly necessary cookies for authentication, we do not require cookie consent under most privacy regulations.

7. Data Retention

  • Email addresses: Retained for as long as you have an account or newsletter subscription. Deleted within 30 days of account deletion or unsubscribe.
  • Stripe data: Subscription records are retained as required for accounting and tax purposes. Stripe retains payment data per their own retention policy.
  • Analytics: Aggregate analytics data is retained indefinitely. No personal data is included.
  • Server logs: Automatically deleted by our hosting provider, typically within 30 days.

8. Your Rights

Depending on your location, you may have rights to access, correct, delete, unsubscribe, or cancel.

To exercise these rights, contact privacy@gotreceipts.io. We will respond within 30 days.

9. Australian Privacy Act

We comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). We collect only the minimum personal information necessary to provide the Service, use it only for the purposes described in this policy, and take reasonable steps to protect it from misuse, loss, and unauthorised access.

10. International Users

If you access the Service from outside Australia, your information may be transferred to and processed in Australia or in the jurisdiction where our hosting provider operates. By using the Service, you consent to this transfer.

For users in the EEA or UK, we process data on contractual necessity (account and subscription management) and legitimate interest (analytics and service improvement).

11. Children

GotReceipts is not directed at anyone under the age of 18. We do not knowingly collect personal information from children.

12. Security

We take reasonable measures to protect your information, including:

  • HTTPS encryption on all pages
  • HttpOnly, Secure, SameSite=Strict session cookies
  • Magic link authentication (no passwords stored)
  • Single-use, time-limited authentication tokens
  • Secrets stored in environment variables, never in code repositories
  • Cloudflare DDoS protection and WAF
  • CORS restricted to our own domain
  • No method of transmission or storage is 100% secure; we take commercially reasonable steps to protect your data.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the Service or email. Your continued use of the Service after changes take effect constitutes acceptance of the revised policy.

14. Contact

For privacy-related questions or requests: contact@gotreceipts.io

GotReceipts tracks publicly reported stock and cryptocurrency calls from news headlines. It is not a complete trading record and is not investment advice. Past performance does not predict future results.

Home · How It Works · Terms · Privacy · Disclaimer