Privacy Policy

Last updated: 6 July 2026

This page explains what personal data EasyScanMe processes, why, and how you can exercise your rights under the GDPR and equivalent regulations.

Who we are

EasyScanMe is operated by the EasyScanMe team. Contact: privacy@easyscanme.com.

What data we collect

  • Account data: email, name, workspace name, role, sign-in provider.
  • Receipt & document data: images you upload, extracted fields (merchant, date, amount, category), notes, categorization.
  • Usage data: log events (scans, uploads, sent packs) used for product analytics and plan limits.
  • Technical data: IP address, browser, device type, and error diagnostics.

Why we process it

  • To provide the Service (contract).
  • To enforce plan limits and prevent abuse (legitimate interest).
  • To send transactional emails (contract).
  • To comply with legal obligations.

Who we share it with

  • Your linked accountant (only receipts you explicitly send).
  • Sub-processors: our hosting/database provider, our AI extraction provider, our payment provider. A current list is available on request.
  • Authorities where required by law.

How long we keep it

We keep account and receipt data while your account is active. On deletion, data is removed within 30 days, except where retention is required by law.

Your rights

You have the right to access, correct, export, and delete your data. Email privacy@easyscanme.com to make a request. We respond within 30 days.

Security

We use TLS in transit, encryption at rest, row-level access control, and least-privilege service keys. No system is 100% secure — report suspected vulnerabilities to security@easyscanme.com.

Cookies

See our Cookie Notice.

Changes

Material changes will be announced in-app or by email.