Privacy Policy
Last updated: April 23, 2026
The short version
We built Granalyst to help you understand your grocery spending. That means we handle your receipt photos, your purchase history, and your location data. Here's what we believe and how we operate:
- Your receipts are yours. We don't sell your personal data to anyone. Never have, never will.
- We use machine learning to read your receipts. Your receipt text is processed through our rented GPUs on our own optimized models. When there are gaps, the text (not the image) is sent to AI services for post-processing. These services process the data and return results — they do not store your receipts or use them for their own training.
- We may share aggregate, anonymized trends — for example, "shoppers in zip code 12345 buy eggs more frequently than shoppers in zip code 98765." This kind of data helps us and potentially our partners understand shopping patterns. It never includes anything that identifies you personally.
- If we show ads or promotions, advertisers receive store zip codes and aggregate engagement stats (e.g., how many users who saw a promotion later had relevant items appear on a receipt). Advertisers never receive your identity, your individual receipts, or your personal shopping habits.
- We learn from your corrections. When you fix a misread price or item name, we use that to improve our receipt reading models' accuracy. This training data is anonymized and not linked to your identity.
- We use standard services for payments, email, and notifications. They only get what they need to do their job.
This summary is provided for convenience and is not itself the binding policy. The detailed sections below are the full terms and govern in the event of any difference.
What we collect and why
Our guiding principle is to collect only what we need. Here's what that means in practice:
Identity and access
When you sign up for Granalyst, we ask for your name and email address. That's so you can personalize your account and we can send you important product updates. We may also send you optional surveys from time to time to help us understand how you use the product and make improvements.
We will never sell your personal information to third parties, and we won't use your name in marketing statements without your permission.
Billing information
If you sign up for a paid Granalyst plan, you will be asked to provide your payment information. Credit card information is submitted directly to our payment processors (Stripe for web, Apple App Store for iOS, Google Play for Android) and never touches Granalyst servers. We store a record of the payment transaction for account history and billing support.
Receipt data
This is the core of what Granalyst does. Receipts enter the system in several ways:
Uploaded receipt photos. When you upload a receipt photo, we collect and store:
- The receipt image itself
- Extracted text from the receipt (store name, items, prices, totals, dates, payment method)
- Store location data (address, city, state, zip code, coordinates) when available on the receipt or detected from the image
Browser extension. Granalyst offers an optional browser extension that can detect and import receipts from online retailers (e.g., grocery delivery order confirmations). The extension:
- Only activates on retailer sites you have enabled, or when you manually trigger it
- Only reads receipt and order data (items, prices, totals, order dates, store name) from the page — it does not read or transmit any other page content, browsing history, or data from other tabs
- Sends receipt data to Granalyst for processing, the same as a photo upload
- In some cases, extracted text may be sent to an AI service for post-processing when the page structure does not yield clear item data
You can disable the extension or remove individual retailer permissions at any time.
We keep receipt data as long as your account is active. If you delete a receipt, it is removed from our active systems. If you delete your account, all receipt data is permanently deleted within 60 days.
Location data
We collect store location information from your receipts (addresses, zip codes) to help identify stores and provide location-based features like nearby store pricing. We may also use your device's location with your permission to assist with store identification.
We log IP addresses used to sign up and access your account for security and fraud prevention purposes.
User corrections and training data
When you correct a misread item name, price, or other receipt detail, we record the correction to improve our receipt reading accuracy. These corrections are stored in anonymized form — they help our models learn patterns (e.g., "this OCR output is commonly misread") without being linked to your identity.
Website and app interactions
We collect basic analytics data such as your browser and operating system version, which pages you visited, and how long they took to load. This helps us improve the product. We do not use third-party advertising trackers.
Mobile app permissions
Our mobile apps may request access to your device camera (to photograph receipts) and photo library (to upload existing receipt images). These permissions are optional and the app will explain why each is needed before requesting access. Push notification permissions are requested upon first sign-in on iOS; Android does not require permission for notifications.
Voluntary correspondence
When you contact us with a question or support request, we keep that correspondence, including your email address, so we have a history to reference if you reach out again.
Third-party services that process your data
We use a small number of third-party services to provide Granalyst. Each receives only the data necessary for its function:
Receipt processing services
| Service | What it receives | Purpose |
|---|---|---|
| OpenAI | Receipt text only (OCR output, item names, prices, store names) — not receipt images | AI post-processing for store detection, product categorization, and data extraction when our own models produce incomplete results |
| Anthropic | Same as OpenAI — text only, not images | Alternative AI provider for receipt post-processing |
| TagGun | Receipt images (processed in memory, not stored) | Fallback OCR service used only when our own models encounter errors |
These AI services process your data and return results. Per their API terms, they do not use API-submitted data to train their own models. TagGun processes images with an "incognito" flag that prevents storage.
Location and store services
| Service | What it receives | Purpose |
|---|---|---|
| Google Places | Store names, coordinates | Verify and enrich store location data |
| Logo.dev | Store names | Retrieve store brand logos |
Payment and billing
| Service | What it receives | Purpose |
|---|---|---|
| Stripe | Email, name, payment method | Web subscription billing |
| Apple App Store | Transaction and product IDs | iOS in-app purchase verification |
| Google Play | Purchase tokens and product IDs | Android in-app purchase verification |
Communication
| Service | What it receives | Purpose |
|---|---|---|
| Mailgun | Email address, email content | Transactional emails (verification, notifications, support) |
| Web Push (W3C standard) | Notification payload, device tokens | Browser push notifications for receipt processing status |
Aggregate data and advertising
What we mean by aggregate data
Aggregate data is information that has been combined across many users so that no individual can be identified. Examples include:
- Average egg prices by zip code
- Most common grocery stores in a region
- Seasonal purchasing trends
We may use and share aggregate data for product features, research, and partnerships. We take care to ensure aggregate data sets are large enough that individual users cannot be identified — we do not publish or share aggregate data from groups too small to provide meaningful anonymity.
How advertising and promotions work
If Granalyst shows ads or promotions:
- What advertisers receive: Store zip codes (not your zip code — the store's), and aggregate engagement metrics (e.g., "X users who saw this promotion subsequently purchased the promoted product category"). This helps advertisers understand whether a promotion was effective.
- What advertisers never receive: Your name, email, account details, individual receipts, individual purchase history, or any information that could identify you personally.
- Your control: You can opt out of promotion-related data sharing in your privacy settings.
When we access or disclose your information
To provide the service. We use the third-party services listed above to run Granalyst and provide the service to you.
To improve receipt reading. We use anonymized correction data to train and improve our receipt processing models. No Granalyst employee looks at your receipt content except in rare cases where an automated process fails and requires manual intervention to fix a bug — and even then, we look for systemic solutions to prevent recurrence.
To help you troubleshoot. If we need to access your data to help with a support case, we will ask for your permission first.
Aggregated and de-identified data. We may use de-identified or aggregated data as described in the "Aggregate data and advertising" section above.
When required by law. Granalyst is a U.S. company. Our policy is to not respond to government requests for user data unless compelled by legal process (warrant, subpoena, or court order). It is our policy to notify affected users before disclosing data unless legally prohibited from doing so.
If Granalyst is acquired by or merges with another company, we will notify you before any personal information is transferred or becomes subject to a different privacy policy.
Your rights with respect to your information
We apply the same data rights to all users, regardless of location:
- Right to Know. You have the right to know what personal information is collected, used, shared, or sold. This policy outlines that.
- Right of Access. You have the right to access the personal information we hold about you.
- Right to Correction. You have the right to request correction of your personal information.
- Right to Erasure. You can request that your personal information be deleted. You can delete individual receipts at any time, or delete your entire account. Account deletion results in permanent removal of all your data within 60 days.
- Right to Restrict Processing. You have the right to request restriction of how your personal information is processed, including opting out of aggregate data sharing.
- Right to Object. You have the right, in certain situations, to object to how your personal information is processed.
- Right to Portability. You have the right to request a copy of your data. Contact us at the address below and we will provide it.
- Right to Non-Discrimination. We will not charge you differently, offer different discounts, or provide lower service quality because you exercise your privacy rights.
To exercise any of these rights, contact us at support@granalyst.com.
How we secure your data
All data is encrypted via SSL/TLS when transmitted between our servers and your device. Database backups are encrypted. We follow industry security best practices for storing receipt images and extracted data at rest.
Data retention
We keep your data as long as your account is active. Deleted receipts are removed from active systems promptly. If you delete your account, all content is permanently deleted within 60 days, including from backups.
Anonymized, aggregate data derived from your receipts before deletion may persist, as it is no longer linked to your identity.
Location of site and data
Granalyst is operated in the United States. If you are located outside of the United States, please be aware that any information you provide to us will be transferred to and stored in the United States. By using Granalyst, you consent to this transfer.
When transferring personal data from the EU
The European Data Protection Board (EDPB) has issued guidance that personal data transferred out of the EU must be treated with the same level of protection granted under EU privacy law. UK law provides similar safeguards. We are committed to handling EU and UK user data in accordance with these requirements.
Changes and questions
We may update this policy as needed to comply with relevant regulations and reflect new practices. Whenever we make a significant change, we will update the date at the top of this page and notify users through the app.
Have questions, comments, or concerns about this privacy policy, your data, or your rights? Please get in touch at support@granalyst.com and we'll be happy to help.
Adapted from Basecamp's open-source policies, available under CC BY 4.0.