Privacy Policy

1. Who we are

Prooof ("we", "us", "our") is a service that helps UK consumers track receipts, monitor warranties, and draft refund claims under the Consumer Rights Act 2015. We are the data controller for the personal data described in this policy.

Contact: 2006griffin.rhys@gmail.com

2. What data we process

• Account data - your email address and authentication tokens.
• Receipt data - product names, prices, retailers, purchase dates, warranty terms, and the email subject line that identified the purchase.
• Bill data - provider name, amount, billing period, and contract end date for utility/subscription bills.
• Mailbox connection metadata - provider (Gmail or Outlook), refresh token (encrypted at rest), last-sync cursor.
• Usage data - claim drafts you generate, subscription tier, and pseudonymous analytics (page views, feature usage).

3. Gmail & Outlook access (Limited Use disclosure)

When you connect your Gmail or Outlook account, Prooof requests the minimum scope required to find purchase receipts:

• https://www.googleapis.com/auth/gmail.readonly (Gmail) - read-only access to find purchase confirmation emails.
• Mail.Read (Microsoft Graph / Outlook) - read-only access for the same purpose.

Prooof's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, we commit that Gmail data is:

• Used only to identify and extract purchase receipts and bills, surfaced in your Prooof dashboard.
• Never transferred to third parties except as necessary to provide the service, comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to you.
• Never used to serve advertising, including personalised, retargeted, or interest-based advertising.
• Never read by humans, except (a) with your explicit consent for a specific support request, (b) for security investigations, or (c) where required by law.
• Not used to train generalised AI/ML models.

4. How we process your inbox

Our background sync fetches recent message metadata (subject, sender, snippet) and only opens the body of messages that look like purchase receipts based on keyword and brand heuristics. We extract structured fields (product, price, date, retailer) and discard the raw email body after extraction. We do not retain attachments.

You can also use Prooof entirely through the Chrome extension's content-script mode, which never sends your email to our servers - all parsing happens locally in your browser.

5. Legal basis (UK GDPR)

• Contract - to provide the receipt tracking and claim drafting service you signed up for.
• Consent - for connecting your mailbox via OAuth. You can revoke this at any time.
• Legitimate interests - security, fraud prevention, and basic analytics.

6. Data retention

Receipt and bill records are retained while your account is active. When you delete your account, all personal data is removed within 30 days, except where we are legally required to retain it (e.g. tax records for paid subscriptions).

7. Sub-processors

• Supabase - database and authentication (EU region).
• Stripe - payment processing for paid plans.
• Google Gemini / OpenAI - AI extraction of receipt fields and drafting of claim emails. Inputs are not used for model training.
• Cloudflare - hosting and edge compute.

8. Your rights

Under UK GDPR you have the right to access, rectify, erase, restrict processing of, port, and object to processing of your personal data. You can exercise these rights from your dashboard, by revoking mailbox access in your Google or Microsoft account, or by emailing 2006griffin.rhys@gmail.com.

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

9. Revoking mailbox access

You can revoke Prooof's access to your mailbox at any time:

• Google: myaccount.google.com/permissions
• Microsoft: account.live.com/consent/Manage
• Or disconnect from your Prooof dashboard settings.

10. Security

Refresh tokens are encrypted at rest. All data is transmitted over TLS 1.2+. We undergo annual CASA Tier 2 security assessment as required by Google for Gmail API access.

11. Changes

We will notify you of material changes by email at least 14 days before they take effect.