Overview
LIC (Invoice Check-In) is a mobile app that helps you scan invoices, track expenses, and share spending moments with your friends.
This Privacy Policy explains what personal information we collect when you use LIC, how we use it, and the choices you have. By using LIC, you agree to the practices described here.
💛 We built LIC on a simple principle: collect only what’s needed to make the app work. We do not sell your data. Ever.
Data We Collect
We collect the following categories of information:
Account Info
Email address, display name, and profile photo you provide when signing up.
Invoice & Expense Data
Merchant name, date, and total amount extracted from your invoice photos.
Photos
Invoice images you choose to capture or upload. Stored securely in your account.
Device & Usage
App version, OS version, crash logs, and anonymous usage statistics to improve stability.
Information we do NOT collect:
- Your location or GPS data
- Contacts or address book
- Microphone or audio
- Browsing history or data from other apps
- Payment card or bank account numbers
How We Use Your Data
- Provide the core app experience: scanning invoices, recording expenses, and displaying your feed.
- Run on-device OCR (ML Kit) to extract text from invoice photos — this processing happens locally on your phone.
- Send invoice images to our AI service (Gemini API) only when on-device OCR confidence is low, to improve accuracy.
- Sync your expense data across your devices via our secure cloud backend (Supabase).
- Display expense moments to friends you have explicitly added within the app.
- Send optional push notifications about expense summaries or friend activity.
- Diagnose crashes and improve app performance using aggregated, anonymized analytics.
📷 Invoice photos are only shared with AI services to improve OCR results. They are never used for advertising, profiling, or sold to third parties.
Data Sharing
We do not sell, rent, or trade your personal data. We may share data only in these limited circumstances:
Camera & OCR
LIC requests access to your device’s camera and photo library solely to let you capture or pick invoice images.
- On-device OCR: Primary text extraction runs entirely on your device using Google ML Kit. No photo leaves your device during this step.
- Cloud OCR fallback: If on-device recognition confidence is low, the invoice image is sent to Google Gemini API over an encrypted connection for improved accuracy.
- We never access your camera or photo library without an explicit action from you (tapping capture or upload).
- You can revoke camera and photo permissions at any time in iOS Settings → LIC.
Data Storage & Security
Your data is stored securely using industry-standard practices:
Encryption in Transit
All data transmitted between the app and our servers uses TLS 1.3 encryption.
Encryption at Rest
Data stored on Supabase servers is encrypted at rest using AES-256.
Authentication
Row-level security (RLS) ensures you can only access your own data. Auth tokens are stored in iOS Keychain.
Access Control
Only authorized team members can access production systems, with audit logs in place.
Despite our best efforts, no transmission over the internet is 100% secure. Please protect your account password and report any suspicious activity to us immediately.
Data Retention & Deletion
We retain your data for as long as your account is active. You can delete specific data at any time:
- Individual invoices/expenses: Delete from within the app at any time.
- Account deletion: Go to Settings → Account → Delete Account. Your personal data (profile, invoices, photos) is permanently removed. Shared invoice amounts remain visible to your friends with your identity anonymized as “Deleted User” to preserve accurate financial records.
- Backup retention: Deleted data may remain in encrypted backups for up to 30 days before being fully purged.
- Legal hold: We may retain certain data longer if required by law or to resolve disputes.
🗑️ To request deletion of all your data, email us at the address below. We will process your request within 30 days.
Your Rights
Depending on your location, you may have the following rights regarding your personal data:
Access
Request a copy of the personal data we hold about you.
Correction
Request that we correct inaccurate or incomplete information.
Deletion
Request deletion of your personal data (right to be forgotten).
Portability
Request an export of your data in a machine-readable format.
Opt-Out
Revoke consent and opt out of non-essential data processing at any time.
Withdraw Consent
You can revoke camera/photo permission in iOS Settings at any time without deleting your account.
To exercise any of these rights, contact us using the information below. We will respond within 30 days.
Children’s Privacy
LIC is not directed to children under 13 years of age (or 16 in certain jurisdictions). We do not knowingly collect personal information from children. If you believe a child under 13 has provided us with personal information, please contact us immediately and we will delete it.
Policy Changes
We may update this Privacy Policy from time to time. When we do, we’ll update the “Last Updated” date at the top of this page and, for significant changes, notify you via an in-app notification or email.
We encourage you to review this page periodically to stay informed about how we protect your information.
Contact Us
Have a privacy question or request? We’re here to help.