Privacy Policy
Last updated: June 2026
This policy explains what PayOneTable collects, why, and the choices you have. We keep it short and specific. In plain terms: we collect what we need to run the Service, we never sell your data, and you can delete everything at any time.
Information we collect
- Account: your email address, an optional display name, and an optional profile photo.
- Splits you create: receipt items, the place name, the names you type for people, item assignments, and the calculated per-person totals.
- Receipt photos:the images you upload to be scanned (see “Receipt images & AI” below).
- Billing: if you subscribe, our payment provider (Stripe) handles your card. We store only your Stripe customer/subscription identifiers and plan status — never your card number.
- Technical: a secure session cookie to keep you signed in, plus basic security logs and scan counts used to enforce limits and prevent abuse.
How we use your information
- to provide the Service — scanning receipts, splitting bills and saving your history;
- to show your own spending analytics (paid plans);
- to process subscriptions and send transactional email (e.g. confirmations);
- to secure the Service — authentication, rate limiting and abuse prevention.
We do not sell your personal data, and we don't use it for third-party advertising.
Receipt images & AI
When you scan a receipt, the photo is sent to our AI provider (OpenAI) to extract the items, prices, fees and tip. It is not used to train their models. After extraction we store the photo privately in your own account so you can view it later (a paid feature); free-plan photos are stored privately too but shown only on paid plans. Receipt images are never public and never shared with other users. Deleting your account erases them.
Service providers we rely on
We share data only with the vendors needed to operate the Service:
- Supabase — database, authentication and private file storage (hosted in the United States).
- OpenAI — reads your receipt photos to extract items.
- Stripe — processes subscription payments.
- Resend — sends transactional email.
- Cloudflare Turnstile — protects sign-up/login from bots.
Each provider only receives the data needed for its function.
Storage & security
Data is encrypted in transit. Your rows are protected by row-level security so one account can never read another's splits, scans or photos. Receipt photos live in a private storage bucket and are served only to you, through short-lived signed links. Privileged operations run server-side with least-privilege access.
Data retention
We keep your data for as long as your account exists. When you delete your account (Account → Delete account) we permanently remove your profile, your saved splits and your receipt photos. Deletion is immediate and irreversible.
Your rights
You can access and edit your profile in the app, export nothing-but-your-own data by viewing your history, and delete everything from your account page. For any other privacy request, email contact@payonetable.comand we'll respond.
Cookies
We use a single essential cookie to keep you signed in. We don't use third-party advertising or cross-site tracking cookies.
Children
PayOneTable isn't intended for anyone under 16, and we don't knowingly collect data from children.
Changes to this policy
We may update this policy as the Service evolves. We'll change the date above and, for material changes, take reasonable steps to let you know.
Contact
Questions or requests? Email contact@payonetable.com.