Privacy Policy

Last updated: June 2026

What Purchase Tracker does

Purchase Tracker is a browser-based tool that helps Australian sole traders categorise bank transactions, attach receipts, and prepare BAS-ready reports. The application runs entirely in the user's web browser. We do not operate backend servers that process or store user data.

Google user data: what we access, how we use it, and where it is stored

Purchase Tracker requests access to the following Google user data through Google OAuth 2.0 and the Google Drive API. Below is a complete disclosure of every type of Google user data we access, the specific purpose for accessing it, how it is processed, and where it is stored.

1. Email address (scope: userinfo.email)

Data accessed	The user's primary Google Account email address.
Purpose	Used solely to identify the signed-in user within the application interface (displayed as the account name). This allows the user to confirm which Google account is connected.
Processing	The email address is read from Google's OAuth response and displayed in the browser. It is not sent to any server, not stored in any database, and not used for email communication or marketing.
Storage	Held in browser memory only for the duration of the session. Not written to localStorage, cookies, or any persistent storage. Lost when the browser tab is closed.
Sharing	Not shared with any third party.

2. Basic profile information (scope: userinfo.profile, openid)

Data accessed	The user's display name and profile identifier from their Google Account.
Purpose	Used to display the user's name in the application interface so they can confirm the correct account is connected.
Processing	The profile name is read from Google's OAuth response and displayed in the browser. No further processing occurs.
Storage	Held in browser memory only for the duration of the session. Not persisted anywhere.
Sharing	Not shared with any third party.

3. Google Drive — application-specific files only (scope: drive.file)

Data accessed	Purchase Tracker creates, reads, and updates files in the user's Google Drive that were created by this application only. Specifically: (a) one JSON session file stored in the Drive appData folder containing the user's transaction data, categories, rules, and settings; and (b) individual receipt files (PDF or image) uploaded by the user through the application. The application cannot see, access, read, or modify any other files in the user's Google Drive. The `drive.file` scope restricts access exclusively to files created by this application.
Purpose	Google Drive is used as the user's personal cloud storage for their financial data. This allows users to access their data across devices and sessions without requiring us to operate a database or server. Specifically: the JSON session file stores the user's categorised transactions, auto-categorisation rules, GST settings, and preferences. Receipt files store PDF invoices or photos of receipts that the user attaches to their transactions.
Processing	When the user opens the application, the session JSON file is downloaded from their Drive and parsed in the browser to restore their data. When the user makes changes (categorising transactions, attaching receipts, changing settings), the updated data is saved back to the same file in their Drive. All processing occurs in the user's browser. No data from Drive is sent to our servers or any third-party server (with the optional exception of Anthropic OCR, described below, which the user must explicitly enable and provide their own API key for).
Storage	All data is stored in the user's own Google Drive account, under their control. The application also maintains a lightweight backup copy in the browser's localStorage (transaction data and rules only, no receipt files) for crash recovery purposes. This local backup is overwritten on each save and can be cleared by the user at any time.
Sharing	Google Drive data is not shared with any third party. Not transferred to any server. Not used for advertising, analytics, or any purpose other than providing the application's core functionality to the user.

Google API Services User Data Policy compliance

Purchase Tracker's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

We only use Google user data to provide and improve the application's user-facing features as described in this policy.
We do not transfer Google user data to third parties except as necessary to provide the application's functionality, to comply with applicable laws, or as part of a merger/acquisition with notice to users.
We do not use Google user data for serving advertisements.
We do not allow humans to read Google user data unless: the user has given affirmative consent, it is necessary for security purposes, or it is required by law.

Optional third-party service: Anthropic API (user-enabled OCR)

If the user chooses to enable optical character recognition (OCR) for receipt scanning, they must provide their own Anthropic API key. When enabled:

Receipt images are sent directly from the user's browser to Anthropic's API for text extraction.
This data transfer is initiated by the user, from the user's browser, using the user's own API key.
We do not proxy, intercept, log, or store these API requests.
The API key is stored in the user's browser localStorage only and is never transmitted to our servers.
This feature is entirely optional and disabled by default.

Hosting

The application's static files (HTML, CSS, JavaScript) are hosted on Cloudflare Pages. Cloudflare may retain standard web server logs (IP address, page requested, timestamp) per their Privacy Policy. No Google user data is transmitted to or stored on Cloudflare's servers.

What we do not do

We do not sell, rent, trade, or transfer Google user data to any third party.
We do not use Google user data for advertising, marketing, or user profiling.
We do not use Google user data to train machine learning or AI models.
We do not track user behaviour with analytics tools, tracking pixels, or cookies.
We do not access any Google Drive files other than those created by this application.
We do not store Google user data on any server or database we operate.
We do not send emails to users or use their email address for communication.

Data retention and deletion

Because all user data is stored in the user's own Google Drive and browser, the user has full control over their data at all times.

To delete all data:

In the app: Open Settings → Delete all data. This permanently removes the session file and all receipt files from Google Drive.
Revoke access: Visit Google Account Permissions and remove Purchase Tracker. This immediately revokes the application's ability to access your Google Drive.
Browser data: Clear your browser's localStorage and cookies for this site to remove the local backup and preferences.

Upon revoking access, the application can no longer read or write any data in the user's Google Drive. Files previously created by the application remain in the user's Drive under their control and can be manually deleted.

Children's privacy

Purchase Tracker is a business accounting tool not intended for use by anyone under the age of 18. We do not knowingly collect data from children.

Changes to this policy

If we make material changes to this policy, we will update the date at the top of this page. Continued use of the application after changes constitutes acceptance of the updated policy.

Contact

For privacy-related questions, data access requests, or concerns about this policy, contact: [email protected]