S

SnapKeep

Sign In →

Privacy Policy for SnapKeep

Effective Date: November 14, 2025
Last Updated: November 14, 2025

1. Introduction

Welcome to Rivra LLC ("Company," "we," "us," or "our"). We are committed to protecting your privacy and handling your data in an open and transparent manner. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you access or use our SnapKeep financial management application and related services (collectively, the "Service").

This Privacy Policy is designed to comply with major global data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

By accessing or using our Service, you acknowledge that you have read, understood, and agree to the collection and use of your information in accordance with this Privacy Policy. If you do not agree with the terms of this policy, you must not access or use the Service.

2. Information We Collect

We collect personal information that is necessary to provide, maintain, and improve our Service.

2.1 Information You Provide to Us

  • Account Information: When you register by signing in with your Google Account, we collect your name, email address, profile photo URL, and a unique Google account identifier.
  • Transaction Data: All financial data you upload or that is extracted from your receipts, including transaction amounts, dates, vendors, categories, projects, and any associated notes.
  • Payment Information: To manage your subscription, our payment processor (Stripe) collects your payment card details and billing address. We do not store or have direct access to your full payment card information.
  • Communications: Any information you provide when you contact us for support, provide feedback, or otherwise communicate with us.

2.2 Information Collected Automatically

  • Usage and Technical Data: We automatically collect information about your interaction with the Service, such as features used, scan counts, IP address, browser type, device identifiers, operating system, and session data.
  • Authentication Tokens: To connect to your Google Drive, we securely store encrypted OAuth access and refresh tokens granted by you. These tokens are used solely to facilitate the storage of your receipt images in your Google Drive.

2.3 Information from Third Parties

  • Google APIs: We receive extracted text from receipt images via the Google Vision API and file metadata from the Google Drive API.
  • Stripe: We receive information regarding your subscription status and payment events.

2.4 Information We Do Not Collect

We deliberately limit our data collection. We do not store your receipt images on our servers, track your precise geolocation, or access any files in your Google Drive outside of the dedicated "SnapKeep" folder.

3. How We Use Your Information & Legal Basis for Processing

We process your personal information for specific purposes and only where we have a valid legal basis to do so under applicable law, such as the GDPR.

Purpose of ProcessingTypes of Data UsedLegal Basis (GDPR)
To Provide and Manage the ServiceAccount Info, Transaction Data, Auth TokensPerformance of a Contract with you.
To Process Payments & SubscriptionsAccount Info, Payment InfoPerformance of a Contract with you.
To Communicate with YouAccount Info, CommunicationsPerformance of a Contract (for service-related messages); Legitimate Interest (for updates); Consent (for marketing).
For Service Improvement & AnalyticsAnonymized Usage DataLegitimate Interest to improve our service for all users.
To Maintain Security & Prevent FraudTechnical Data, Usage DataLegitimate Interest to protect our Service and users.
To Comply with Legal ObligationsAll relevant dataLegal Obligation to comply with applicable laws and lawful requests.

4. How We Share and Disclose Information

We do not sell your personal information. We only share your data with trusted third-party service providers who are contractually obligated to protect it and only for the purposes outlined below.

  • Google (Firebase & Cloud Platform): For user authentication, database hosting (Transaction Data), and backend processing.
  • Google Drive API: To store your receipt images in your personal Google Drive account. We only have access to the files our application creates.
  • Google Vision API: To perform Optical Character Recognition (OCR) on your receipt images. Images are processed temporarily and are not retained by Google for this purpose.
  • Stripe, Inc.: To process subscription payments securely.

We may also disclose your information if required by law, such as to comply with a subpoena, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.

5. Data Security

We implement industry-standard technical and organizational security measures designed to protect your personal information from unauthorized access, use, or disclosure. These include end-to-end encryption (TLS), encryption-at-rest for all stored data, and strict access controls.

However, please be aware that no security measures are perfect or impenetrable. While we strive to protect your personal information, we cannot guarantee its absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the Service.

  • Active Account: We retain your Transaction Data until you choose to delete it or your account.
  • Account Deletion: Upon account deletion, we will permanently delete your Transaction Data from our production systems within 30 days. Your receipt images will remain in your Google Drive under your control.
  • Legal Requirements: We may retain certain information (e.g., billing records) for longer periods as required by law or for legitimate business purposes like resolving disputes.

7. Your Privacy Rights

Depending on your location, you have certain rights regarding your personal information.

  • Right to Access: You have the right to request a copy of the personal information we hold about you.
  • Right to Rectification: You can correct inaccurate personal information through your account settings or by contacting us.
  • Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your personal information. You can do this by deleting your account from the settings menu.
  • Right to Data Portability: You have the right to receive your Transaction Data in a structured, commonly used, and machine-readable format (e.g., CSV).
  • Right to Object: You have the right to object to our processing of your personal information based on our legitimate interests.
  • Right to Restrict Processing: You have the right to request that we restrict the processing of your data under certain conditions.

Exercising Your Rights:

To exercise any of these rights, please use the tools provided in your account settings or contact us at snapkeep@rivra.dev. We will respond to your request in accordance with applicable data protection laws. We may need to verify your identity before processing your request.

7.1 Your California Privacy Rights (CCPA)

If you are a California resident, you have the right to know what personal information we collect, use, and disclose. We do not "sell" your personal information as defined by the CCPA. You have the right to non-discrimination for exercising your rights.

7.2 Your European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have the rights listed above. Our legal basis for processing your data is detailed in Section 3. You also have the right to lodge a complaint with a supervisory authority.

8. International Data Transfers

Our Service is operated in the United States. If you are located outside of the United States, please be aware that your information will be transferred to, stored, and processed in the United States. We ensure such transfers are lawful by relying on legally-provided mechanisms, such as the Standard Contractual Clauses for transfers of data out of the EEA.

9. Children's Privacy

The Service is not intended for or directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected such information, we will take steps to delete it as soon as possible.

10. Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes, we will notify you by email or through a notice within the Service at least 30 days prior to the change becoming effective. Your continued use of the Service after the effective date constitutes your acceptance of the revised policy.

11. Contact Us and Data Protection

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact our privacy team.

SnapKeep Privacy Team

Email: snapkeep@rivra.dev

For inquiries related to your rights under GDPR or CCPA, please use the email address above with the appropriate subject line (e.g., "GDPR Request").

Last Updated: November 14, 2025