R2Sheet

Privacy Policy

Effective date: 2026-03-28

R2Sheet ("we", "us") is a tool that helps users scan receipts, extract data, and organize records in Google Sheets. This Privacy Policy explains how we collect, use, and protect your information.

1. Information We Collect

Account Information

When you sign up, we collect your email address and basic profile information (name) through Google OAuth.

Uploaded Content

Receipt images you upload are sent to an AI service (Google Gemini) for data extraction, then stored in your own Google Drive. We do not permanently store your receipt images on our servers, except for temporary processing, security, or troubleshooting purposes where applicable.

Application Data

We store in our database: workspace configuration, upload history metadata (extracted results such as date, amount, category), and user preferences.

Google Data

When you connect your Google account, we request the following permissions:

  • Google Drive: create and manage R2Sheet folders and receipt files in your Drive
  • Google Sheets: create and update receipt record spreadsheets

We only access folders and files created by R2Sheet. We do not read, scan, or access any other files in your Drive.

Files and spreadsheets created through R2Sheet remain under your control. After processing is completed, R2Sheet does not continue to access or modify those files unless necessary to complete a user-requested action, provide support, maintain security, or comply with legal obligations.

2. How We Use Your Data

  • Provide core features: receipt upload, AI extraction, Google Sheets recording
  • Manage your workspaces and collaborators
  • Handle support requests and billing operations
  • Maintain service reliability, security, and prevent abuse and fraud

We do not sell or rent your personal data to any third party.

3. Third-Party Services

We use the following third-party services to deliver our features:

  • Google OAuthuser authentication and account management
  • Google APIsDrive file storage and Sheets data recording
  • Google GeminiAI data extraction from receipt images
  • Supabaseapplication data storage
  • Stripepayment processing and billing administration
  • Google Cloud Runwebsite hosting and deployment

Each third-party service is governed by its own privacy policy. We only pass the minimum data necessary to provide our features.

4. Google API Services User Data Policy

R2Sheet’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

  • We only use Google user data to provide and improve user-facing features
  • We do not use Google user data to serve ads
  • We do not sell Google user data to third parties
  • We do not use Google user data for creditworthiness, lending, or purposes unrelated to core functionality
  • We do not disclose Google user data to others unless with explicit user consent or as required by law

5. Data Storage & Security

  • Your receipt files and spreadsheets are stored in your own Google Drive, not on our servers
  • Application metadata is stored in an encrypted Supabase database
  • Google OAuth tokens are stored encrypted and used only for authorized API operations
  • All communications are encrypted via HTTPS/TLS

6. Data Retention

We retain data while your account is active. When you delete your account or request data deletion, we remove your data from our database within 30 days, unless retention is required for legal, security, or fraud-prevention purposes. Files stored in your personal Google Drive are not affected and remain under your control.

7. Your Rights

  • Disconnect your Google account at any time
  • Revoke R2Sheet’s access in your Google Account settings at any time
  • Move, edit, rename, or delete files in your Google Drive — including those created by R2Sheet
  • Request export or deletion of your data
  • Delete your account

To exercise any of these rights, contact us at: [email protected]

8. Children’s Privacy

R2Sheet is not directed to children under 13. We do not knowingly collect personal information from children under 13.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice on our website. Continued use constitutes acceptance of the updated terms.

10. Contact Us

For privacy-related questions, contact us at:

[email protected]