Privacy Policy for Scrit API Receipts

This Privacy Policy describes how Scrit API Receipts ("we," "our," or "us") collects, uses, and protects information when you install and use our application ("Service") with Square or Clover point-of-sale (POS) systems.

1. Information We Collect

When you connect your Square or Clover account to Scrit API Receipts, we collect the following types of information:

• Authentication Data: We securely collect and store OAuth authorization tokens (Access Tokens and Refresh Tokens) provided by Square and Clover.
• Merchant Information: We collect basic business details (such as Business Name, Location ID, Location Address) to accurately map transactions.
• Transaction and Receipt Data: When a receipt lookup request is initiated, we access payment and order details (amounts, last 4 digits of the payment card, line items) from your POS to match with bank transactions.

2. How We Use Your Information

We use the collected information strictly for the functional purposes of our Service:

• To Provide the Service: Matching bank transactions to detailed itemized receipts from your POS system.
• Authentication: Maintaining a secure connection with your POS API.
• Troubleshooting: Identifying and resolving technical issues or ambiguous transaction matches.

We do not sell, rent, or trade your personal or business data to third parties.

3. Data Security

We take the security of your data seriously:

• Encryption: All OAuth tokens are encrypted at rest using AES-256-GCM encryption.
• Transmission: All data transmitted between your POS systems, our servers, and our client applications is encrypted in transit using industry-standard TLS (HTTPS).
• Access Control: Our database enforces strict Row Level Security (RLS) policies to prevent unauthorized access.

4. Data Retention and Deletion

We retain merchant mapping and OAuth tokens for as long as your account remains connected to our Service. Order and payment item details accessed during receipt lookups are processed in real-time and are not indefinitely stored in our database.

If you disconnect our app from your Square or Clover dashboard, we will revoke our access tokens and delete your associated merchant records from our systems upon request.

5. Third-Party Services

Our Service integrates with third-party platforms, specifically Square and Clover. Your use of these platforms is governed by their respective Privacy Policies:

• Square Privacy Policy
• Clover Privacy Policy

6. Updates to this Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or regulatory requirements. We will notify you of any material changes by updating the "Last Updated" date at the top of this document.

7. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

• Email: info@scritreceipt.com
• Website: scritreceipt.com