Privacy Policy

Boxumer is designed to provide a personal and trustworthy memory of shopping experiences. We process only the data needed to detect real transactions, display your history, and let you rate brands you actually use.

By using Boxumer, you agree to the practices described in this policy. If you do not agree, you should stop using the service and disconnect any active email integrations.

We may collect account metadata such as your email address, language preference, approximate time zone, and technical identifiers associated with the app.

When you connect your inbox, we analyze the signals needed to detect verified purchases, including sender, subject line, timestamps, merchant information, totals, currencies, and structured transaction details found in emails. We do not aim to store the full content of your emails unless doing so is necessary.

We also collect your brand ratings, in-app actions, certain device information, error logs, and performance data to keep the service reliable and secure.

We use your data to detect real purchases, match those purchases to brands, display your personal history, and let you add positive or negative ratings based on verified experiences.

We also use data to improve detection accuracy, prevent abuse, maintain the app, provide support, measure product usage, and develop aggregated insights that do not identify you personally.

Email access is limited to read-only use for identifying purchases and relevant transaction signals. Boxumer does not sell your email access and does not publish your personal purchase data.

We aim to limit server-side retention to the structured transaction data required to operate the service. Full email content is not retained beyond what is reasonably necessary for extraction, security, fraud prevention, or applicable legal obligations.

You can disconnect your email account at any time from within the app. Disconnection stops future syncing, subject to reasonable technical delays for work already in progress.

Data is hosted by our cloud infrastructure and service providers, including Supabase for database and certain storage functions. Data is encrypted in transit and protected at rest using security measures appropriate to the risk.

We use access controls, audit logging, environment separation, reasonable backups, and internal procedures to reduce the risk of unauthorized access, alteration, or loss. No method of transmission or storage is completely secure, but we aim to follow industry-standard safeguards.

We use third-party providers to operate the service, including Supabase for data infrastructure, Apple for iOS distribution and applicable payments, and Google for Android services or email access when you choose to use their products.

Those providers process data under their own terms and policies. We select reputable providers and limit data sharing to what is necessary for them to perform their services.

Depending on where you live, you may have the right to access your personal data, request correction, deletion, restriction, or a portable copy. We also aim to honor applicable GDPR and CCPA requirements where they apply.

You may request account deletion, a data export, or disconnection of integrations by contacting contact@boxumer.com. We may ask for reasonable information to verify your identity before fulfilling certain requests.

We keep personal data for as long as needed to provide the service, comply with legal obligations, resolve disputes, and enforce our agreements. Structured transaction data and your ratings may remain while your account is active or until a valid deletion request is completed.

Some residual data may remain temporarily in secure backups or system logs before deletion through normal retention cycles.

Boxumer is not intended for children under 13. We do not knowingly collect personal data from children under 13. If we learn that such an account was created, we will take reasonable steps to close it and remove the related data.

We may update this policy to reflect changes to the service, the law, or our practices. When changes are material, we will post an updated version in the app or on the site and may provide additional notice where required by law.

For questions about this policy, your data, or your rights, contact us at contact@boxumer.com.