← Back to home

Privacy Policy

Last updated: March 29, 2026  ·  Effective: March 29, 2026

Your privacy matters to us. This Privacy Policy explains what information AmazaSpend collects, how we use it, who we share it with, and what rights you have over it.

AmazaSpend is not affiliated with Amazon. We are an independent tool that helps you understand your own Amazon spending data. We do not connect to your Amazon account, and we never ask for your Amazon credentials.

1. What information we collect

Information you provide directly

  • Account information: Your email address and password when you create an account.
  • Order data: Amazon order history you upload (via CSV, PDF, or receipt image) or that is captured by the browser extension as you browse your Amazon account pages. This includes order numbers, dates, item titles, ASINs, quantities, prices, taxes, discounts, and return information.
  • Payment information: If you subscribe to a paid plan, your payment is processed by our payment processor. We do not store your credit card number, billing address, or other payment details on our servers.
  • Support communications: If you contact us by email, we keep a record of that correspondence.

Information collected automatically

  • Usage data: Pages visited within the app, features used, and general interaction patterns. This helps us understand what's working and what isn't.
  • Technical data: Browser type, operating system, and approximate location (country/region) derived from your IP address. We do not store your full IP address.
  • Error logs: Crash reports and error events, which may include technical context about the action that triggered them. These do not contain your order data.

Information collected by the browser extension

The AmazaSpend browser extension reads Amazon order and return detail pages you navigate to while logged in to your Amazon account. It captures:

  • Order numbers, dates, and marketplaces
  • Item titles, ASINs, quantities, and prices
  • Taxes, discounts, and shipping costs
  • Return and refund information where present

The extension does not capture:

  • Your Amazon username, password, or any login credentials
  • Shipping addresses
  • Payment method details (card numbers, bank accounts, etc.)
  • Pages outside of Amazon order and return detail pages
  • Any activity when you are not on a qualifying Amazon page

All data captured by the extension is sent directly to your AmazaSpend account over an encrypted HTTPS connection. Nothing is stored locally on your device by the extension beyond your AmazaSpend API key or session token (used solely to authenticate requests to our servers).

2. How we use your information

We use your information to:

  • Provide the Service: Store, process, and display your order data as analytics, charts, and insights
  • AI processing: Send your order data to Google Gemini's API to categorize purchases, generate Discipline Scores, and produce spending insights. See Section 4 for details.
  • Improve the Service: Understand how features are used and identify areas to improve (using aggregated, non-identifiable data)
  • Send service communications: Account confirmations, billing receipts, and important updates about the Service. We do not send marketing emails without your explicit opt-in.
  • Respond to support requests: If you contact us, we use your information to respond
  • Comply with legal obligations: Where required by applicable law

We do not use your data to train AI models, for advertising, or sell it — ever.

We may use aggregated, anonymized patterns from across our user base — such as which product categories are most common, what types of purchases are frequently miscategorized, or which features are used most — to inform product decisions and develop new features. This analysis is done at an aggregate level and does not involve reading or acting on any individual user's order data.

3. How we store and protect your data

Your data is stored on servers located in [hosting region — confirm once on Railway]. We use industry-standard security practices including:

  • Encryption in transit (HTTPS/TLS) for all data sent between your browser or extension and our servers
  • Encrypted storage for authentication credentials
  • Access controls that limit which team members can access user data

No method of transmission or storage is 100% secure. While we take reasonable precautions, we cannot guarantee absolute security.

We retain your data for as long as your account is active. If you delete your account, we will delete your data within 30 days, except where we are required to retain it for legal or compliance purposes.

4. Third-party services

We share data with the following third parties to operate the Service:

Google Gemini (AI processing)

When you upload an invoice or the browser extension captures an order, we may send your order data to Google's Gemini API for parsing, categorization, and insight generation. This data includes item titles, prices, and order metadata — it does not include your Amazon credentials or payment information.

Google's use of this data is governed by the Google Cloud Privacy Notice. We use the API under terms that restrict Google from using submitted data to train their models.

Payment processor

Payments for Pro subscriptions are handled by our payment processor. We share only what is necessary to complete the transaction (email address and subscription details). Your full payment details are handled entirely by the processor and never touch our servers.

Hosting and infrastructure

We use cloud hosting providers to run our servers and store data. These providers act as data processors under our instruction and are contractually bound to protect your data.

Analytics

We may use privacy-respecting analytics tools (such as Plausible or a similar cookieless solution) to understand aggregate usage patterns. These tools do not track individual users across the web and do not use cookies.

We do not use Google Analytics or any advertising-network analytics tools.

5. Cookies and local storage

AmazaSpend uses minimal cookies and local storage:

  • Session cookie: To keep you logged in while you use the app. This expires when you log out or after a period of inactivity.
  • Preference storage: To remember settings like your selected year filter. This stays in your browser's local storage.

We do not use advertising cookies, third-party tracking cookies, or fingerprinting.

The browser extension stores your AmazaSpend API key or session token in chrome.storage.local (or the Firefox equivalent). This is sandboxed to the extension and is not accessible to websites, including Amazon.

6. Your rights

You have the following rights regarding your personal data:

  • Access: You can request a copy of the personal data we hold about you
  • Export: You can download your full order history at any time via the CSV export feature in the app
  • Correction: You can update your account email or other details in your account settings
  • Deletion: You can request deletion of your account and all associated data by emailing [email protected]. We will process this within 30 days.
  • Withdrawal of consent: You can stop using the Service at any time. If you've opted in to any communications, you can opt out via the unsubscribe link in any email.

If you are in Quebec or the European Economic Area, you may have additional rights under applicable privacy law (including Law 25 in Quebec and GDPR in the EEA), including the right to data portability and the right to lodge a complaint with a supervisory authority.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

7. Children's privacy

AmazaSpend is not directed at children under 18. We do not knowingly collect personal information from anyone under 18. If you believe we have collected data from a minor, contact us at [email protected] and we will delete it promptly.

8. International data transfers

AmazaSpend is operated from Canada. If you access the Service from outside Canada, your data may be transferred to and processed in Canada or other countries where our service providers operate. By using the Service, you consent to this transfer.

We take steps to ensure that any cross-border data transfers are subject to appropriate safeguards.

9. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes — particularly any that affect how we use your data — we will notify you by email and/or by posting a notice in the app at least 14 days before the changes take effect.

The "last updated" date at the top of this page reflects the most recent revision.

10. Contact

If you have any questions, concerns, or requests related to this Privacy Policy, please contact us:

Email: [email protected]

Mailing address: [Your address]

You can also reach us through the in-app help link.

AmazaSpend is not affiliated with, endorsed by, or in any way officially connected with Amazon.com, Inc. or any of its subsidiaries. Amazon and the Amazon logo are trademarks of Amazon.com, Inc.