Working draft.This policy is prepared in good faith and aligned with the EU GDPR and India’s DPDP Act 2023. Final wording will be reviewed by counsel before App Store and Play Store submission.
1. Who we are
Starlog (“the app”) is a product of Starlance LLP, an entity based in India (“we”, “us”). Starlance LLP is the data controller for the personal data described in this policy.
For any privacy question, or to exercise the rights in Section 7, contact us at support [at] starlancegroup [dot] com. The same address reaches our Grievance Officer; we aim to acknowledge grievances within 7 days.
2. The data we collect
- Account / identity — your name and email address, provided by your sign-in provider (Google or Apple) when you create an account.
- Receipts — the receipt images and PDFs you capture, and the data extracted from them: store name, amount, date, currency, and recognized text.
- Business & collaboration data— companies you create, members you invite, and invitations you send or receive (which may include an invitee’s email address).
- Billing — your subscription and pack-purchase status and transaction history.
- Usage & diagnostics — product-interaction events, crash telemetry, and screen session recordings (see Section 4).
- Device & locale — operating-system version, app version, country code, and the approximate region derived from your IP address.
On-device processing. Text recognition (OCR) on your receipts runs entirely on your device. Receipt images are not sent to any third party for text extraction.
3. Why we use it, and our legal basis
| Purpose | Legal basis (GDPR Art. 6) |
|---|---|
| Providing the receipt-management service you signed up for (auth, storing and organizing receipts, collaboration, exports) | Performance of a contract |
| Processing subscriptions and purchases; retaining transaction records | Legal obligation (tax/accounting) and our legitimate interest in preventing payment fraud and abuse |
| Crash telemetry and diagnostics to keep the app stable | Our legitimate interest in a reliable product |
| Product analytics and session recordings to improve the app | Our legitimate interest in improving the product; you may object at any time (Section 7) |
| Optional features — Google Drive sync, push notifications, marketing communications | Your consent |
4. Session recordings
To understand and fix usability problems, we record a sample of app sessions (about 15% of sessions). These recordings are privacy-masked by default — text and images are obscured — and recording automatically stops on screens that show your financial data (such as the receipt list and report detail). You can object to this processing at any time (Section 7).
5. How long we keep it
- Active account data is retained for as long as your account is active.
- Pending (unapproved) receipts expire and are deleted 7 days after submission.
- On account deletion, your personal data is removed from our active systems within 30 days, except:
- Billing and transaction records are retained for 8 years to comply with our tax and accounting obligations and to defend against payment disputes and fraud (GDPR Art. 17(3)). These records are keyed to an internal identifier and do not include your receipt contents.
- Crash diagnostics may persist in aggregate form for up to 90 days.
- Receipts and reports you export to your own Google Drive remain in your Drive after deletion; we cannot remove them, and you control them directly.
6. Who processes your data, and where
We use the following processors, each under a data processing agreement. Because we and some processors are outside the EU, transfers of EU residents’ data rely on the European Commission’s Standard Contractual Clauses as the safeguard.
| Processor | Role | Location of data |
|---|---|---|
| Google / Firebase (Google LLC) | Authentication, primary database (Firestore), receipt-image storage, serverless functions, crash reporting, analytics | Database in India (asia-south1); receipt-image storage and serverless functions in the United States; crash reporting and analytics on Google infrastructure in the United States |
| RevenueCat | Subscription and purchase processing | United States |
| PostHog | Product analytics and session recordings | European Union (eu.posthog.com) |
| Google Drive | Storing the receipts and reports you choose to export | Your own Google account (you control the location and access) |
7. Your rights
Depending on where you live (including under the EU GDPR and India’s DPDP Act), you have the right to:
- Access the personal data we hold about you;
- Rectify inaccurate or incomplete data;
- Eraseyour data (“right to be forgotten”) — subject to the retention exceptions in Section 5;
- Restrict or object to our processing, including analytics and session recordings;
- Data portability — receive your data in a structured, machine-readable format;
- Withdraw consent at any time for processing based on consent (without affecting prior processing);
- Nominate a representative to exercise these rights on your behalf;
- Lodge a complaint with your local data-protection supervisory authority.
How to exercise them. You can delete your account and its associated data from inside the app (Settings → Delete account), or via our delete-account page. For access, portability, or any other request, email support [at] starlancegroup [dot] com and we will respond within the timeframe required by applicable law.
8. Security
Data is encrypted in transit and at rest by our infrastructure providers. Access is restricted by per-user and per-company security rules, and the app uses Firebase App Check to limit access to legitimate app instances.
9. Children
Starlog is not directed to children under 16, and we do not knowingly collect their personal data.
10. Changes to this policy
We may update this policy from time to time. Material changes will be reflected by the “Last updated” date above.