Privacy Policy for WindowShopper
Last Updated: 23 February 2026
Introduction
WindowShopper ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.
Information We Collect
Information You Provide
- Account Information: Name, email address, phone number, profile picture
- Authentication: Email/password or OAuth (Google, Apple) for sign-in
- Store Information: Store name, address, location coordinates, business hours, contact details, bio
- Product Information: Product names, prices, descriptions, images
- Receipt Data: Store names, purchase dates, item names, prices from scanned receipts
- Shopping Lists: Product names, quantities, preferences
- Reports: User-submitted reports for stores or products (moderation purposes)
Automatically Collected Information
- Location Data: GPS coordinates to show nearby stores and calculate distances
- Device Information: Device type, operating system, unique device identifiers
- Usage Data: App features used, screens viewed, time spent in app, search queries
- Analytics Data: Product views, store visits, search patterns (anonymized for improvement)
- Camera Access: Used only when you scan receipts or upload product images
Information from Third Parties
- OAuth Providers: If you sign in with Google or Apple, we receive your name, email, and profile picture from those services
- OpenStreetMap: Map tile data (no personal information shared with OSM)
How We Use Your Information
We use collected information to:
- Provide and maintain the app's core functionality
- Authenticate your account (email/password or OAuth)
- Show nearby stores based on your location using OpenStreetMap
- Match products across stores for price comparison
- Process and display scanned receipts using AI (Google Gemini)
- Manage your shopping lists and preferences
- Calculate optimal routes between stores using OSRM routing
- Enable store owners to manage their products and view analytics
- Handle user reports and content moderation
- Improve app performance and user experience
- Send in-app notifications about app features (no push notifications currently)
- Prevent fraud and ensure security
- Comply with legal obligations
Data Sharing and Disclosure
We Share Data With:
- Supabase: Our backend infrastructure provider (database, authentication, file storage)
- OpenStreetMap: For map tiles and location display (no personal data shared - OSM doesn't track users)
- OSRM (Open Source Routing Machine): For route calculations (no personal data shared)
- Google Gemini: For AI-powered receipt text extraction only
- OAuth Providers: Google and Apple for authentication (only if you choose to use OAuth login)
We Do NOT:
- Sell your personal information to third parties
- Share your data with advertisers (no ads currently in app)
- Share your location data with anyone except as needed for map display
- Use your data for purposes other than stated here
- Track you across other apps or websites
We May Disclose Data:
- When required by law or legal process
- To protect our rights, property, or safety
- With your explicit consent
- In connection with a business transfer or acquisition
Data Storage and Security
- Data is stored on secure servers provided by Supabase
- We use encryption for data transmission (HTTPS/TLS)
- Access to personal data is restricted to authorized personnel
- We implement industry-standard security measures
- However, no method of transmission over the internet is 100% secure
Your Rights and Choices
You have the right to:
- Access: Request a copy of your personal data
- Correction: Update or correct inaccurate information
- Deletion: Request deletion of your account and data
- Opt-Out: Disable location services or analytics tracking
- Data Portability: Export your data in a machine-readable format
To exercise these rights, contact us at techromul@gmail.com
Location Data
- Location data is used only when the app is open (foreground only)
- We use your location to:
- Show nearby stores on the map
- Calculate distances to stores
- Provide navigation directions
- You can disable location services in your device settings
- Disabling location will limit map and nearby store features
- We do not track your location in the background
- Location data is not shared with third parties except OpenStreetMap for map display
Children's Privacy
WindowShopper is not intended for children under 13. We do not knowingly collect data from children. If you believe a child has provided us with personal information, please contact us.
Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of significant changes through:
- In-app notifications
- Email notifications
- Updated "Last Updated" date at the top of this policy
Continued use of the app after changes constitutes acceptance of the updated policy.
Data Retention
- Account data: Retained until you delete your account
- Receipt data: Retained for analytics and price tracking
- Shopping lists: Retained until you delete them
- Analytics data: Anonymized and retained indefinitely
- Deleted data: Permanently removed within 30 days
International Data Transfers
Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers.
Third-Party Services
We use the following third-party services:
- Supabase: Database, authentication, and file storage (Privacy Policy)
- OpenStreetMap: Map tiles and location services (Privacy Policy)
Note: OSM is a non-profit that doesn't track users or collect personal data
- OSRM: Route calculation service (Website)
Note: OSRM is open-source and doesn't collect personal data
- Google Gemini: AI receipt text extraction (Privacy Policy)
Only receipt images are sent to Gemini for processing
- Google OAuth: Optional sign-in method (Privacy Policy)
- Apple Sign In: Optional sign-in method (Privacy Policy)
Each service has its own privacy policy governing their use of your data.
Why We Use These Services
- Supabase: Provides secure, scalable backend infrastructure
- OpenStreetMap: Free, open-source maps with no user tracking
- OSRM: Free, open-source routing with no user tracking
- Google Gemini: Industry-leading AI for accurate receipt scanning
- OAuth Providers: Convenient, secure sign-in options
Your Consent
By using WindowShopper, you consent to this Privacy Policy and agree to its terms.