Privacy Policy

Last updated 2026-06-02

{# Long-form legal copy. The font hierarchy + colour tokens are applied through descendant selectors on .gb-legal-prose so the markdown renderer can stay agnostic of the design system — edits to either the markdown or the design tokens stay independent. #}

Goodbay.ai Privacy Policy

Effective Date: March 16, 2026 Last Updated: June 2, 2026

Goodbay.ai ("Goodbay," "we," "us," or "our") is a personal asset management platform. This Privacy Policy describes how we collect, use, store, and protect your information when you use our website, application, and services (collectively, the "Service").

We believe in transparency. This policy is written in plain language and provides specific detail about every category of data we handle, how we handle it, and your rights.

1. What Data We Collect

1.1 Account Information

When you create an account, we collect:

Email address — Used for authentication, notifications, and account recovery.
Display name — Used within the Service to identify you.
Password hash — We never store your password in plain text. We store only a one-way cryptographic hash.
Account preferences — Your settings and configuration choices.

1.2 Inventory Data

When you use the Service, you may create or import:

Item records — Names, descriptions, categories, conditions, quantities, locations, and notes for items you track.
Financial data — Purchase prices, purchase dates, estimated current values, and sale prices/dates for items you sell.
Photos — Images of items you upload or capture through the Service.
Barcodes and identifiers — UPC codes, serial numbers, and other identifiers captured via barcode scanning or manual entry.

1.3 Email Scanning Data (Gmail and Microsoft Outlook)

This section describes our email data handling in detail, as required for Google CASA compliance and Microsoft publisher verification.

When you connect your Gmail or Microsoft Outlook account to Goodbay.ai, the following occurs:

What We Access

We request read-only OAuth access to your email account. For Gmail, we request the `gmail.readonly` scope only. For Microsoft Outlook, we request `Mail.Read` and `User.Read` scopes only.
We never send, modify, delete, move, or forward any email on your behalf. Our OAuth scopes are limited to read-only access.
We scan your inbox for receipt and order confirmation emails only. We identify these emails using a combination of subject line keyword matching and sender domain filtering (e.g., emails from known retailers, shipping providers, and payment processors).
We do not read, process, or access emails that do not match our receipt/order detection criteria.

What We Extract and Store

From qualifying receipt/order emails, we extract and store the following structured data only:

Data Extracted	Example	Stored?
Vendor / retailer name	"Amazon.com"	Yes
Item name(s)	"Sony WH-1000XM5 Headphones"	Yes
Item price(s)	"$348.00"	Yes
Order total	"$371.28"	Yes
Order date	"2026-01-15"	Yes
Order / confirmation number	"#112-3456789-0123456"	Yes
Shipping tracking number	Not extracted	No
Email body HTML (sanitized)	Email receipt body	Yes, for review and parser improvement
Raw email body text	Not extracted	No
Email attachments	Not extracted	No
Sender email address	Not extracted	No
Email metadata (headers, CC, BCC)	Not extracted	No

What We Do NOT Store

Unmodified raw email content (complete MIME messages, headers, tracking elements, attachments) is never written to our database. Raw content is processed in volatile memory and discarded once parsing is complete.
Email attachments (PDFs, images, etc.) are never accessed, downloaded, or stored.
Non-receipt emails are never read or processed. Our scanning logic skips emails that do not match receipt/order patterns before any content is accessed.
Email metadata beyond the structured receipt fields listed above (full headers, CC/BCC, etc.) is not stored.

What We Do Store — Sanitized Email HTML

For qualifying receipt emails, sanitized email body HTML is retained in our database for two purposes:

1. Receipt review interface — so you can view which emails were scanned and verify the extracted data. 2. Parser quality improvement — sanitized HTML is used as training input to improve our receipt extraction accuracy.

"Sanitized" means scripts, tracking pixels, and external resource references are stripped before storage. The semantic receipt content (vendor layout, line items, totals) is preserved.

This stored email HTML is associated with your account and is permanently deleted when you disconnect your email account (see Section 6.2) or delete your account.

Message ID Retention

We retain processed message IDs (opaque identifiers assigned by your email provider) to prevent re-scanning emails we have already processed.
Message IDs are associated with your connected email account and contain no email content.
Message IDs are permanently deleted when you disconnect your email account (see Section 6.2).

Gmail-Specific Disclosure (Google API Services)

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

We access Gmail data only to provide the email receipt scanning feature that you explicitly enabled.
We do not use Gmail data for advertising, market research, or any purpose unrelated to the core receipt scanning functionality.
We do not allow humans to read your email data unless (a) we have your explicit consent, (b) it is necessary for security purposes (such as investigating abuse), (c) it is necessary to comply with applicable law, or (d) the data has been aggregated and anonymized such that it can no longer be associated with you.
We do not transfer Gmail data to third parties except as necessary to provide the Service, as required by law, or in connection with a merger or acquisition (with user notification).

1.4 eBay Import Data

When you connect your eBay account via OAuth:

We access your purchase history in read-only mode.
We extract item names, prices, dates, and order identifiers.
We store OAuth tokens securely (see Section 7) for ongoing access until you disconnect.

1.5 Amazon Import Data

Amazon data is imported via CSV files that you manually upload.
We do not have direct access to your Amazon account.
We parse the CSV file in memory and store only the structured item and transaction data extracted from it.

1.6 Spreadsheet and Manual Import Data

Data imported via spreadsheet upload or manual entry is stored as provided by you.
Uploaded spreadsheet files may be stored temporarily for processing but are deleted after import is complete.

1.7 Photo and AI Recognition Data

Photos you upload or capture are stored to enable item identification and inventory management.
When you use photo-based AI recognition, your photos may be sent to third-party AI services for processing. We do not retain copies of photos beyond what is stored in your inventory.

1.8 Usage and Analytics Data

We collect limited usage data to maintain and improve the Service:

Log data — IP addresses, browser type, operating system, referring URLs, pages visited, and timestamps. This data is retained for operational and security purposes.
Feature usage — Which features you use and how often (e.g., number of items scanned, imports completed). This is collected in aggregate and is used to prioritize development.
Error reports — Crash logs and error details to help us diagnose and fix issues.

We do not use third-party behavioral advertising trackers. We do not sell usage data.

2. How We Use Your Data

We use the data we collect for the following purposes:

2.1 Providing the Service

Managing your inventory and tracking your items.
Generating valuations based on market data and comparable sales.
Scanning email receipts and importing purchase history from connected accounts.
Displaying your data to you through the Service.

2.2 Aggregate Intelligence and Pricing Data

Anonymized transaction data (item types, purchase prices, sale prices, dates) is used to build aggregate pricing models that benefit all users.
This aggregate data cannot be linked to any individual user. See Section 5 for details.

2.3 Bridge Network Features

If you are subscribed to the Bridge network:

Your inventory data may be surfaced in the Passive Marketplace to match with potential buyers (with your consent and per your visibility settings).
Aggregate intelligence drawn from anonymized cross-user data is used to improve valuation accuracy and market insights.

2.4 Service Improvement

Analyzing usage patterns (in aggregate) to improve features and user experience.
Diagnosing technical issues and ensuring platform stability.

2.5 Communications

Sending transactional emails (account verification, password reset, import notifications).
Sending product updates and announcements (you may opt out at any time).

3. What We Store vs. What We Process in Memory

This distinction is critical, particularly for email scanning:

Data Type	Stored in Database	Processed in Memory Only
Account information (email, name)	Yes	--
Inventory items and valuations	Yes	--
Structured receipt data (vendor, items, prices, dates)	Yes	--
Processed email message IDs	Yes (until disconnect)	--
Unmodified raw email content	No	Yes, then discarded
Sanitized email body HTML (receipt emails)	Yes (review + parser improvement; deleted on disconnect)	--
Email attachments	No	No (never accessed)
Non-receipt email content	No	No (never accessed)
OAuth tokens (Google, Microsoft, eBay)	Yes (encrypted)	--
Uploaded photos	Yes	--
Uploaded CSV/spreadsheet files	Temporary (deleted after import)	Yes

4. Third-Party Services

We use the following third-party services to provide the Service. We share only the minimum data necessary for each integration.

4.1 Google (Gmail Integration)

Purpose: Read-only access to Gmail for receipt scanning.
Data shared: OAuth authentication only. We do not send your data to Google.
Data received: Email content (read-only; see Section 1.3 for full details on what is extracted and stored).
Google's privacy policy: https://policies.google.com/privacy

4.2 Microsoft (Outlook Integration)

Purpose: Read-only access to Outlook for receipt scanning.
Data shared: OAuth authentication only. We do not send your data to Microsoft.
Data received: Email content (read-only; see Section 1.3 for full details on what is extracted and stored).
Microsoft's privacy policy: https://privacy.microsoft.com/en-us/privacystatement

4.3 eBay

Purpose: Read-only access to purchase history for item import.
Data shared: OAuth authentication only.
Data received: Purchase history data (item names, prices, dates).
eBay's privacy policy: https://www.ebay.com/help/policies/member-behaviour-policies/user-privacy-notice-privacy-policy

4.4 Payment Processors

Purpose: Processing subscription payments for the Bridge network and hosted tier.
Data shared: Billing information (name, payment method, billing address). We do not store full credit card numbers.
Processor: Stripe, Inc.
Stripe's privacy policy: https://stripe.com/privacy

4.5 AI / Receipt Parsing Services

Purpose: Parsing receipt data from emails and identifying items from photos.
Data shared: Sanitized receipt email HTML (scripts and tracking elements removed) and photos you submit for recognition. After Anthropic parses the email, a sanitized version of the email HTML is retained in our database for receipt review and parser improvement (see Section 1.3 for full storage and deletion details).
Provider: Anthropic, PBC
Anthropic's privacy policy: https://www.anthropic.com/privacy

4.6 Hosting and Infrastructure

Purpose: Hosting the Service and storing data.
Provider: Amazon Web Services, Inc. (AWS)
AWS's privacy policy: https://aws.amazon.com/privacy/
Data stored: All data described in this policy is stored on AWS infrastructure in the United States.

4.7 Together AI (Model Fine-Tuning)

Purpose: Fine-tuning AI models for receipt parsing quality improvement. Sanitized email HTML from qualifying receipt emails may be used as training data.
Data shared: Sanitized email body HTML (scripts and tracking elements removed). No raw email content, no account credentials, and no directly identifying information beyond what appears in a receipt is shared.
Provider: Together Computer, Inc.
Together AI's privacy policy: https://www.together.ai/privacy

5. Data Retention and Deletion

5.1 Active Accounts

While your account is active, we retain all data associated with your account as described in this policy.

5.2 Account Deletion — Anonymization Policy

Please read this section carefully. It describes what happens to your data when you delete your account.

When you delete your Goodbay.ai account:

Permanently Deleted (cannot be recovered):

Your name and email address
Your password hash
OAuth tokens and connected account credentials
Processed email message IDs
Connected account metadata (which email accounts, which eBay accounts, etc.)
Account preferences and settings
Any other personally identifiable information (PII)

Retained in Anonymized Form (cannot be linked back to you):

Transaction and item data: item types/categories, purchase prices, sale prices, dates
This data is stripped of all identifying information and cannot be associated with any individual

We retain anonymized data to power aggregate valuations and pricing intelligence for all Goodbay.ai users. For example, knowing that a specific product category sold within a certain price range during a certain time period helps us provide accurate market valuations for all users.

This anonymization is irreversible — once your PII is deleted, the retained transaction data has no connection to your identity.

GDPR Compliance: Under the EU General Data Protection Regulation, Recital 26 establishes that the principles of data protection do not apply to anonymous information, namely information which does not relate to an identified or identifiable natural person, or to personal data rendered anonymous in such a manner that the data subject is not or no longer identifiable. Our anonymization process satisfies this standard.

By creating an account, you acknowledge and agree to this data retention policy. This notice is provided before account creation so you can make an informed decision.

5.3 Disconnecting an Import Source

When you disconnect an import source (email, eBay, or any other connected account):

The OAuth connection is revoked and all tokens are deleted.
All source-specific metadata (processed message IDs, connection details) is permanently purged.
Inventory items already created from that source remain in your inventory. You own your inventory data, and disconnecting a source does not delete items that were already imported. You may manually delete any individual items you wish.

5.4 Data Retention Periods

Data Type	Retention Period
Account information	Until account deletion
Inventory data	Until account deletion (then anonymized per Section 5.2)
OAuth tokens	Until source disconnect or account deletion
Processed message IDs	Until email source disconnect or account deletion
Usage/analytics logs	90 days (rolling)
Error/crash reports	90 days (rolling)
Anonymized transaction data	Indefinite

6. Your Rights

6.1 Access and Export

You may view all data associated with your account through the Service at any time.
You may export your complete inventory data at any time using the Service's export feature.
You may request a copy of all personal data we hold about you by contacting [email protected]. We will respond within 30 days.

6.2 Disconnect Import Sources

You may disconnect any connected account (Gmail, Outlook, eBay) at any time through the Service's settings.
Disconnecting immediately revokes the OAuth token and purges all scanning metadata for that source.
One-click disconnect is available in the Service's integration settings.

6.3 Delete Your Account

You may delete your account at any time through the Service's account settings.
Account deletion is processed as described in Section 5.2.

6.4 Correction

You may correct or update your personal information at any time through the Service.

6.5 Objection and Restriction

If you are in the EU/EEA, you have the right to object to or request restriction of certain processing activities. Contact [email protected] to exercise these rights.

6.6 Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format. Our export feature provides data in standard formats (CSV, JSON).

6.7 Complaints

If you are in the EU/EEA and believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection supervisory authority.

7. Security Measures

We take the security of your data seriously. Our measures include:

Encryption in Transit — All data transmitted between your device and our servers is encrypted using TLS/HTTPS. We do not support unencrypted HTTP connections.
Encryption at Rest — Sensitive data, including OAuth tokens and password hashes, is encrypted at rest using industry-standard encryption.
OAuth Token Security — All OAuth tokens (Google, Microsoft, eBay) are stored in encrypted form. Tokens are scoped to the minimum permissions required (read-only for email and purchase history). Tokens are immediately deleted when you disconnect a source or delete your account.
Email Content Security — Unmodified raw email content is never stored at rest. Sanitized email body HTML for qualifying receipt emails is stored encrypted at rest, with scripts and tracking elements stripped, and is deleted upon email disconnect or account deletion (see Section 1.3).
Access Controls — Access to production systems and user data is restricted to authorized personnel and requires multi-factor authentication.
Password Security — Passwords are hashed using industry-standard one-way hashing algorithms. We never store passwords in plain text.
Regular Security Reviews — We conduct periodic security assessments of our systems and practices.

7.1 Breach Notification

In the event of a data breach that affects your personal information, we will notify you via email within 72 hours of becoming aware of the breach, as required by GDPR and applicable US state laws.

8. Cookies and Analytics

8.1 Essential Cookies

We use essential cookies to maintain your session and keep you logged in. These cookies are strictly necessary for the Service to function and cannot be disabled.

8.2 Analytics

We may use privacy-respecting analytics tools to understand how the Service is used in aggregate. We do not use third-party advertising cookies or behavioral tracking pixels.

If we use analytics cookies that are not strictly necessary, we will ask for your consent before setting them.

8.3 Do Not Track

We respect "Do Not Track" (DNT) browser signals. When we detect a DNT signal, we disable any non-essential analytics tracking for that session.

9. Children's Privacy

The Service is not directed at children under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will delete that information promptly. If you believe a child has provided us with personal information, please contact us at [email protected].

10. International Data Transfers

Goodbay.ai is based in the United States. If you access the Service from outside the United States, your data will be transferred to and processed in the United States.

For users in the EU/EEA, we rely on Standard Contractual Clauses (SCCs) or other approved transfer mechanisms to ensure your data is protected in accordance with GDPR requirements when transferred outside the EEA.

11. Self-Hosted Instances

If you use a self-hosted instance of Goodbay.ai:

Without Bridge: Your data stays entirely on your own infrastructure. This Privacy Policy does not apply to data stored on self-hosted instances that do not connect to our services. You are responsible for your own data handling practices.
With Bridge subscription: Only the data necessary for Bridge features (Passive Marketplace listings, anonymized aggregate data) is transmitted to Goodbay.ai infrastructure. This Privacy Policy applies to that data.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will:

Post the updated policy on the Service with a new "Last Updated" date.
Notify you by email at least 30 days before the changes take effect.
For changes related to email scanning data handling or anonymized data retention, we will request your explicit acknowledgment.

Your continued use of the Service after the effective date of any update constitutes acceptance of the revised policy.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, contact us at:

Goodbay.ai Email: [email protected] Address: California, United States

For GDPR-related inquiries, please include "GDPR Request" in the subject line.

For Google CASA or Microsoft verification inquiries, please include "Compliance Inquiry" in the subject line.

*This Privacy Policy was last updated on June 2, 2026.*