Privacy Policy
Last updated: June 2026
SyncXP is designed with privacy as a core principle. This policy explains what data we collect, how we use it, and the rights you have over it. By using SyncXP (desktop, mobile, or web), you agree to the practices described here.
1. Introduction
SyncXP provides expense tracking software for macOS and a companion mobile app ("SyncXP Snap") for capturing receipts. This policy covers all SyncXP products and services operated from syncxp.co.uk.
2. Data We Collect
- Receipt Photos: Images you capture in the mobile app are uploaded directly to your chosen cloud storage (Dropbox or Google Drive). SyncXP servers do not store these images.
- Licence Information: Your email address and machine identifier are stored to activate and verify your licence.
- Cloud Authentication Tokens: OAuth tokens from Dropbox or Google Drive are stored securely on your device only.
- AI Scan Usage: When you scan a receipt using the desktop app, the image is sent to Anthropic for processing. We log scan counts to manage your token balance, but the receipt content is not retained on our servers.
- Payment Data: Purchases are processed by Stripe. We do not store credit card details.
3. Where Your Data Lives
- On your device: All expense records, receipts, and reports are stored locally on your Mac. SyncXP does not sync this data to a central server.
- On your cloud storage: Receipts captured by SyncXP Snap go directly to your Dropbox or Google Drive account, which you control.
- On our servers: Only licence keys, scan token balances, and invoices are stored. No expense data, no receipt images.
4. Camera & Photo Permissions
SyncXP Snap requires camera access to capture receipt photographs — this is the core functionality of the app. The camera is only active when you tap the capture button. Captured images are uploaded to your cloud account and removed from temporary storage. We never access your existing photo library without your explicit selection.
5. Third-Party Services
- Anthropic (Claude AI): Receipt images are processed by Claude for data extraction. See Anthropic Privacy Policy.
- Stripe: Handles all payment processing. See Stripe Privacy Policy.
- Dropbox: Optional cloud sync for the mobile app. See Dropbox Privacy Policy.
- Google Drive: Optional cloud sync for the mobile app. See Google Privacy Policy.
6. Data Retention
- Licence and invoice records: Retained for as long as your licence is active, and for 7 years after for tax/legal compliance.
- Scan logs: Aggregate scan counts retained indefinitely; individual scan content is not retained.
- Cloud tokens and device data: Removed when you uninstall the app or revoke cloud access.
7. Your Rights (GDPR / CCPA)
- Access: Request a copy of all data we hold about you.
- Deletion: Request deletion of your account and associated data. (Note: invoices required for tax compliance cannot be deleted.)
- Portability: All your expense data is already on your device — you have it.
- Revoke access: Disconnect cloud storage at any time via Dropbox/Google account settings.
For data requests, email support@syncxp.co.uk.
8. Security
All communication uses HTTPS encryption. Server access is restricted to hardware-secured SSH keys. OAuth tokens are stored in encrypted device storage (Keychain on macOS, secure storage on mobile). However, no system is 100% secure — we encourage users to keep devices updated and review cloud storage permissions regularly.
9. Children Under 13
SyncXP is a professional product not intended for users under 13. We do not knowingly collect data from children. If you believe a child has provided us with personal data, contact support@syncxp.co.uk for immediate removal.
10. Changes to This Policy
We may update this policy. The "Last updated" date at the top reflects the most recent revision. Continued use after changes constitutes acceptance.
11. Contact
Questions about this policy? Email support@syncxp.co.uk.
© SyncXP 2026. All rights reserved.