Privacy Policy

To help you track your subscriptions, Spara needs to look at sources where recurring charges appear. With your explicit consent, this can include:

• Your Gmail account, via Google OAuth, with read-only permissions.
• Images of receipts you choose to upload (e.g. photos of paper receipts).
• PDF documents you choose to upload (e.g. bank statements, invoices).

You decide what to connect or upload. You can revoke access at any time.

When you connect Gmail, Spara requests only the gmail.readonly scope. We scan messages for subscription signals — vendor names, billing dates and amounts — and discard everything else.

How Spara uses the gmail.readonly scope

Purpose

Spara is a subscription tracker. We use the gmail.readonly scope to automatically detect recurring subscription payments by scanning your Gmail inbox for payment receipts, invoices, and billing confirmations. This saves you from manually entering each subscription.

User-initiated flow

1. You tap "Connect Gmail" in Settings or "Scan Gmail" on the Dashboard.
2. Google's OAuth consent screen appears requesting gmail.readonly.
3. After granting access, you tap "Scan" to start — it is never automatic or background.

Specific Gmail API endpoints used

1. List Messages — GET /gmail/v1/users/me/messages

• Searches for payment-related emails from the last 60 days only.
• Uses targeted search queries, including emails with subjects containing: invoice, receipt, payment, charged, subscription, renewal, billing, order, license, purchase, "you paid".
• Emails from known payment processors: paypal.com, stripe.com, paddle.com, fastspring.com.
• Emails from known subscription services: netflix.com, spotify.com, adobe.com, openai.com, apple.com, google.com, microsoft.com, and others.
• Emails with PDF attachments containing invoice/receipt/payment keywords.
• Limited to maxResults=200 per query.

2. Get Message — GET /gmail/v1/users/me/messages/{id}?format=full

• Fetches full message content for each matched email.
• Extracts only: subject line, sender address, plain text body, and whether attachments exist.
• Does NOT download attachments, does NOT access contacts, does NOT send/modify/delete emails.

What data is extracted

• Subject header (e.g., "Your Netflix receipt")
• From header (e.g., "billing@netflix.com")
• Plain text body content (to find payment amounts, dates, billing cycles)
• Whether the email has attachments (as a relevance signal)

How the data is processed

• Emails are pre-filtered locally using keyword matching against ~180 payment-related keywords in 15+ languages.
• Filtered emails are sent to Claude AI (Anthropic) for subscription detection — extracting: service name, amount, currency, billing cycle, payment date.
• Only subscription payment data (service name, price, billing date) is saved to your account.
• Raw email content is never stored — it is processed in-memory and discarded.

What the app does NOT do

• Does NOT read, write, or send emails on your behalf.
• Does NOT access drafts, contacts, labels, or any non-message data.
• Does NOT run in the background or scan continuously.
• Does NOT store raw email content — only extracted subscription metadata.
• Does NOT share email content with third parties (Claude AI processes anonymized snippets for extraction only).

Your controls

• You can disconnect Gmail at any time from Settings.
• Gmail access token is stored in-memory only (not persisted to disk).
• Session is restored via Google Sign-In SDK's built-in token management.
• You can delete your account and all associated data.

• We never send, modify or delete email on your behalf.
• We do not read personal correspondence.
• We do not store the contents of your emails on our servers.
• You can disconnect Gmail at any time from your Spara account or from your Google security settings.

Receipts and statements you upload are processed in ephemeral memory. Once the relevant fields (merchant, amount, date, recurrence) are extracted, the original file is permanently deleted — typically within seconds, and always before the request completes.

We do not retain copies of your receipts, statements, or any of the raw image / PDF data.

To run your account, we keep the minimum data required:

• Your account email and authentication tokens.
• The extracted subscription summaries (merchant, amount, billing cadence) used to power your dashboard.
• Basic product analytics needed to operate and improve Spara.

We do not store your email contents, account numbers, card numbers, transaction history, receipts, statements, or any private correspondence.

We use the data we store solely to:

• Identify and display your active subscriptions.
• Notify you about renewals or unusual charges, when you opt in.
• Maintain the security and reliability of the service.

We do not sell your data. We do not share it with advertisers.

We share data only with infrastructure providers strictly necessary to run Spara (cloud hosting, authentication). These providers are bound by contract to handle data confidentially and may not use it for their own purposes.

All data is encrypted in transit (TLS) and at rest. Access to production systems is restricted to a small set of engineers and audited. Because we hold so little of your data in the first place, there is very little to compromise.

You can at any time:

• Disconnect Gmail or any other linked source.
• Export your subscription data.
• Delete your Spara account, which permanently removes all associated data.

Spara's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Questions about this policy? Email us at support@sparasubtracker.com.