Receipt
Get started
PRIVACY POLICY

Privacy

This Privacy Policy explains how Receipt (“Receipt”, “we”, “us”) collects, uses and protects personal data. Receipt is a product operated by LRARE Holdings Ltd (Company No. 16807366).

1. Who we are

Receipt provides a neutral record of PDF delivery, access, review activity and acknowledgement. We do not provide legal advice, identity verification or e-signature services.

2. Data protection roles

For account holders (“users”), Receipt acts as a data controller in respect of account, billing and service usage data.

For individuals who receive and review documents (“recipients”), Receipt generally acts as a data processor on behalf of the user who shared the document, unless stated otherwise.

3. Personal data we collect

Account holders (users)

  • Email address
  • Authentication data (including Google sign-in where used)
  • Subscription and billing status
  • Workspace and configuration settings

Recipients of documents

  • Email address (where provided by the user or used for delivery)
  • IP address
  • Device and browser information (user agent)
  • Document access timestamps
  • Review activity (e.g. time on page, scroll depth)
  • Acknowledgement status and timestamp

Receipt does not attempt to infer intent, understanding, consent or identity.

4. How we use personal data

  • To provide and operate the Receipt service
  • To generate document access and acknowledgement records
  • To manage accounts, subscriptions and billing
  • To prevent fraud, misuse and unlawful activity
  • To analyse anonymised or aggregated usage data for product improvement and statistical purposes

5. Lawful basis for processing

We process personal data on the basis of:

  • Performance of a contract
  • Legitimate interests (service integrity, security and fraud prevention)
  • Compliance with legal obligations
  • Consent, where required

6. Sub-processors and third parties

We rely on trusted third-party providers to operate Receipt:

  • Vercel — application hosting and infrastructure
  • Supabase — database, authentication and file storage
  • Google — optional authentication via Google sign-in
  • Stripe — payment processing and billing

7. International data transfers

Some of our service providers operate outside the UK or EEA. Where this occurs, we rely on appropriate safeguards such as standard contractual clauses or equivalent protections.

8. Data retention

Personal data is retained only for as long as necessary to provide the service, comply with legal obligations, or as determined by the user’s configuration and internal policies.

9. Your rights

Depending on your location, you may have rights to access, correct, delete or restrict processing of your personal data, or to object to certain uses.

10. Contact

For privacy-related enquiries, contact:

privacy@lrare.co.uk

Last updated: 2026-02-08