Integrity is our baseline. This policy explains how BoxSight LLC ("we," "our," or "us") manages your information across our ecosystem. We prioritize local processing and transparency in all AI-driven interactions.
1. Information We Collect
Direct Submission
- Account Credentials: Email addresses and profile metadata provided during registration.
- Application Data: Receipt imagery and extracted financial data processed via SpendCity.
- Inquiries: Information shared during support requests or technical consultations.
Automated Collection
- Technical Telemetry: Device identifiers, OS versions, and network performance metrics.
- Usage Analytics: Feature engagement patterns and diagnostic logs to maintain service stability.
Topos (Nearby-Places Finder)
No account required. Topos uses an anonymous random device identifier (UUID) stored in your device's secure keychain/keystore for favorites, search history, and rate-limiting — not your name, email, or an advertising identifier.
- Precise location (GPS): Collected only while the app is in use (foreground), at the moment you search, to find nearby places and calculate travel times. We do not collect background location and do not track movement between searches. Your coordinates are sent to our backend and to our mapping/places providers to perform the search you requested; we store the search origin only in coarsened form (rounded to approximately 110 metres) for coverage analytics — never your exact coordinates.
- Device & diagnostics: Platform, OS version, device model, app version, crash reports and usage analytics (Firebase Crashlytics/Analytics), and IP/connection metadata for security and abuse prevention.
- Third-party processors: Mapbox (map tiles), Google Maps Platform (place search, details, and travel times), and Google Gemini (short place descriptions — we send only a place's name, address, and category, never your identity or location history; not used to train Google's models).
2. Third-Party AI Processing
Consent Management: AI features require explicit activation. You may opt-out or withdraw consent at any time within your Application Settings.
We utilize enterprise-grade AI services for specific cognitive tasks:
Computer Vision (OCR)
Receipt images are processed via Google Cloud Vision API to extract merchant data and line items. Images are processed in transit and not retained for model training.
LLM Reasoning & Insights
Aggregated statistics and natural language queries are processed via Google Gemini API to provide spending insights and news synthesis. All processing is governed by specific enterprise terms that prohibit the use of your data for base model training.
3. Security & Data Sovereignty
We implement structural safeguards to protect your intellectual and personal property:
- End-to-end encryption for data in transit (TLS 1.3) and at rest (AES-256).
- Hierarchical access controls and multi-factor authentication.
- Strategic data residency in accordance with international sovereignty frameworks.
4. Your Rights & Data Portability
You maintain full control over your digital footprint. You have the right to request access to, correction of, or permanent deletion of your data. For portability requests or CCPA/GDPR inquiries, contact us at privacy@boxsight.ai.
5. Account Deletion
Upon initiating account deletion, all associated data—including receipts, images, and metadata—is purged from our active systems within 7 days. This process is irreversible.