Privacy

What we store

Receipts is a council that remembers what you said you wanted. That requires storing what you tell it: questions, context, verdicts, the directives you accept, and the tagged memories captured by your advisors. We store it. The advisors use it. We do not sell it.

Memory rooms are isolated

Memories captured in a room (dating, money, career, family, health, creative, general) are scoped to that room and never leak across rooms in search results or in advisor citations. This is a SQL/vector-level constraint, not a UI nicety.

Crisis-flagged messages

If our crisis classifier flags a question, we store the classification (category, confidence, layer) and not the content of the question itself. The question text is dropped at the database layer the moment the flag is set.

Account Deletion

Deleting your Receipts account removes all Receipts data immediately. Your Wyzin account and other Wyzin product data are not affected by this action.

Account deletion is single-transaction: every memory, every captured directive, every verdict, every journal entry, every crisis flag is removed from the database in one operation, and the bytes of any uploaded share cards or attached images are deleted from object storage in a follow-up async job.

To delete your global Wyzin account (across all Wyzin products), use accounts.wyzin.ai — that path is managed by Wyzin, not by Receipts.

What we share with Wyzin

Receipts is part of the Wyzin product family. Your global identity (email, display name) and product membership are shared with Wyzin Core so the same sign-in works across Pronto, Inkline, and other Wyzin products. Receipts data (questions, memories, verdicts) is never shared with another product.