Privacy Policy
Offramp ("we", "us", or "our") operates the Offramp iOS application ("the App"). This Privacy Policy describes how we collect, use, store, and protect your information. By using Offramp, you agree to this policy.
1. Information We Collect
Account information. When you sign in with Apple or Google, we receive a unique user identifier and optionally your email address and display name. This is stored in our secure backend (Supabase, hosted on AWS) to maintain your account.
Subscription data. We store only structured information you explicitly review and approve: service name, price, billing cycle, renewal date, detection confidence, category, and payment records detected from billing emails. Raw email content is never stored.
Email access tokens. When you connect Gmail or Outlook, OAuth access and refresh tokens are stored exclusively in your device's iOS Keychain. They are never transmitted to or stored on our servers, databases, or logs.
Device push token. If you enable push notifications, we store a device push notification token to deliver renewal reminders. This token is deleted when you disconnect your account or disable notifications.
No tracking. We do not use third-party analytics SDKs, advertising trackers, or behavioral tracking of any kind.
2. How We Use Your Information
- To detect and display your subscriptions and free trials
- To send push notification reminders before renewal dates
- To sync your subscription data across devices via your account
- To improve detection accuracy using only aggregated, non-identifiable signals — never individual email content
3. Email Access
Gmail. When you connect Gmail, we request the following OAuth scopes:
https://www.googleapis.com/auth/gmail.readonly— to read emails for subscription detectionemail— to identify your Gmail accountprofile— to display your account information in the App
Outlook. When you connect Outlook, we request:
Mail.Read— to read emails for subscription detectionemail,profile,openid— to identify your accountoffline_access— to maintain your connection without requiring re-authentication
What we do with inbox access:
- We scan only for subscription billing signals — pricing emails, renewal notices, and trial confirmations
- Personal emails, conversations, and non-billing content are never read or analyzed
- Email body text is processed in memory and immediately discarded — never stored on any server
- We do not send emails on your behalf
- We do not modify, delete, or organize your inbox
- We do not share your email data with any third party for advertising, analytics, or any other purpose
You may revoke access at any time from Settings → Connected Services in the App, or directly through your Google or Microsoft account security settings.
4. Google API Services — Limited Use Disclosure
Offramp's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Specifically:
- Gmail data is used solely to detect subscription billing emails and extract structured information (service name, price, renewal date) for the user's direct benefit within the App
- We do not use Gmail data to serve advertisements
- We do not allow any person to read Gmail message content without the user's explicit, informed consent
- We do not transfer Gmail data to third parties except: (a) to our AI extraction service with the user's explicit prior opt-in consent, using sanitized excerpts only; or (b) as required by applicable law
- Our use of data obtained from Google APIs is strictly limited to providing and improving the subscription detection features described in this policy
5. AI-Powered Detection
When you explicitly enable AI-powered detection during onboarding — before your first inbox scan — sanitized excerpts of billing emails may be sent to our AI extraction service. You are never enrolled automatically.
- Excerpts contain only billing signals: service name, price, and dates — never your name, address, payment card details, personal messages, or full email bodies
- Our AI service is hosted on our Supabase backend and powered by Anthropic Claude
- Excerpts are discarded immediately after processing — never logged or stored
- Your data is not used to train AI models
- AI processing is not used for advertising or shared with third parties beyond what is necessary to operate the service
- You may withdraw AI consent at any time from Settings → Connected Services → AI Detection
6. Data Storage and Security
- All account and subscription data is stored in Supabase (hosted on AWS) with encryption at rest and TLS 1.2+ encryption in transit
- Gmail and Outlook OAuth tokens are stored only in your device's iOS Keychain and never transmitted to or stored on our servers
- No email content, OAuth tokens, or authentication credentials appear in our server logs
- We apply access controls, principle of least privilege, and industry-standard security practices
- In the event of a data breach affecting your personal information, we will notify you as required by applicable law
7. Data Retention
- Your account data and subscription records are retained while your account is active
- Upon account deletion, all personal data is permanently and immediately deleted from our systems
- Push notification tokens are deleted upon account deletion or notification opt-out
- Server logs are retained on a rolling 30-day basis and contain no email content, email tokens, or personal subscription data
8. Data Sharing
We do not sell your personal information. We share data only with the following service providers, who process data strictly on our behalf:
| Service | Purpose | Data shared |
|---|---|---|
| Supabase (AWS) | Backend database and authentication | Account identifiers, subscription records |
| Apple (Sign in with Apple) | Authentication | User identifier |
| Google (Sign in with Google) | Authentication | User identifier, email address |
| Apple Push Notification service | Push notifications | Device push token |
| Anthropic Claude via Supabase | AI extraction (opt-in only) | Sanitized billing email excerpts |
| Plaid | Bank/card connection (Pro, opt-in) | Financial institution connection via Plaid Link |
9. Your Rights and Controls
All users:
- View your data — all subscription data is visible within the App
- Delete your data — delete your account and all associated data at any time from Settings → Profile → Delete Account. Deletion is immediate and permanent.
- Disconnect email — revoke inbox access at any time from within the App or through your Google or Microsoft account settings
- Control AI processing — enable or disable AI detection at any time from Settings → Connected Services
California residents (CCPA):
- Right to Know — you may request a description of the personal information we collect, use, and disclose
- Right to Delete — you may request deletion of your personal information (use the in-app deletion feature or contact us)
- Right to Opt Out of Sale — we do not sell personal information. There is nothing to opt out of.
- Right to Non-Discrimination — we will not discriminate against you for exercising your rights under the CCPA
To exercise California rights, contact: privacy@useofframp.com
10. Children's Privacy
Offramp is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided personal information to us, please contact privacy@useofframp.com and we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy periodically. We will provide at least 7 days' notice of material changes through the App before changes take effect. Continued use of the App after the effective date constitutes your acceptance. The date at the top of this page reflects the most recent revision.
12. Contact
For privacy questions, data requests, or to exercise your rights:
Email: privacy@useofframp.com
Website: https://useofframp.com/privacy