top of page

Security & Privacy

At SparkReceipt, we care about your privacy and take data security seriously. In this article we've gathered an overview about the app's architecture, as well as the most common questions and concerns about security or privacy.

Where is my data stored and which services can access it?

Let's start with a quick overview of the main services related to SparkReceipt:

A diagram of the core cloud services used by SparkReceipt: Heroku, AWS, OpenAI, Brevo

All the services apart from the OpenAI API are located in the EU to make SparkReceipt GDPR compliant as effortlessly as possible. OpenAI is also GDPR and CCPA compliant as of late 2023.

Heroku Common Runtime: This refers to a set of virtual machines running in Heroku Common Runtime (EU), which are used as the main application servers. The application servers is the interface between the user applications (iOS, Android, web browser) and the rest of the services in the architecture. The main application database is also located in the same region, and access to it is secured with a long, random and auto-rotating password managed by Heroku.

File Storage: Your files are processed within the Heroku application servers, but they are stored in Amazon Web Services (AWS). More specifically, the main data repository is located in Stockholm, Sweden (EU), with a mirrored backup in an archival storage in an other EU region (Frankfurt).

Brevo: We use Brevo as the SMTP relay, meaning all email communication from within the app (such as intro emails, password reset emails and more) goes through Brevo. The logs are retained for 30 days and might contain relevant traces of your data for the while the logs are retained. Brevo's data is located within Paris, France (EU).

OpenAI: The OpenAI servers are located within the United States. We have signed the DPA (Data Processing Addendum) and the data processing is under OpenAI's Enterprise Privacy. In short, the main things this means is:

  1. Your data is NOT used to train current or future OpenAI models.

  2. Your data is deleted after a predetermined retention period, currently 30 days.

  3. The user owns both the input and output of the AI model.

How is my data protected?

Encryption

Your data is encrypted with a strong cipher in both transit and in rest. In transit means while communicating between SparkReceipt's core services or with your user client, preventing man-in-the-middle attacks within the network. In rest meaning when data is stored to disk in a data center, preventing reading the data if physical access is gained to the data center hardware, or if an attacker manages to download and clone the storage.

Data Access at Different Levels

Data access programmatically is best described in the above section. This section delves more into human interaction with the data. There are several levels of access:

Database level: A person with admin access to Heroku Services is theoretically able to directly access the system database and read your data. Access to Heroku is restricted with a strong random password and multi-factor authentication.

File system level: A person with admin access to Amazon Web Services infrastructure is able to browse and decrypt the files present in the S3 service. This is never part of any process however. Instead, AWS is always accessed from within the application server. Access to AWS is restricted with a strong random password and multi-factor authentication.

Admin tooling level: We have admin tooling to help with customer support and general monitoring, with limited but still relatively large visibility into the system. These tools allow us to manage and fix your accounts, change emails, reset passwords, debug errors, and even access your documents if there is a problem with them, and you have explicitly requested that we look into the matter. This is very similar to most cloud services. Access to the admin tooling is also restricted with brute-force rate-limiting, a strong random password and multi-factor authentication.

No one outside SparkReceipt (Valorbyte LLC) currently have, or is planned to have access to any of these levels.

Can I Delete My Documents & Data from Your System?

The short answer is yes. Follow these instructions to perform an auto-deletion of your account. This removes all your personal and other data from the live system.

Some of your data may persist for a while in logs, database backups, file system backups and other systems after account deletion. The data retention period is up to 30 days in these cases. Please note that these backups of your data are not read or processed in any normal workflow, and are only there for 
disaster recovery purposes.

Is OpenAI Safe to Use?

Many users have expressed their (very valid) concerns about OpenAI safety for sensitive data processing, such as many financial records processed in SparkReceipt.

OpenAI has made big strides to enable its AI to be used in Enterprise setting, where security and privacy is paramount. And the OpenAI API that SparkReceipt uses is not to be confused with the ChatGPT application as they have different rules in this regard.

We have signed the DPA (Data Processing Addendum) and our data processing is under OpenAI's Enterprise Privacy. In short, the main things this means is:
 

  1. Your data is NOT used to train current or future OpenAI models.

  2. Your data is deleted after a predetermined retention period, currently 30 days.

  3. The user owns both the input and output of the AI model.

bottom of page