Privacy Policy
Last updated: February 2026
Duezo (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our bill tracking application at duezo.app.
1. What Data We Collect
Account Information
When you create an account, we collect your email address, name, and authentication credentials. If you sign in with Google, we receive your basic profile information from Google.
Bill Information
We store the bill data you create or import, including bill names, amounts, due dates, categories, payment status, and recurring schedules.
Payment Data
Subscription payments are processed through Stripe. We do not store your credit card numbers or full payment details. Stripe handles all payment information securely in accordance with PCI-DSS standards.
Usage Data
We may collect basic usage data such as pages visited and features used to improve the application experience.
2. How We Use Gmail Data
If you choose to connect your Gmail account, we request read-only access to your emails. Here’s exactly how we handle your email data:
- We only search for and process emails that appear to be bill-related (e.g., invoices, payment reminders, statements).
- We do not store the full content of your emails. Only extracted bill details (payee name, amount, due date) are saved.
- We do not read, modify, or delete any emails in your inbox.
- We do not share your email data with third parties for advertising.
- You can disconnect Gmail at any time from Settings, which revokes our access immediately.
3. How We Use AI
We use Anthropic’s Claude AI to process bill-related emails and extract structured data (bill names, amounts, due dates, and categories). This processing happens on Anthropic’s servers.
- Only the text content of bill-related emails is sent to the AI for processing.
- Anthropic does not use your data to train their models (per their data processing terms).
- Extracted bill data is stored in our database. The original email content is not retained after processing.
4. Third-Party Services
We use the following third-party services to operate Duezo:
| Service | Purpose |
|---|---|
| Supabase | Authentication and database hosting |
| Stripe | Subscription payment processing |
| Anthropic (Claude) | AI-powered bill extraction from emails |
| Google (Gmail API) | Email access for bill detection (optional) |
| Vercel | Application hosting |
Each service operates under its own privacy policy and data processing terms.
5. Data Security
We take security seriously and implement the following measures:
- All data is encrypted in transit (TLS/HTTPS) and at rest.
- Database access is protected by Row-Level Security (RLS) policies, ensuring users can only access their own data.
- Authentication is handled by Supabase Auth with industry-standard security practices.
- OAuth tokens for Gmail are stored encrypted and can be revoked at any time.
- We do not store passwords in plaintext.
6. Your Rights
You have the following rights regarding your data:
- Delete your account — You can permanently delete your account and all associated data from Settings. This action is immediate and irreversible.
- Export your data — You can export your payment history as CSV from the History page.
- Disconnect Gmail — You can revoke Gmail access at any time from Settings.
- Access your data — All your bill data is visible within the application at all times.
7. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any significant changes by email or through a notice within the application. Continued use of Duezo after changes constitutes acceptance of the updated policy.
8. Contact Us
If you have any questions about this Privacy Policy or how we handle your data, please contact us at support@duezo.app.