Welcome to DigiHome Inventory ("we," "our," or "the Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our home inventory management application. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.

1. Information We Collect

1.1 Personal Information

We may collect personal information that you voluntarily provide to us when you:

• Register for an account (username, email address)
• Use OAuth authentication (Google, Microsoft, Apple)
• Connect email accounts for receipt scanning
• Contact us for support

1.2 Inventory Data

When you use our Service, we collect and store:

• Receipt images and scanned data
• Item descriptions, quantities, and prices
• Store names and purchase dates
• Shopping list items and preferences
• Barcode scan data
• Consumption rate preferences

1.3 Email Integration Data

If you choose to connect your email account for automatic receipt scanning:

• We access only purchase-related emails (e.g., from Amazon, Costco)
• We extract order information to update your inventory
• We store OAuth tokens securely for email access
• We do not access, read, or store non-purchase-related emails

1.4 Technical Data

We automatically collect certain information when you use our Service:

• Device information (browser type, operating system)
• IP address and general location data
• Usage data and interaction patterns
• Error logs and performance metrics

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the Service
• Process and store your inventory data
• Scan receipts using OCR technology
• Generate shopping lists based on your inventory
• Process email receipts when you enable email integration
• Improve and personalize your experience
• Communicate with you about service updates
• Detect and prevent technical issues and security threats
• Comply with legal obligations

3. Data Storage and Security

3.1 Data Storage

Your data is stored securely:

• Database: PostgreSQL (production) or SQLite (development)
• Receipt images: Azure Blob Storage with encryption
• Email OAuth tokens: Encrypted in database
• Session data: Encrypted and temporary

3.2 Security Measures

We implement industry-standard security measures:

• Data encryption in transit (HTTPS/TLS)
• Encrypted storage for sensitive data
• Secure OAuth 2.0 authentication
• Password hashing using bcrypt
• Regular security updates and monitoring
• Rate limiting to prevent abuse

3.3 Data Retention

We retain your information:

• As long as your account is active
• As necessary to provide the Service
• As required by law or for legitimate business purposes
• Until you request deletion (see Your Rights section)

4. Third-Party Services

4.1 Authentication Providers

We use OAuth 2.0 authentication with:

• Google OAuth
• Microsoft OAuth
• Apple Sign-In

These services may collect data according to their own privacy policies.

4.2 Email Access (Gmail)

When you connect Gmail for receipt scanning:

• We only request minimal scopes to read purchase emails
• We do not access other emails or personal correspondence
• We do not share your email data with third parties
• You can disconnect email access at any time

4.3 OCR Services

We use Tesseract.js for optical character recognition:

• Processing is done client-side in your browser when possible
• Receipt images may be processed on our servers
• No data is shared with external OCR services

4.4 External Store APIs

If you enable store integrations (Costco, Amazon, etc.):

• We may access order history from these stores
• We store only order data necessary for inventory management
• Your store credentials are not stored by us

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

• With Your Consent: When you explicitly authorize us to share your data
• Service Providers: With third-party vendors who help us operate the Service (hosting, storage)
• Legal Requirements: When required by law, court order, or governmental request
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Protection of Rights: To protect our rights, privacy, safety, or property

6. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

6.1 Access and Portability

• Request access to your personal data
• Export your inventory data

6.2 Correction and Deletion

• Correct inaccurate information
• Delete your account and associated data
• Use the "Clear All Inventory" feature in User Preferences

6.3 Email Integration Control

• Disconnect email access at any time
• Control which emails are scanned
• Set scanning frequency preferences

6.4 Opt-Out

• Disable automatic email scanning
• Opt out of communications (where applicable)

To exercise these rights, please contact us or use the User Preferences section in the application.

7. Children's Privacy

Our Service is not intended for children under the age of 13 (or applicable age in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete that information.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure that appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable laws.

9. Cookies and Tracking

We use cookies and similar technologies to:

• Maintain your session and authentication
• Remember your preferences and settings
• Analyze usage patterns and improve the Service
• Ensure security and prevent fraud

You can control cookies through your browser settings, but disabling them may affect functionality.

10. Progressive Web App (PWA)

When you install our PWA:

• The app may cache data locally on your device
• Offline functionality requires local storage of inventory data
• Service workers enable background sync when online
• Cached data can be cleared by uninstalling the PWA

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Notifying you through the application (for significant changes)

Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of the sale of personal information
• Right to deletion of personal information
• Right to non-discrimination for exercising your rights

We do not sell your personal information.

13. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Right to access your data
• Right to rectification
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

14. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

• Application: Use the support feature in User Preferences
• Website: Visit our main website

15. Data Protection Officer

For data protection inquiries, you may contact our Data Protection Officer through the channels listed above.