ClaimIt

Security and privacy by design.

ClaimIt handles purchase-related data carefully, keeps users in control of claims, and limits access to what the workflow needs.

Try freeRead privacy policy
Principles

How we approach security

Least access

ClaimIt asks for the Gmail scopes needed for receipt ingestion and eligible email claim sending.

User approval by default

Approval-gated mode is default. You review and approve claims before they are sent.

Transparent workflows

Users can review claim drafts, policy evidence, and Assistant explanations at every step.

Gmail Access

How we use Gmail access

Optional

Gmail is optional. Skip this step and add receipts manually anytime.

When connected

ClaimIt reads purchase-related emails only. We surface confirmation receipts and ignore everything else.

What we don't do

We never read non-purchase emails, never sell data, and never send claims without your approval.

OAuth Scopes

Gmail permissions we request

ClaimIt requests only the Gmail scopes necessary for the price protection workflow. Here is a detailed breakdown of each permission and its purpose.

ScopePurpose
gmail.readonlyRead order confirmations and claim-related replies for ingestion and workflow context.
gmail.sendSend approved eligible email claims from the user's Gmail account.
gmail.modifyMark processed emails with a ClaimIt label when enabled.
Data Storage

Where data is stored

Application hosting

Application services are hosted on Google Cloud infrastructure.

Receipts and evidence

Receipts and evidence screenshots may be stored in cloud object storage.

Application data

Purchase, claim, policy, conversation, and notification records are stored in the application database.

Secrets and tokens

Authentication tokens and secrets are handled through secure secret management.

Encryption

Encryption and transport

In transit
All data transmitted between your browser and ClaimIt uses HTTPS/TLS encryption to protect information in transit.
At rest
ClaimIt uses managed encryption at rest from cloud providers where applicable to protect stored data.
Commitments

What we never do

  • We do not sell your personal data.
  • We do not store your Gmail password.
  • We do not send claims without your configured approval or auto-send preference.
  • We do not use purchase data for coupon targeting or ad profiles.
  • We do not treat unreported claim outcomes as verified reclaimed money.
User Controls

You're in control

ClaimIt gives you full control over your data and how the service operates on your behalf.

Disconnect Gmail
Revoke Gmail access at any time from your settings.
Use upload instead
Skip Gmail entirely and manually upload receipts.
Choose approval mode
Control whether claims require manual approval or auto-send.
Manage notifications
Configure how and when ClaimIt alerts you about claims.
Resources

Related documents

Privacy Policy

How we collect, use, and protect your information.

Terms of Service

The agreement governing your use of ClaimIt.

Help Center

Answers to common questions about ClaimIt.

Contact Us

Get in touch with our support team.