Goodbay.ai Privacy Policy
Effective Date: March 16, 2026 Last Updated: June 19, 2026
Goodbay.ai ("Goodbay," "we," "us," or "our") is a personal asset management platform. This Privacy Policy describes how we collect, use, store, and protect your information when you use our website, application, and services (collectively, the "Service").
We believe in transparency. This policy is written in plain language and provides specific detail about every category of data we handle, how we handle it, and your rights.
1. What Data We Collect
1.1 Account Information
When you create an account, we collect:
- Email address — Used for authentication, notifications, and account recovery.
- Display name — Used within the Service to identify you.
- Password hash — We never store your password in plain text. We store only a one-way cryptographic hash.
- Account preferences — Your settings and configuration choices.
1.2 Inventory Data
When you use the Service, you may create or import:
- Item records — Names, descriptions, categories, conditions, quantities, locations, and notes for items you track.
- Financial data — Purchase prices, purchase dates, estimated current values, and sale prices/dates for items you sell.
- Photos — Images of items you upload or capture through the Service.
- Barcodes and identifiers — UPC codes, serial numbers, and other identifiers captured via barcode scanning or manual entry.
1.3 Email Scanning Data (Gmail and Microsoft Outlook)
This section describes our email data handling in detail, as required for Google CASA compliance and Microsoft publisher verification.
When you connect your Gmail or Microsoft Outlook account to Goodbay.ai, the following occurs:
What We Access
- We request read-only OAuth access to your email account. For Gmail, we request the
gmail.readonlyscope only. For Microsoft Outlook, we requestMail.ReadandUser.Readscopes only. - We never send, modify, delete, move, or forward any email on your behalf. Our OAuth scopes are limited to read-only access.
- We scan your inbox for receipt and order confirmation emails only. We identify these emails using a combination of subject line keyword matching and sender domain filtering (e.g., emails from known retailers, shipping providers, and payment processors).
- We do not read, process, or access emails that do not match our receipt/order detection criteria.
What We Extract and Store
From qualifying receipt/order emails, we extract and store the structured data below, and we also retain the email body itself (see "What We Do Store"):
| Data Extracted | Example | Stored? |
|---|---|---|
| Vendor / retailer name | "Amazon.com" | Yes |
| Item name(s) | "Sony WH-1000XM5 Headphones" | Yes |
| Item price(s) | "$348.00" | Yes |
| Order total | "$371.28" | Yes |
| Order date | "2026-01-15" | Yes |
| Order / confirmation number | "#112-3456789-0123456" | Yes |
| Shipping tracking number | Not extracted | No |
| Sanitized email body (HTML) | Receipt/order email body | Yes — attaches the receipt to the item, review, parser improvement |
| Plain-text copy of the email body | Receipt/order email body | Yes — fallback when usable HTML isn't present |
| Email attachments | Not extracted | No |
| Sender email address | Not extracted | No |
| Email metadata (headers, CC, BCC) | Not extracted | No |
What We Do NOT Store
- Complete raw messages — full MIME source, headers, routing/tracking elements, and embedded scripts/pixels — are not written to our database. For receipt/order emails we retain the message body only (see "What We Do Store" below); the rest of the raw message is discarded after parsing.
- Email attachments (PDFs, images, etc.) are never accessed, downloaded, or stored.
- Non-receipt emails are never read or processed. Our scanning logic skips emails that do not match receipt/order patterns before any content is accessed.
- Email metadata beyond the structured receipt fields listed above (full headers, CC/BCC, etc.) is not stored.
What We Do Store — Receipt Email Bodies
For emails our detection identifies as receipts or order confirmations, we retain the body of that email — sanitized HTML plus a plain-text copy — for three purposes:
- Attaching the receipt to the item — the email body is what links a receipt to the corresponding item in your inventory, so each item keeps a verifiable record of where it came from.
- Receipt review interface — so you can view which emails were scanned and verify the extracted data.
- Parser quality improvement — used as training input to improve our receipt extraction accuracy.
We retain email-body content only for emails believed to be receipts or order confirmations; the bodies of all other emails are never stored. "Sanitized" means scripts, tracking pixels, and external resource references are stripped before storage, while the semantic receipt content (vendor, line items, totals) is preserved.
This stored content is associated with your account, and the stored email body is redacted (permanently removed) when you disconnect your email account (see Section 6.2) or delete your account.
Message ID Retention
- We retain processed message IDs (opaque identifiers assigned by your email provider) to prevent re-scanning emails we have already processed.
- Message IDs are associated with your connected email account and contain no email content.
- Message IDs are permanently deleted when you disconnect your email account (see Section 6.2).
Gmail-Specific Disclosure (Google API Services)
Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
- We access Gmail data only to provide the email receipt scanning feature that you explicitly enabled.
- We do not use Gmail data for advertising, market research, or any purpose unrelated to the core receipt scanning functionality.
- We do not allow humans to read your email data unless (a) we have your explicit consent, (b) it is necessary for security purposes (such as investigating abuse), (c) it is necessary to comply with applicable law, or (d) the data has been aggregated and anonymized such that it can no longer be associated with you.
- We do not transfer Gmail data to third parties except as necessary to provide the Service, as required by law, or in connection with a merger or acquisition (with user notification).
1.4 eBay Import Data
When you connect your eBay account via OAuth:
- We access your purchase history in read-only mode.
- We extract item names, prices, dates, and order identifiers.
- We store OAuth tokens securely (see Section 7) for ongoing access until you disconnect.
1.5 Amazon Import Data
- Amazon data is imported via CSV files that you manually upload.
- We do not have direct access to your Amazon account.
- We parse the CSV file in memory and store only the structured item and transaction data extracted from it.
1.6 Spreadsheet and Manual Import Data
- Data imported via spreadsheet upload or manual entry is stored as provided by you.
- Uploaded spreadsheet files may be stored temporarily for processing but are deleted after import is complete.
1.7 Photo and AI Recognition Data
- Photos you upload or capture are stored to enable item identification and inventory management.
- When you use photo-based AI recognition, your photos may be sent to third-party AI services for processing. We do not retain copies of photos beyond what is stored in your inventory.
1.8 Usage and Analytics Data
We collect limited usage data to maintain and improve the Service:
- Log data — IP addresses, browser type, operating system, referring URLs, pages visited, and timestamps. This data is retained for operational and security purposes.
- Feature usage — Which features you use and how often (e.g., number of items scanned, imports completed). This is collected in aggregate and is used to prioritize development.
- Error reports — Crash logs and error details to help us diagnose and fix issues.
We do not use third-party behavioral advertising trackers. We do not sell usage data.
2. How We Use Your Data
We use the data we collect for the following purposes:
2.1 Providing the Service
- Managing your inventory and tracking your items.
- Generating valuations based on market data and comparable sales.
- Scanning email receipts and importing purchase history from connected accounts.
- Displaying your data to you through the Service.
2.2 Aggregate Intelligence and Pricing Data
- Anonymized transaction data (item types, purchase prices, sale prices, dates) is used to build aggregate pricing models that benefit all users.
- This aggregate data cannot be linked to any individual user. See Section 5 for details.
2.3 Bridge Network Features
If you are subscribed to the Bridge network:
- Your inventory data may be surfaced in the Passive Marketplace to match with potential buyers (with your consent and per your visibility settings).
- Aggregate intelligence drawn from anonymized cross-user data is used to improve valuation accuracy and market insights.
2.4 Service Improvement
- Analyzing usage patterns (in aggregate) to improve features and user experience.
- Diagnosing technical issues and ensuring platform stability.
2.5 Communications
- Sending transactional emails (account verification, password reset, import notifications).
- Sending product updates and announcements (you may opt out at any time).
3. What We Store vs. What We Process in Memory
This distinction is critical, particularly for email scanning:
| Data Type | Stored in Database | Processed in Memory Only |
|---|---|---|
| Account information (email, name) | Yes | -- |
| Inventory items and valuations | Yes | -- |
| Structured receipt data (vendor, items, prices, dates) | Yes | -- |
| Processed email message IDs | Yes (until disconnect) | -- |
| Complete raw message (full MIME, headers, attachments) | No | Yes, then discarded |
| Receipt/order email body (sanitized HTML + plain text) | Yes (attaches receipt to item, review, parser improvement; redacted on disconnect) | -- |
| Email attachments | No | No (never accessed) |
| Non-receipt email content | No | No (never accessed) |
| OAuth tokens (Google, Microsoft, eBay) | Yes (encrypted) | -- |
| Uploaded photos | Yes | -- |
| Uploaded CSV/spreadsheet files | Temporary (deleted after import) | Yes |
4. Third-Party Services
We use the following third-party services to provide the Service. We share only the minimum data necessary for each integration.
4.1 Google (Gmail Integration)
- Purpose: Read-only access to Gmail for receipt scanning.
- Data shared: OAuth authentication only. We do not send your data to Google.
- Data received: Email content (read-only; see Section 1.3 for full details on what is extracted and stored).
- Google's privacy policy: https://policies.google.com/privacy
4.2 Microsoft (Outlook Integration)
- Purpose: Read-only access to Outlook for receipt scanning.
- Data shared: OAuth authentication only. We do not send your data to Microsoft.
- Data received: Email content (read-only; see Section 1.3 for full details on what is extracted and stored).
- Microsoft's privacy policy: https://privacy.microsoft.com/en-us/privacystatement
4.3 eBay
- Purpose: Read-only access to purchase history for item import.
- Data shared: OAuth authentication only.
- Data received: Purchase history data (item names, prices, dates).
- eBay's privacy policy: https://www.ebay.com/help/policies/member-behaviour-policies/user-privacy-notice-privacy-policy
4.4 Payment Processors
- Purpose: Processing subscription payments for the Bridge network and hosted tier.
- Data shared: Billing information (name, payment method, billing address). We do not store full credit card numbers.
- Processor: Stripe, Inc.
- Stripe's privacy policy: https://stripe.com/privacy
4.5 AI / Receipt Parsing Services
- Purpose: Parsing receipt data from emails and identifying items from photos.
- Data shared: Sanitized receipt email HTML (scripts and tracking elements removed) and photos you submit for recognition. After Anthropic parses the email, a sanitized version of the email HTML is retained in our database for receipt review and parser improvement (see Section 1.3 for full storage and deletion details).
- Provider: Anthropic, PBC
- Anthropic's privacy policy: https://www.anthropic.com/privacy
4.6 Hosting and Infrastructure
- Purpose: Hosting the Service and storing data.
- Provider: Amazon Web Services, Inc. (AWS)
- AWS's privacy policy: https://aws.amazon.com/privacy/
- Data stored: All data described in this policy is stored on AWS infrastructure in the United States.
4.7 Together AI (Model Fine-Tuning)
- Purpose: Fine-tuning AI models for receipt parsing quality improvement. Sanitized email HTML from qualifying receipt emails may be used as training data.
- Data shared: Sanitized email body HTML (scripts and tracking elements removed). No raw email content, no account credentials, and no directly identifying information beyond what appears in a receipt is shared.
- Provider: Together Computer, Inc.
- Together AI's privacy policy: https://www.together.ai/privacy
5. Data Retention and Deletion
5.1 Active Accounts
While your account is active, we retain all data associated with your account as described in this policy.
5.2 Account Deletion — Anonymization Policy
Please read this section carefully. It describes what happens to your data when you delete your account.
When you delete your Goodbay.ai account:
Permanently Deleted (cannot be recovered):
- Your name and email address
- Your password hash
- OAuth tokens and connected account credentials
- Processed email message IDs
- Connected account metadata (which email accounts, which eBay accounts, etc.)
- Account preferences and settings
- Any other personally identifiable information (PII)
Retained in Anonymized Form (cannot be linked back to you):
- Transaction and item data: item types/categories, purchase prices, sale prices, dates
- This data is stripped of all identifying information and cannot be associated with any individual
We retain anonymized data to power aggregate valuations and pricing intelligence for all Goodbay.ai users. For example, knowing that a specific product category sold within a certain price range during a certain time period helps us provide accurate market valuations for all users.
This anonymization is irreversible — once your PII is deleted, the retained transaction data has no connection to your identity.
GDPR Compliance: Under the EU General Data Protection Regulation, Recital 26 establishes that the principles of data protection do not apply to anonymous information, namely information which does not relate to an identified or identifiable natural person, or to personal data rendered anonymous in such a manner that the data subject is not or no longer identifiable. Our anonymization process satisfies this standard.
By creating an account, you acknowledge and agree to this data retention policy. This notice is provided before account creation so you can make an informed decision.
5.3 Disconnecting an Import Source
When you disconnect an import source (email, eBay, or any other connected account):
- The OAuth connection is revoked and all tokens are deleted.
- All source-specific metadata (processed message IDs, connection details) is permanently purged.
- Inventory items already created from that source remain in your inventory. You own your inventory data, and disconnecting a source does not delete items that were already imported. You may manually delete any individual items you wish.
5.4 Data Retention Periods
| Data Type | Retention Period |
|---|---|
| Account information | Until account deletion |
| Inventory data | Until account deletion (then anonymized per Section 5.2) |
| OAuth tokens | Until source disconnect or account deletion |
| Processed message IDs | Until email source disconnect or account deletion |
| Usage/analytics logs | 90 days (rolling) |
| Error/crash reports | 90 days (rolling) |
| Anonymized transaction data | Indefinite |
6. Your Rights
6.1 Access and Export
- You may view all data associated with your account through the Service at any time.
- You may export your complete inventory data at any time using the Service's export feature.
- You may request a copy of all personal data we hold about you by contacting nate@goodbay.ai. We will respond within 30 days.
6.2 Disconnect Import Sources
- You may disconnect any connected account (Gmail, Outlook, eBay) at any time through the Service's settings.
- Disconnecting immediately revokes the OAuth token and purges all scanning metadata for that source.
- One-click disconnect is available in the Service's integration settings.
6.3 Delete Your Account
- You may delete your account at any time through the Service's account settings.
- Account deletion is processed as described in Section 5.2.
6.4 Correction
- You may correct or update your personal information at any time through the Service.
6.5 Objection and Restriction
- If you are in the EU/EEA, you have the right to object to or request restriction of certain processing activities. Contact nate@goodbay.ai to exercise these rights.
6.6 Data Portability
- You have the right to receive your personal data in a structured, commonly used, machine-readable format. Our export feature provides data in standard formats (CSV, JSON).
6.7 Complaints
- If you are in the EU/EEA and believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection supervisory authority.
7. Security Measures
We take the security of your data seriously. Our measures include:
- Encryption in Transit — All data transmitted between your device and our servers is encrypted using TLS/HTTPS. We do not support unencrypted HTTP connections.
- Encryption at Rest — Sensitive data, including OAuth tokens and password hashes, is encrypted at rest using industry-standard encryption.
- OAuth Token Security — All OAuth tokens (Google, Microsoft, eBay) are stored in encrypted form. Tokens are scoped to the minimum permissions required (read-only for email and purchase history). Tokens are immediately deleted when you disconnect a source or delete your account.
- Email Content Security — Complete raw messages (full MIME, headers, attachments) are not stored at rest. For receipt/order emails, the email body (sanitized HTML plus a plain-text copy) is stored encrypted at rest, with scripts and tracking elements stripped, and is redacted upon email disconnect or account deletion (see Section 1.3).
- Access Controls — Access to production systems and user data is restricted to authorized personnel and requires multi-factor authentication.
- Password Security — Passwords are hashed using industry-standard one-way hashing algorithms. We never store passwords in plain text.
- Regular Security Reviews — We conduct periodic security assessments of our systems and practices.
7.1 Breach Notification
In the event of a data breach that affects your personal information, we will notify you via email within 72 hours of becoming aware of the breach, as required by GDPR and applicable US state laws.
8. Cookies and Analytics
8.1 Essential Cookies
We use essential cookies to maintain your session and keep you logged in. These cookies are strictly necessary for the Service to function and cannot be disabled.
8.2 Analytics
We may use privacy-respecting analytics tools to understand how the Service is used in aggregate. We do not use third-party advertising cookies or behavioral tracking pixels.
If we use analytics cookies that are not strictly necessary, we will ask for your consent before setting them.
8.3 Do Not Track
We respect "Do Not Track" (DNT) browser signals. When we detect a DNT signal, we disable any non-essential analytics tracking for that session.
9. Children's Privacy
The Service is not directed at children under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will delete that information promptly. If you believe a child has provided us with personal information, please contact us at nate@goodbay.ai.
10. International Data Transfers
Goodbay.ai is based in the United States. If you access the Service from outside the United States, your data will be transferred to and processed in the United States.
For users in the EU/EEA, we rely on Standard Contractual Clauses (SCCs) or other approved transfer mechanisms to ensure your data is protected in accordance with GDPR requirements when transferred outside the EEA.
11. Self-Hosted Instances
If you use a self-hosted instance of Goodbay.ai:
- Without Bridge: Your data stays entirely on your own infrastructure. This Privacy Policy does not apply to data stored on self-hosted instances that do not connect to our services. You are responsible for your own data handling practices.
- With Bridge subscription: Only the data necessary for Bridge features (Passive Marketplace listings, anonymized aggregate data) is transmitted to Goodbay.ai infrastructure. This Privacy Policy applies to that data.
12. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will:
- Post the updated policy on the Service with a new "Last Updated" date.
- Notify you by email at least 30 days before the changes take effect.
- For changes related to email scanning data handling or anonymized data retention, we will request your explicit acknowledgment.
Your continued use of the Service after the effective date of any update constitutes acceptance of the revised policy.
13. Contact Information
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, contact us at:
Goodbay.ai Email: nate@goodbay.ai Address: California, United States
For GDPR-related inquiries, please include "GDPR Request" in the subject line.
For Google CASA or Microsoft verification inquiries, please include "Compliance Inquiry" in the subject line.
This Privacy Policy was last updated on June 19, 2026.