Kazarama

Privacy Policy

Last updated: 2026-05-08

This service (“the app”) helps users track return windows and subscription/trial deadlines for their own purchases. This policy describes what information the app collects and how it's used.

What we collect

  • Account info: your email address and password hash (sign-in), or your Google account if you choose Google sign-in, and your phone number (for SMS reminders).
  • Order and subscription data: when you connect Gmail or Outlook, we read order confirmation and subscription emails (read-only) and extract structured details (merchant, item, date, amount, return window). When you connect a bank or card via Plaid, we read transaction metadata (merchant, amount, date) to detect recurring charges.
  • SMS messages: an audit log of reminders we send you and replies you send back to us.

What we don't collect

  • We do not read or store the contents of unrelated emails.
  • We do not have or store your bank login credentials. Plaid handles authentication and gives us a read-only token.
  • We do not have or store your Google or Microsoft password. OAuth gives us a read-only refresh token.
  • We do not have or store payment card numbers.

How we use your data

  • To populate your dashboard with purchases, subscriptions, and trial deadlines.
  • To send you SMS reminders before deadlines.
  • To answer SMS questions you send us about your own data.

How we share your data

We do not sell your data. We do not share it with advertisers or marketing partners. We use the following service providers strictly to operate the app:

  • Supabase (database + auth hosting)
  • Vercel (web hosting)
  • Twilio (SMS delivery)
  • Resend (transactional email delivery)
  • Postmark (inbound email handling, when you use email-forwarding)
  • Google (Gmail API, when you connect Gmail)
  • Microsoft (Outlook/Graph API, when you connect Outlook)
  • Plaid (bank/card data, when you connect an account)
  • Anthropic (Claude API, for parsing email content and answering SMS questions)

Each receives only the minimum data required to perform its function.

Household mode

If you join a household, members of that household may see purchases and subscriptions assigned to them based on shipping-label name matching. Household owners may see all activity within the household. You can leave a household at any time from settings.

Security

OAuth refresh tokens (Gmail, Outlook) and access tokens (Plaid) are encrypted at rest with AES-256-GCM, beyond the underlying database's own encryption. Application code restricts every data read and write to the owning user (or, where applicable, the household member they belong to).

SMS messaging program

Message frequency varies by your activity (typically 1–3 messages per week). Message and data rates may apply. Reply HELP for help, STOP to unsubscribe. You can also disable SMS in your account settings.

Your rights

You can disconnect any data source and leave any household at any time from settings. To delete your account or have all associated data erased, email us at the address below and we will action it within seven days.

Contact

Questions: kazshinsherman@gmail.com