Privacy Policy

Effective Date: March 23, 2026

KoTab ("we," "us," or "our") is operated by Joseph Horvitz. This Privacy Policy explains how we collect, use, and protect your information when you use the KoTab mobile application ("App").

By using KoTab, you agree to the practices described in this policy.

1. Information We Collect

Account Information: When you create an account, we collect your name, email address, and optionally a username. If you sign in with Google or Apple, we receive your name and email from those providers.

Payment App Identifiers: If you choose to link your Venmo and/or Cash App account, we store your Venmo username and/or Cash App cashtag to generate payment request links. We do not access your Venmo or Cash App accounts, balances, or transaction histories.

Receipt Images: When you scan a receipt, the image is uploaded to our servers and sent to a third-party AI service (OpenAI) to extract item names and prices. Receipt images are stored in our cloud storage to allow you to view them within your tabs.

Tab and Payment Data: We store information about tabs you create or join, including item names, prices, who claimed which items, and payment status.

Friends and Groups: We store your friend list, friend groups, and blocked users to enable social features within the App.

Camera and Photo Access: With your permission, we access your device camera to scan receipts and QR codes, and your photo library to select receipt images. These images are only used for the purposes described above.

Device Information: If you enable push notifications, we collect a device token to send you notifications about friend requests, tab invitations, and payment updates.

Usage Data: We use Google Analytics for Firebase to collect anonymous usage data, including which screens you visit, features you use (such as receipt scanning, tab creation, item claiming, and payment flows), and session duration. This data helps us understand how the App is used and identify areas for improvement. We do not collect advertising identifiers (IDFA/GAID), and this data is not used for advertising or shared with advertisers.

Local Storage: We store certain preferences (such as whether you've seen onboarding tips) locally on your device. This data never leaves your device and is not transmitted to our servers.

2. How We Use Your Information

• To create and manage your account
• To process receipt images and extract item details using AI
• To facilitate bill splitting, item claiming, and payment tracking between users
• To generate Venmo and Cash App payment request links
• To send push notifications about activity on your tabs and friend requests
• To enable social features such as friend lists and groups
• To analyze app usage and improve features through anonymous analytics

3. How We Share Your Information

We do not sell your personal information. We share information only in the following limited ways:

• With other KoTab users: Your name, username, and profile information are visible to friends and other participants in shared tabs. When you join a tab by scanning a QR code or opening a shared link, your profile information becomes visible to all participants in that tab.
• With service providers: We use Google Firebase for authentication, data storage, and cloud functions. Receipt images are processed by OpenAI's API to extract item details. These providers process data on our behalf under their respective privacy policies.
• As required by law: We may disclose information if required by law, legal process, or government request.

4. Third-Party Services

KoTab uses the following third-party services:

• Google Firebase (authentication, database, file storage, cloud functions, analytics) — Firebase Privacy Policy. We use Google Analytics for Firebase to collect anonymous usage data; no advertising identifiers are collected.
• OpenAI (receipt image processing) — OpenAI Privacy Policy
• Expo (push notifications) — Expo Privacy Policy

When you tap a Venmo or Cash App payment link generated by KoTab, you are redirected to the corresponding app. Venmo's and Cash App's own privacy policies govern any data shared with or collected by them.

5. Data Retention

We retain your account data for as long as your account is active. Tab data is retained to provide a shared record for all participants.

When you delete your account, we immediately delete your profile, username, friend lists, groups, blocked users, and notifications. Tab data you participated in may be retained for other participants' records. Receipt images associated with your tabs will be deleted within 30 days of account deletion.

6. Data Security

We use industry-standard security measures provided by Google Firebase to protect your data, including encrypted connections (HTTPS/TLS) and secure authentication. However, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.

7. Your Rights

You can:

• Access and update your profile information at any time through the Settings screen in the App
• Delete your account and associated data through the Settings screen
• Disable notifications through your device settings

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect and the right to request deletion. To exercise these rights, contact us at contact@kotab.app.

8. Children's Privacy

KoTab is not intended for users under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected information from a user under 18, we will delete that account and its associated data.

9. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the App or by other means. Your continued use of KoTab after changes are posted constitutes your acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or your data, contact us at:

contact@kotab.app