Privacy Policy

Invoice Itemizer ("we," "our," or "us") is an AI-powered tool that extracts line item data from invoices. We built this service with privacy as a core principle. This policy explains exactly what happens to your data when you use our service.

We do not collect personal information. You do not need to create an account, provide an email address, or share any personal details to use Invoice Itemizer.

When you upload an invoice, the file is sent to our server for processing. That is the only data we receive from you.

Here is exactly what happens when you upload a file:

1. Your invoice file (PDF or image) is received by our server in memory.
2. If the file is a PDF, it is converted to images in your browser before being sent to our server. The original PDF is never uploaded.
3. The image data is sent to OpenAI's GPT-4o API for line item extraction.
4. OpenAI returns the extracted data as structured text (JSON).
5. We send the structured data back to your browser.
6. The image data is immediately discarded from memory. Nothing is written to any disk, database, or log file.

• We do not store your uploaded files on any server, disk, or cloud storage.
• We do not save the extracted line item data after it is returned to you.
• We do not log the contents of your invoices.
• We do not use your invoice data to train AI models. Our service calls OpenAI's API, and OpenAI does not use API data for training.
• We do not sell, share, or transfer your data to any third party beyond OpenAI for the purpose of extraction.
• We do not use fingerprinting or sell data to advertisers.

We use the following third-party services:

• OpenAI API — to extract line items from your invoice images. OpenAI processes the image data to generate structured output. Per OpenAI's API data usage policy, data submitted through the API is not used to train their models and is retained for up to 30 days for abuse monitoring before being deleted.
• Cloudflare Turnstile — to verify that uploads come from real humans, not bots. Turnstile does not use cookies or track users across sites. It collects minimal interaction data (mouse movements, browser signals) solely to determine if the visitor is human.
• Google Analytics 4 — to understand how visitors use our site (page views, traffic sources, device types). Google Analytics uses cookies to distinguish unique visitors. It does not have access to your invoice data. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

All data transmitted between your browser and our servers is encrypted using HTTPS (TLS). Invoice data exists only in server memory for the few seconds it takes to process your request, then it is discarded.

We do not operate a database. There is no persistent storage of user data in our infrastructure.

Because we do not collect or store personal data, there is nothing to access, correct, or delete. If you have uploaded an invoice, it was already discarded by the time you received your results.

If you have any questions or concerns about this policy, you can reach us at privacy@invoiceitemizer.com.

Invoice Itemizer is a business tool not directed at children under 13. We do not knowingly collect any information from children.

If we make changes to this privacy policy, we will update the "Last updated" date at the top of this page. We encourage you to review this page periodically.