SUNDRY
← Back Terms

Privacy Policy

Effective date: July 5, 2026

1. Introduction

Sundry ("the app", "we", "us") is a back-office tool for solo operators and small businesses, operated by Samderlust Consulting. This policy explains what information we collect, how we use it, and your rights over it.

By using Sundry, you agree to this policy. If you do not agree, do not use the app.

2. Information We Collect

Account information: Your email address, collected when you sign in via Google Sign-In, Apple Sign-In, or email magic link.

Business data: Business names, client names and contact details, invoice content, and expense categories that you enter into the app.

Receipt images: Photos or scanned images of receipts that you upload. These are stored in private, access-controlled storage buckets.

AI-parsed metadata: When you use receipt scanning, image content is sent to an AI provider (Anthropic Claude or Google Gemini, depending on availability) to extract merchant name, amount, and date. The AI provider processes this data per their own privacy policies and does not retain your data beyond the API call.

Usage data: Basic crash reports and error logs generated by the Supabase backend. We do not use third-party analytics SDKs.

3. Google Drive (Optional)

Sundry offers an optional feature to store receipts in your Google Drive. This feature is disabled by default and must be explicitly enabled per business.

  • We request only the drive.file scope — the app can only see and manage files it creates in your Drive. It cannot access any other Drive content.
  • You can revoke Drive access at any time via Google Account Permissions or from within the app.

4. How We Use Your Information

  • To provide the core service: storing, displaying, and syncing your business data across your devices
  • To generate invoices, expense reports, and tax summaries that you request
  • To send transactional emails (invoice delivery) on your behalf to your clients
  • To identify and fix errors in the app

We do not use your data for advertising. We do not sell your data to any third party.

5. Data Storage and Security

Your data is stored in Supabase, a managed cloud platform hosted on AWS. Row-level security (RLS) policies ensure that only you can access your own data. Receipt images are stored in private storage buckets accessible only to your account.

All data is transmitted over HTTPS. We do not store passwords — authentication is handled by Google, Apple, or Supabase's magic-link email flow.

6. Sub-processors

We rely on the following third-party services to operate Sundry:

  • Supabase — database, file storage, and authentication
  • Google — Google Sign-In authentication; optional Google Drive storage
  • Apple — Apple Sign-In authentication (iOS)
  • Anthropic — AI receipt parsing (Claude API); images processed per Anthropic's privacy policy and not retained beyond the API call
  • Google AI — AI receipt parsing (Gemini API); images processed per Google's privacy policy and not retained beyond the API call

7. Retention and Deletion

Your data is retained for as long as your account is active. If you delete your account, all associated data — including business records, receipts, and invoice history — will be permanently deleted within 30 days.

To delete your account, contact us at samderlust@gmail.com.

8. Your Rights

You have the right to access, correct, or delete your personal data. You can manage most data directly in the app. For account deletion or data export requests, email samderlust@gmail.com.

9. Children's Privacy

Sundry is not directed at children under 13. We do not knowingly collect personal information from children under 13.

10. Changes to This Policy

We may update this policy from time to time. Material changes will be notified via the app. Continued use after changes constitutes acceptance of the updated policy.

11. Contact

Questions about this policy: samderlust@gmail.com

Sundry Terms of Service Samderlust

© 2026 Samderlust Consulting. All rights reserved.