Privacy Policy
Last updated: February 2026
At Marki ("we", "our", or "us"), we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal information when you use our mobile application and related services.
1. Information We Collect
Account Information
When you sign in with Google, we receive your email address, first and last name, and profile picture. We also collect your shopping frequency preference during onboarding.
Receipt and Purchase Data
When you scan a receipt, we collect the photo of the receipt, extracted product information (name, brand, size, quantity, price, discounts), supermarket name, purchase date, and total amount. Receipt images are stored securely in cloud storage.
Household Data
If you create or join a household, we collect the household name, country, and member information (name, email, profile picture) of participating members.
Shopping Lists and Budgets
We collect shopping list items you create, including which member added or purchased each item, as well as monthly budget settings.
Voice Data
When you use the voice add feature, audio recordings are sent to our servers for transcription using a third-party AI service (OpenAI Whisper). Audio files are processed in real time and are not stored after the transcription is complete. Only the resulting text and extracted item information are retained.
Device Information
We may collect crash data to improve app stability. This data is not linked to your personal identity.
2. How We Use Your Information
We use your information to:
- •Provide and maintain the Marki service
- •Process and extract data from your receipt photos using optical character recognition (OCR) and artificial intelligence
- •Generate spending analytics, statistics, and category breakdowns
- •Enable household sharing features so members can collaborate on shopping lists and track expenses together
- •Send you a welcome email upon registration
- •Improve app performance and fix bugs
3. Third-Party Services
To provide our services, your data is processed by the following third-party providers:
- •Google Sign-In and Firebase: for user authentication and identity verification
- •Google Cloud Vision: to extract text from receipt images via OCR
- •OpenAI: to structure and categorize the extracted receipt text into products, prices, and categories
- •Cloud storage provider (S3-compatible): to securely store receipt images
- •SMTP email provider: to send transactional emails (welcome email)
- •PostHog (product analytics): to analyze application usage and improve user experience. Data collected includes app interactions (screens visited, features used) and does not include financial or personally identifiable data
We do not sell, rent, or share your personal data with third parties for advertising or marketing purposes.
4. Data Security
We implement industry-standard security measures to protect your data:
- •All communications between the app and our servers are encrypted using HTTPS
- •Authentication tokens expire after short periods and are automatically refreshed
- •Receipt image access is protected with time-limited signed URLs
- •API access is rate-limited to prevent abuse
- •Household data is strictly isolated — members can only access their own household's data
5. Data Retention
Your purchase history and receipt data are retained for as long as your account is active to provide spending analytics and historical insights. If you delete your account, your profile is deactivated and your authentication tokens are revoked. Receipt and purchase data associated with your household may be retained for other household members.
6. Your Rights
You have the right to:
- •Delete your account at any time from within the app
- •Delete individual receipts and their associated data
- •Leave a shared household at any time
- •Request information about the data we hold about you by contacting us
- •Request a copy of your personal data (right of access)
- •Correct inaccurate data (right of rectification)
- •Receive your data in a structured, portable format (right of portability)
- •Object to the processing of your data (right to object)
- •File a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es
7. Device Permissions
Marki requests the following device permissions:
- •Camera: to scan receipts by taking photos. This permission is optional — you can also upload photos from your gallery.
- •Photo Library: to select existing receipt photos from your device. This permission is optional.
- •Internet: required for communication with our servers and data synchronization.
- •Microphone: to add items to your shopping list by voice. Audio recordings are sent to our servers for transcription and are not stored after processing. This permission is optional.
8. Legal Basis for Processing
We process your personal data based on the following GDPR legal bases:
- •Performance of contract (Art. 6.1.b GDPR): to provide you with the Marki service, including receipt scanning, spending analytics, and shared household features
- •Consent (Art. 6.1.a GDPR): for sending communications and the use of product analytics (PostHog)
- •Legitimate interest (Art. 6.1.f GDPR): to improve the service, ensure security, and prevent fraud
9. Children's Privacy
Marki is not intended for use by anyone under the age of 16, in compliance with the General Data Protection Regulation (GDPR) and the Spanish LOPDGDD. We do not knowingly collect personal information from anyone under 16. If you believe a minor has provided us with personal data, please contact us so we can delete it.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the updated policy within the app or on our website. Your continued use of Marki after changes are posted constitutes acceptance of the updated policy.
11. Contact Us
If you have questions or concerns about this Privacy Policy or your data, please contact us at:
Marki
marki@jmgd.dev