Download on the App Store App Store
🔒

Privacy Policy

Last Updated: January 2026

Quick Summary

  • ✓ We track your returns by reading retail emails and checking bank transactions
  • ✓ We use Google (email), TrueLayer (banking), Anthropic (AI), Stripe (payments), and Skimlinks (affiliate links)
  • ✓ You can delete your account anytime and we'll delete your data within 30 days
  • ✓ We encrypt everything and never sell your data

1. Who We Are

REFUNDI is a refund tracking service for UK shoppers. We're registered with the UK Information Commissioner's Office (ICO registration: ZC077467).

Contact: [email protected]

2. What Data We Collect

Account Info

Name, email, password (encrypted)

Emails (via Gmail)

We ONLY read emails from retailers (Amazon, ASOS, etc.) to find return confirmations. We don't read your personal emails.

Bank Transactions (via TrueLayer)

Read-only access to see when refunds arrive. We can't move money or see your full account number.

Payment Info (via Stripe)

We don't store card details - Stripe handles all payments securely.

3. How We Use Your Data

  • Match your returns with bank refunds
  • Send you alerts when refunds arrive (or don't)
  • Show you tracking history in your dashboard
  • Process payments for paid plans
  • Send service updates (you can unsubscribe from marketing)

4. Who We Share With

We never sell your data. We only share with:

Partner What They Do
Google Email access (you authorize via OAuth)
TrueLayer (FCA regulated) Bank account access (Open Banking)
Anthropic AI email parsing (reads retail emails only)
Stripe Payment processing
MongoDB Database (encrypted storage)
Skimlinks Affiliate link monetization

5. Your Rights (GDPR)

Access Your Data

Settings → Export Data

Delete Your Data

Settings → Delete Account (erased in 30 days)

Disconnect Access

Settings → Disconnect Email/Bank anytime

Correct Data

Email [email protected]

6. Security

  • All data encrypted (AES-256 at rest, TLS in transit)
  • We never see your email or bank passwords (OAuth/Open Banking)
  • Regular security updates
  • If there's a breach, we'll tell you within 72 hours

7. How Long We Keep Data

  • Return tracking data: 24 months (for historical view)
  • Account data: Until you delete your account + 30 days
  • Payment records: 7 years (UK tax law)

8. Cookies

We use cookies to keep you logged in and remember your preferences.

  • Essential: Login session, security (can't be disabled)
  • Optional: Analytics (Google Analytics - you can opt out)

Manage in Settings → Privacy → Cookies or see our Cookie Policy

9. International Data Transfers

Some partners (Google, Anthropic, Stripe) are US-based. We use Standard Contractual Clauses (SCCs) approved by the EU to protect your data.

10. Children's Privacy

REFUNDI is for adults 18+. We don't knowingly collect data from children.

11. Changes to This Policy

We'll email you 30 days before any major changes. Continued use means you accept the changes.

12. Questions or Complaints?

Email: [email protected]

We'll respond within: 48 hours

Not happy with our response? Contact the UK Information Commissioner's Office (ICO) at ico.org.uk or call 0303 123 1113

🇬🇧 UK GDPR Compliant | ICO Registration: ZC077467 | This is a beta service - we're a small team doing our best to protect your data. Questions? Just ask.

We use cookies to enhance your experience. By continuing to visit this site you agree to our use of cookies. ss="underline hover:text-white">Learn more