Last updated: September 22, 2025
Data Storage and Access
HSA Stasher is designed with privacy as a core principle:
- Your Data Stays in Your Drive: All receipts and documents are stored directly in your personal Google Drive account
- Minimal Access: We only use the minimum required Google Drive permissions (drive.file scope)
- Limited Scope: We can only access and manage files that our application creates - we cannot see your other Google Drive files
- No Data Collection: We do not collect, store, or analyze your personal data on our servers
Google Drive Permissions
HSA Stasher requests these minimal permissions:
- openid: To identify your Google account
- email: To display your account information
- drive.file: To create and manage only the files that HSA Stasher creates
These permissions ensure we only have access to files we create for you, maintaining the privacy of your existing Google Drive content.
Google API Limited Use
HSA Stasher's use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Data Sharing
We do not share your data with third parties:
- Your receipts and documents remain private in your Google Drive
- We do not sell, rent, or share your personal information
- We do not analyze your receipt content for marketing purposes
- We do not have access to your other Google Drive files
Children's Privacy
HSA Stasher is not directed to children under 13 years of age. If you believe that we have inadvertently collected personal information from a child under 13, please contact us at support@bankaibyte.com and we will take steps to remove such data.
Data Deletion
You maintain full control over your data:
- Disconnect App: Revoke HSA Stasher's access through your Google Account settings by going to Google Account → Security → Third-party access
- Delete Files: Remove any HSA Stasher folders and files from your Google Drive
- Complete Control: Since files are in your Google Drive, you can delete them at any time
Security
We implement industry-standard security measures:
- Secure OAuth 2.0 authentication with Google
- HTTPS encryption for all data transmission
- No storage of your data on our servers
- Minimal permission requests to reduce security surface
Contact Us
If you have questions about this Privacy Policy or how we handle your data, please contact us at:
Email: support@bankaibyte.com
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.