Receiz / Privacy Policy
Back home

Trust baseline

Privacy Policy

Data handling baseline with lawful basis mapping, rights workflow, retention controls, and transfer safeguards.

Effective: March 8, 2026Trust Center
Minimal collectionNo data saleRights workflow

Collection Model

Least Needed

Core verification flows are available without mandatory account identity.

Response Timing

30 Days

Verified privacy-rights requests target initial response within 30 days.

Subprocessor Notice

15 Days Target

Material additions target publication at least 15 days before effective date, except emergency/legal changes.

01

What We Collect

A) Operational data (service security and reliability)

Like most internet services, basic operational logs may be generated by hosting providers and infrastructure vendors to keep the service running and secure. These logs may include request timestamps, routes, response codes, device/browser metadata, IP address, and latency/security signals.

These logs are used for abuse prevention, service reliability, and incident response. They are not used to sell personal data or create cross-site advertising profiles.

B) Account data (when you choose to sign in)

If you sign in for plan features, we may process:

  • email address and authentication identifiers;
  • plan status, billing state, and related operational metadata;
  • records required to render your saved receiz views (for example timestamp, code, verification URL).

C) Support communications

If you contact support, we process the content you submit and associated communication metadata to respond and resolve service issues.

02

Lawful Basis for Processing

Where applicable law requires legal-basis mapping, Receiz relies on one or more of the following:

  • Contract performance: to provide requested services, account access, billing, and support.
  • Legitimate interests: to secure, monitor, and improve service reliability and abuse prevention.
  • Legal obligation: to satisfy legal process, compliance, tax, accounting, and regulatory duties.
  • Consent: where optional processing requires consent under applicable law.
03

Sharing and Disclosure

Receiz does not sell personal data.

Receiz may share limited data with service providers that support hosting, storage, email delivery, payments, and operational reliability. Providers process data for contracted service purposes only.

Current subprocessors and change history are published at /legal/subprocessors.

Receiz may disclose information where required to comply with law, respond to lawful requests, protect service security, or prevent harm.

04

Subprocessor Change Notice

Material subprocessor additions are published on the canonical subprocessor page with scope details and effective date.

  • Standard notice target: at least 15 days before effective date for material additions.
  • Emergency or legal-compliance changes may be posted with shorter notice where required.
  • Questions may be submitted to support@receiz.com with subject Subprocessor Review.
05

Data Retention Schedule

Data TypeTypical RetentionPurpose
Security and operational logsUp to 12 monthsAbuse prevention, security, and reliability investigations
Account profile and authentication dataWhile account remains active; deletion workflow on verified requestIdentity, access continuity, and security
Billing and transaction recordsUp to 7 years where legally requiredAccounting, tax, legal, and audit obligations
Support communicationsUp to 24 months after closureIssue resolution, service quality, and legal defensibility
06

Data Subject Rights and Response Timing

Subject to applicable law, you may request access, correction, deletion, restriction, portability, or objection related to personal data handled by Receiz.

  • Submit requests to support@receiz.com with subject Privacy Review.
  • Receiz verifies requestor identity before processing rights requests.
  • Receiz targets initial response within 30 days, or earlier where required by law.
07

Cross-Border Transfers

Where personal data is transferred internationally, Receiz applies legally recognized transfer mechanisms and contractual safeguards appropriate to applicable law, including SCC- and UK-transfer-compatible mechanisms where required.

08

Cookies and Similar Technologies

Receiz uses necessary cookies and similar technologies for session security, sign-in continuity, fraud prevention, and core service operation.

Receiz does not deploy third-party behavioral advertising trackers on canonical service routes.

Browser controls may block non-essential storage features, but doing so can affect account continuity and session behavior.

09

Children’s Data

Receiz is not directed to children under applicable digital consent age. If Receiz learns personal data from a child was submitted without appropriate authorization, Receiz will take steps to delete it in accordance with applicable law.

10

Security

Receiz applies technical and organizational measures designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. No system can be guaranteed perfectly secure, and users remain responsible for safeguarding shared links and distributed artifacts.

11

Changes to This Policy

Receiz may update this Privacy Policy to reflect security improvements, legal requirements, or product changes. Material privacy changes are posted on this route with an updated effective date and, where commercially reasonable, advance notice through account or support channels.

12

Contact

Questions: support@receiz.com

For institutions, including risk, compliance, and audits, include Privacy Review in the subject line.