Navigation

Privacy Policy

How Good Til collects, uses, and protects your personal data

1. Overview

ANATECH OÜ (“we”, “us”) operates Good Til, a warranty tracking and receipt management platform. This Privacy Policy explains how we collect, use, and protect your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable Estonian and EU law.

2. Data We Collect

We collect the following data:

  • Account data: Email address and authentication credentials
  • Purchase data: Item names, stores, dates, prices, and warranty information you enter
  • Receipt images: Photos you upload for AI-powered text extraction
  • Warranty & claim data: Warranty periods, claim details, and AI-generated draft letters
  • Usage data: Feature usage patterns and application interactions
  • Server logs: IP address, browser type, and access timestamps (retained for 30 days)

3. How We Use Your Data

Your data is used exclusively to:

  • Provide and maintain the Good Til service
  • Process receipt images using AI to extract purchase details
  • Generate warranty claim draft letters using AI
  • Communicate with you about your account and service updates
  • Improve the service based on aggregated, anonymized usage patterns
  • Comply with legal obligations

We do not sell your data. We do not share your personal data with third parties for marketing purposes.

4. AI Processing

Good Til uses AI services to process receipt images and generate claim draft letters. Receipt images and relevant purchase data are sent to third-party AI providers (such as OpenAI) for processing.

Good Til does not use your data to train AI models. We do not retain your data beyond what is necessary to provide the service. Third-party AI providers process your data according to their own data handling policies, which prohibit using API inputs for model training.

5. Third-Party Services

We use the following third-party processors:

  • Cloud hosting: For infrastructure and data storage
  • AI providers (OpenAI): For receipt text extraction and claim letter generation
  • Email delivery: For transactional emails (account confirmation, notifications)
  • Cloudflare: For CDN, DDoS protection, and security

All processors are bound by data processing agreements and comply with GDPR requirements.

6. Data Retention

Account data is retained for the duration of your account. Purchase and warranty data is retained while your account is active. Receipt images are stored securely and can be deleted at any time. Server logs are retained for 30 days.

Upon account deletion, all personal data is removed within 30 days, except where retention is required by law.

7. Your Rights (GDPR)

Under the GDPR, you have the right to:

  • Access — request a copy of your personal data
  • Rectification — correct inaccurate data
  • Erasure — request deletion of your data
  • Portability — receive your data in a portable format
  • Restriction — limit how we process your data
  • Objection — object to processing based on legitimate interests

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

8. Data Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit (TLS), secure data storage within the European Union, and access controls. However, no system is completely secure, and we cannot guarantee absolute security.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email to registered users. The “Last updated” date at the top of this page reflects the most recent revision.

Contact

For data protection inquiries, contact us at [email protected].

ANATECH OÜ Tallinn, Estonia Registration number: 17248081