Last updated July 14, 2026
DimeProof Privacy Policy
DimeProof is a personal finance app that helps users compare read-only bank/card transactions with receipt, invoice, refund, statement, and cancellation evidence from connected email accounts.
Information We Collect
We may collect account profile details such as name and email address; read-only bank/card transaction data such as transaction names, merchants, dates, amounts, categories, account masks, and institution names; and read-only email evidence such as provider account email, selected label or folder, message IDs, sender, subject, received date, safe preview text, attachments, extracted receipt fields, sync history, and document records.
How We Use Information
We use data to operate the app, connect accounts at the user's direction, import transactions and receipt evidence, match records by deterministic rules, generate reports, improve reliability, prevent abuse, and respond to support requests. DimeProof does not sell personal financial data.
Plaid
DimeProof uses Plaid Link so users can authorize read-only transaction access. DimeProof does not receive or store bank usernames or passwords. Plaid access tokens are encrypted server-side.
Google and Gmail
DimeProof uses Google Sign-In only for authentication with openid, email, and profile scopes. Gmail scanning is separate and uses gmail.readonly to retrieve receipt and invoice evidence from the label the user selects. Gmail data is used only for user-facing app features such as extraction, matching, reports, and review lists.
DimeProof's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Microsoft and Yahoo Mail
DimeProof uses delegated Microsoft Mail.Read access and Yahoo mail-r access only when users connect those inboxes. The app reads the selected folder for receipt evidence, stores encrypted OAuth tokens, and does not send, delete, move, mark, relabel, or modify email messages.
Retention and Deletion
Users can disconnect integrations and request deletion of imported data. Disconnecting a provider removes stored OAuth credentials; deleting imported data removes imported messages, attachments, linked documents, and regenerated report data where available.
Contact
For privacy questions or data requests, contact support@dimeproof.com.