Privacy, plainly.
Medley reads your receipts. That's it. We don't sell, share or resell what's in your trolley.
On this page
The short version
We built Medley because we wanted a way to see what's in our weekly shop without handing the data to anyone. That choice is in the bones of the product.
- Receipt photos & OCR happen on your iPhone, not on our servers.
- Aggregate signals sync via your private iCloud account if you opt in.
- We don't sell or share your data with brands, advertisers, or any third party.
- You can export everything or wipe your account in a single tap.
What we collect
When you create an account we store your email address, the timezone of your device, and your subscription state. When you scan a receipt, the parsed result (date, merchant, line items, prices, signal classifications) is stored on your device. We do not upload receipt photographs to our servers.
If you opt into iCloud sync, the parsed receipt data is encrypted and stored in your private CloudKit container. Apple holds the keys, not us — we can see that you have a sync slot, but not what's in it.
How we use it
We use the minimum information necessary to run your account, deliver the app, and improve the product. We never use your receipt data to train external AI models, to build advertising profiles, or to sell to anyone — including manufacturers, retailers, or market-research firms.
On-device processing
Medley uses Apple's VisionKit for receipt scanning and an on-device language model for line-item classification. Your receipt never leaves your iPhone unless you choose to share it.
For complex receipts that benefit from cloud assistance (very long, multi-page, or non-English merchants), we offer an opt-in cloud parse. When you turn this on, a stripped image is sent over a TLS connection, parsed, and deleted within seconds. We don't keep a copy and we don't tie the parse to your account.
Who we share with
A small number of third parties help us run the product. Each gets the minimum slice of data necessary to do their job:
- Apple — subscriptions (App Store), authentication (Sign in with Apple), iCloud sync.
- Postmark — transactional emails like waitlist confirmations and account notices.
- Plausible — privacy-friendly, cookie-free traffic stats for the website. No personal data leaves the page.
That's the full list. If it ever grows, we'll update this page first.
Cookies & analytics
This website doesn't use cookies for tracking. We use Plausible for aggregate analytics, which is cookie-free and doesn't collect personal data. Inside the app, we use Apple's standard crash-reporting and on-device diagnostics — opt-out in iOS Settings.
Your rights
Depending on where you live, you may have the right to access, correct, delete, restrict, or export your personal data. You can do all of this yourself, directly in the app:
- Export everything — Settings → Data → Export
- Delete everything — Settings → Data → Delete account
- Disable cloud sync — Settings → iCloud
We respond to written requests within 30 days. You may also have the right to contact your local data protection authority.
Contact
Medley is built by a small team in London. The data controller is Medley Software Ltd, registered in England & Wales. Write to us at privacy@medleyfood.com with any question — we read every message.