Legal
We built APODIX with privacy as a default, not an afterthought. This policy explains exactly what we collect, why, and how.
Last updated: March 18, 2026
APODIX is an iOS application developed and operated by Luxe Security. Our contact email is [email protected].
APODIX does not require you to create an account or provide an email address. The app uses a silent device-based authentication system: a random UUID is generated on first launch, stored in your device Keychain, and used to identify your subscription status. This UUID is not linked to any personal identity.
Free tier (on-device OCR): Receipt images and all extracted data are processed and stored locally on your device using Apple's CoreData framework. Nothing is transmitted to our servers.
Paid AI tier: When you scan using the AI engine, Apple Vision first extracts the text from your receipt image on-device. Only this extracted text not the receipt image is transmitted over HTTPS to LLM, where it is processed to identify merchant name, date, amounts, and category. The text is not stored on our server after the response is returned to your device.
All payment processing is handled by Apple through In-App Purchases. We never see or store your credit card details. We receive a subscription status indicator from Apple (active/inactive, plan tier) to enable or disable AI scanning features. We do not receive your Apple ID or billing address.
Our server logs standard request metadata for security and debugging: device type, app version, request timestamp, and whether a request succeeded or failed. These logs do not contain receipt content. Logs are retained for 30 days and then deleted.
We do not use your information for advertising, profiling, or any purpose beyond operating the app.
Paid AI scanning routes extracted receipt text to a AI API. The provider's data usage policy states that API inputs and outputs are not used to train their models by default. We recommend reviewing their policy for details.
The app uses Apple's VisionKit, CoreData, StoreKit, and App Store infrastructure. Apple's privacy policy governs data handled by these frameworks.
Our API server runs on Railway. Server infrastructure is hosted in the United States. No receipt content is stored on Railway infrastructure only transient request processing.
Your receipt images and extracted data are stored on your iPhone using Apple's CoreData. We do not operate a cloud backup of your receipts. If you delete the app, all locally stored data is removed.
Deleted receipts within the app are moved to a "Deleted Items" folder and retained for your chosen period (1 week or 1 month) before permanent removal this is a local, on-device retention only.
Your device UUID is stored in the iOS Keychain (encrypted at rest). All communication between the app and our server uses HTTPS/TLS. We do not store receipt content on our servers. The combination of on-device storage and minimal server-side processing significantly reduces the attack surface compared to cloud-first receipt apps.
Because your receipt data is stored locally on your device, you have full control over it at all times:
If you have questions about data held server-side (request logs, subscription records), contact us at [email protected] and we will respond within 30 days.
APODIX is not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, contact us at [email protected].
We may update this Privacy Policy from time to time. Significant changes will be noted in the app's update release notes. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of APODIX after changes constitutes acceptance of the updated policy.
Privacy questions, data requests, or concerns: [email protected]
By downloading and using APODIX, you agree to the following terms.
APODIX is intended for personal and business receipt tracking. You agree not to use the app to process documents you do not own or have permission to scan, attempt to reverse-engineer or circumvent subscription enforcement, or use the AI scanning feature to process content unrelated to receipts in volume.
APODIX uses AI and OCR technology which, while accurate, is not infallible. You are responsible for reviewing extracted data before saving, and for the accuracy of any financial records or tax submissions you create based on APODIX exports. We are not liable for errors in AI-extracted data.
Subscriptions are processed through Apple's In-App Purchase system. Refund requests must be made through Apple. We do not control the refund process.
AI scanning requires an internet connection and depends on our server and OpenAI's API being available. We aim for high availability but do not guarantee uninterrupted service. On-device (free tier) scanning has no such dependency.
We may modify, suspend, or discontinue features of APODIX with reasonable notice. If we discontinue the AI scanning service, we will notify users and provide a reasonable transition period.
These terms are governed by the laws of Canada. Disputes will be resolved in Canadian courts.
Questions about these terms: [email protected]