xpensli
Sign in

Gmail & privacy

We only read your receipts. Nothing else.

When you connect Gmail to xpensli, we use a two-step filtering system to find receipt emails. Personal emails, newsletters, social notifications, and anything that isn't a receipt is never opened, read, or stored.

How the filtering works

What happens when an email arrives:

Step 1 — The signal check

Gmail notifies xpensli that a new email has arrived — just a ping, no content. We check the sender's domain and subject line against a list of known receipt patterns. If it doesn't look like it could be a receipt, we stop here. The email is never fetched or read.

Step 2 — The AI receipt check

If an email passes the first check, an AI classifier reads the email to confirm it's actually a receipt — an order confirmation, invoice, subscription charge, or payment confirmation. If it doesn't pass, it's ignored and discarded immediately.

Step 3 — Receipt processing

Only emails that pass both filters are processed by xpensli. The vendor, amount, date, and category are extracted and saved to your account. The raw email content is not stored permanently.

What we access

xpensli reads this

  • Receipt emails
  • Order confirmations
  • Subscription charges

xpensli ignores this · never read

  • Personal emails
  • Newsletters
  • Social notifications
  • Spam
  • Attachments on non-receipts

You're always in control

Disconnect anytime

You can disconnect Gmail at any time from your Settings page. xpensli immediately stops monitoring your inbox. No emails are fetched after disconnection.

Delete your data

You can request deletion of all your receipt data at any time. Visit our data deletion page for instructions.

Review what we've captured

Every email xpensli has processed is visible in your receipt list. You can view, edit, or delete any receipt at any time.

Technical details

xpensli connects to Gmail using the following OAuth scopes:

  • gmail.readonly — read-only access to fetch emails that pass our receipt filters
  • gmail.modify — used only to label processed receipt emails in your inbox (optional feature)

We do not request access to send emails, delete emails, manage contacts, or access Google Drive or other Google services.

Our Gmail integration is reviewed and approved by Google. View our Privacy Policy for complete details on data handling and retention.

Have questions?

If you have any questions about how xpensli handles your Gmail data, we're happy to help. Email us at privacy@xpensli.app or visit our help center.

This page describes xpensli's Gmail data practices as of the date of last update. For complete privacy information, see our Privacy Policy.