← Back to home Legal

Privacy Policy

Last updated: April 16, 2026  ·  Effective: April 16, 2026

This Privacy Policy describes how ThriveWorks Media LLC (“TruckBooks,” “we,” “us,” or “our”) collects, uses, and shares information about you when you visit truckbooksapp.com, join our waitlist, or use the TruckBooks mobile application (together, the “Service”).

We built TruckBooks to be private by default. Most of your data stays on your device. This policy explains what leaves it, and why.

1. Information we collect

Information you give us

• Waitlist signup. When you join the waitlist we collect your email address and which form on the page you submitted (e.g. hero vs. final CTA).
• Account information. After launch, when you create an account we collect your email address, a hashed password (or an OAuth token if you use single sign-on), and your chosen display name.
• Expense data. Receipts, amounts, dates, categories, notes, and voice transcripts you record in the app. This data is stored on your device first and synced to our servers only if you enable cloud sync.
• Support correspondence. When you email us at support@truckbooksapp.com, we keep the message and your email address to respond.

Information we collect automatically

• IP address, hashed. When you join the waitlist we compute a one-way hash of your IP combined with the date and a secret salt. We use this hash to rate-limit signups. We do not store your raw IP.
• User-agent string. For the waitlist, we store the browser user-agent so we can debug issues and distinguish real signups from bots.
• Subscription status. If you subscribe to Pro, our payment processor (RevenueCat, via Apple App Store or Google Play) tells us whether your subscription is active. We never see your card number or full payment details.
• Crash and diagnostic data. The app may send anonymized crash reports and performance telemetry. You can disable this in Settings.

Information we do NOT collect

• We do not embed third-party advertising trackers, pixels, or fingerprinting scripts on our website or in the app.
• We do not sell or rent your information to data brokers. Ever.
• We do not access your photo library except when you explicitly attach a receipt photo.

2. How we use information

We use the information we collect to:

• Operate and improve the Service.
• Send you transactional emails: welcome, receipts, password resets, and important account or security notices.
• Send occasional product-update emails if you joined the waitlist. You can unsubscribe from any email with one click.
• Process subscription billing and manage Pro entitlements.
• Provide customer support.
• Detect, prevent, and respond to abuse, fraud, and security incidents.
• Comply with law and legal process.

We do not use your expense data to train machine-learning models, profile you for advertising, or share it with anyone except the limited service providers listed below.

3. Who we share it with

We share the minimum necessary information with a small number of service providers who help us run the Service. Each is bound by a data processing agreement.

• Supabase, Inc. — database hosting and authentication for waitlist and user accounts.
• Resend (Resend, Inc.) — transactional and waitlist email delivery.
• RevenueCat, Inc. — subscription management and receipt validation.
• Apple, Inc. & Google LLC — payment processing for App Store and Play Store billing.
• Cloudflare, Inc. — website hosting, CDN, and DDoS protection.

We may disclose information if required by subpoena, court order, or other valid legal process, or to protect our rights, users, or the public. If legally permitted, we will notify you first.

4. Where your data lives

Our databases and email systems are hosted in the United States. If you use the Service from outside the United States, your information will be transferred to and processed in the United States.

Expense data in the mobile app is stored on your device using encrypted local storage (WatermelonDB + secure storage for credentials). If you enable cloud sync, a copy is replicated to our Supabase database and encrypted at rest.

5. Data retention

• Waitlist emails are kept until you unsubscribe or we launch and you convert to a user account. Unsubscribed rows are retained only to honor your opt-out.
• Account data is retained for as long as your account is active. You can delete your account at any time from Settings; we will delete your personal data within 30 days, except where we must retain it to comply with law.
• Support emails are retained for up to 2 years.
• Aggregated, anonymized analytics (e.g. total active users per month) may be retained indefinitely.

6. Your rights

No matter where you live, you can:

• Ask us what personal data we hold about you.
• Ask us to correct or delete it.
• Export a copy of your data in a portable format.
• Unsubscribe from marketing emails with one click.
• File a complaint with a data-protection authority if you believe we have mishandled your data.

To exercise any of these rights, email support@truckbooksapp.com. We respond within 30 days.

7. California residents (CCPA/CPRA)

If you are a California resident, you have the right to:

• Know what categories and specific pieces of personal information we collect, use, disclose, and sell.
• Request deletion of your personal information.
• Correct inaccurate personal information.
• Opt out of the sale or sharing of personal information. We do not sell or share personal information for cross-context behavioral advertising.
• Limit the use of sensitive personal information. We do not collect or use sensitive personal information for any purpose other than what is strictly necessary to provide the Service.
• Be free from discrimination for exercising your privacy rights.

To submit a verifiable consumer request, email support@truckbooksapp.com with the subject “CCPA Request.”

8. EU/UK residents (GDPR)

If you are in the European Economic Area, the United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR) and the UK GDPR, including the right to access, rectify, erase, restrict processing, object to processing, and data portability.

Our legal bases for processing your data are: (a) performance of the contract under which we provide the Service to you; (b) your consent, which you can withdraw at any time; and (c) our legitimate interests in operating a secure, reliable Service.

Because our servers are in the United States, we rely on the EU-US Data Privacy Framework and Standard Contractual Clauses as the legal basis for international transfers. You can request a copy of the applicable SCCs by emailing us.

9. Children's privacy

TruckBooks is a business tool intended for users 18 years or older. We do not knowingly collect information from children under 16. If we learn we have collected information from a child under 16, we will delete it promptly. If you believe a child has given us information, email support@truckbooksapp.com.

10. Security

We take reasonable measures to protect your information:

• TLS/HTTPS in transit for all network traffic.
• Encryption at rest for databases and backups.
• Row-level security in our database so one user cannot see another user's data.
• Payment details are handled exclusively by Apple, Google, and RevenueCat. We never see or store payment cards.
• Waitlist unsubscribe links are signed with HMAC-SHA256 so they cannot be forged.

No system is 100% secure. If we learn of a breach affecting your personal data, we will notify you without undue delay, as required by applicable law.

11. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email and by posting a notice on the website before the changes take effect. The “Last updated” date at the top of this page shows when the current version took effect.

12. Contact us

Questions, complaints, or requests? Email support@truckbooksapp.com.

ThriveWorks Media LLC
Wyoming, United States