PricingFAQ
Sign InGet Started

Privacy Policy

Last updated: 2026-05-14

Otto is a tool that automatically detects your recurring subscriptions by reading the receipts and notices in your email inbox. This policy explains what data we collect, how we use it, who we share it with, and what rights you have over it. Questions go to support@ottopocket.com.

1. Who we are

Otto (operado por Facundo Destefano hasta constituir entidad legal definitiva). The service is accessible at https://ottopocket.com.

2. What data we collect

2.1. Account data

When you sign in with Google we receive your name,email address and profile picture. Google provides these directly and we use them to identify you within Otto.

2.2. Gmail data (with your explicit consent)

With your explicit consent (Google's OAuth flow), Otto accesses your Gmail inbox in read-only mode (scope https://www.googleapis.com/auth/gmail.readonly) to detect subscription-related emails — receipts, invoices, auto-debit notices and renewal notifications.

Minimum retention principle (important): your email content crosses our servers only during analysis, in memory. It is NOT saved to disk, NOT written to the database, NOT logged. Once we've extracted the structured subscription information, the original content is discarded.

What we do store, per detected subscription:

  • Service name (e.g. "Spotify")
  • Charge amount, currency, and billing cycle
  • Renewal and last-charge dates
  • Merchant domain (e.g. spotify.com)
  • A short AI-generated description (1–3 sentences)
  • The source email's identifier (opaque Gmail message ID, useless outside your account)
  • Only for pending subscriptions awaiting your confirmation: the email subject truncated to 80 characters — needed so you can decide whether to accept or reject it

What we never store:

  • The full email body
  • Email headers (beyond the truncated subject on pending entries)
  • PDF attachments or their extracted text
  • The email addresses of your contacts
  • Any email unrelated to a subscription

2.3. Operational data

We log minimal operational metrics — when you ran a sync, how many emails we scanned, how many subscriptions we found — to keep the service running and surface stats in your dashboard.

3. Compliance with Google's policy

Otto's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

  • Otto does not use Gmail data to train general AI models. We use it only for the detection feature you signed up for.
  • Otto does not transfer your data to third parties, except subprocessors strictly necessary for the service to operate (see section 5).
  • Otto does not sell your data and does not use it for advertising.
  • Otto does not allow human beings to read your emails. Processing is automated.

4. How we use the data

  • Detect recurring subscriptions in your inbox.
  • Show you the dashboard with aggregated information (monthly totals, upcoming renewals, category breakdown).
  • Allow you to add manual context to any subscription.
  • Notify you about app operations (sync errors, important service changes).
  • Improve Otto's detection accuracy using anonymized metadata — never the contents of your emails.

5. Subprocessors

Otto uses the following external providers. All are under a Data Processing Agreement (DPA):

  • Vercel Inc. (United States) — application hosting. Processes HTTP requests but does not store your personal data.
  • Google Firebase (United States) — authentication and database. Stores your account and detected subscriptions.
  • DeepSeek (Hangzhou Deep-Search Technology) — AI model that processes each email to extract subscription information. Receives only the content relevant to the analysis, during processing.

We do not share data with advertisers, data brokers, or third parties for commercial purposes.

6. How long we keep the data

  • While your account is active: detected subscription data is retained so you can view it on the dashboard.
  • When you delete your account: we delete all your data within 30 days. Backups are overwritten within 90 days.
  • Operational logs: 90 days from creation.

7. Your rights

Regardless of where you are located, you have the following rights over your data:

  • Access: see all your data on the dashboard.
  • Deletion: delete your account and all associated data from this page or from Settings → Account.
  • Permission revocation: disconnect your Gmail account at any time from Settings, or from your Google account at myaccount.google.com/permissions.
  • Portability: export your data in JSON format from Settings → Account.
  • Correction: edit any subscription's data from the dashboard.

If you are an EU resident, you also have rights under GDPR. If you are an Argentine resident, under Ley 25.326. If you are a Brazilian resident, under LGPD. We apply the protections of whichever legislation applies to you.

8. Security

Otto encrypts data in transit (TLS 1.2+) and at rest. Application secrets are managed via encrypted environment variables. Access to production systems is limited to authorized personnel with mandatory two-factor authentication.

Despite these measures, no online service is 100% secure. If we detect unauthorized access to your data, we will notify you by email within 72 hours and report to the relevant authorities.

9. Minors

Otto is not directed to users under 18. We do not knowingly collect data from minors. If we discover we have collected data from a minor without their guardian's consent, we will delete it.

10. Changes to this policy

If we modify this policy, we will notify you by email and publish the updated version here with the new "last updated" date. Continued use of Otto after notification means acceptance of the changes.

11. Contact

For any questions, complaints, or to exercise your rights, write us at support@ottopocket.com.