Privacy Policy

Last updated: June 30, 2026

The short version

StatementSheet converts PDF bank and credit-card statements to Excel and CSV. For digital (text-based) PDFs, the entire conversion happens inside your browser. The PDF file and the transactions it contains are never uploaded to our servers. They stay on your device.

What we never receive

Parsing, optical character recognition (OCR) for scanned pages, reconciliation, and file generation all run client-side using technology that executes on your device.

What we do collect

The one optional exception: scanned-image OCR

If a page is a low-quality scanned image that on-device OCR cannot read confidently, signed-in users with credits may opt into an AI vision fallback when that feature is enabled on the deployment. Only in that case is the image of that single page sent to our AI provider to extract its text. The image is processed transiently to return the transactions and is not stored. Digital PDFs never use this path and never leave your device.

Cookies

We use a single first-party, HttpOnly session cookie to keep you signed in. We do not use third-party advertising or cross-site tracking cookies.

Bot protection

We use Cloudflare Turnstile to protect sign-in and conversion endpoints from automated abuse. Turnstile is a privacy-preserving alternative to traditional CAPTCHAs.

Data retention

Account records persist while your account is active. Free-tier usage counters reset on their daily/monthly cycle. You can request deletion of your account and associated data at any time by contacting us.

Your rights

You may request access to, correction of, or deletion of the limited account data we hold. Email us at [email protected] and we'll help.

Contact

Questions about this policy? Reach us at [email protected].