How Billy handles your data.
Effective 16 May 2026 · Billy SRL · contact@billy.rocks · Governed by Romania law
We collect as little as possible. Most people use Billy with no account — we only see standard browser data and the photos you choose to scan. No third-party analytics, ad pixels, or cross-site trackers, ever.
Photos of menus and bills are sent to our AI provider to be read, then deleted — Billy does not keep your images.
If you grant location, your coordinates go to a maps & places provider to identify the restaurant. We do not store raw coordinates — only the resulting place identifier.
If you sign in, we store your email and the trips, bills, and reviews you create. We also keep minimal, short-lived anonymous server logs to keep Billy running.
Contract necessity for the core service (reading menus, splitting bills, account sync, the sign-in email you asked for); your consent for processing scanned photos and location; legitimate interest for the minimal anonymous logs that keep the service running and prevent abuse.
A small set of processors get only the minimum needed: an AI provider (to read your menu/bill photos), a maps & places provider (to resolve a restaurant from your location), our cloud host, and content-delivery and real-time-sync providers (for shared events).
Sign-in and notification emails are sent from our own self-hosted mail server — no third-party email provider receives your address. Exchange rates for settlement are fetched server-side from a public reference source and carry no personal data. The current list of named sub-processors is available on request.
Scan photos: deleted right after AI processing. Anonymous logs: kept up to 30 days, then gone. Account data: kept while active; on deletion, marked immediately and permanently erased after a 30-day grace.
You can access, correct, delete, restrict, port, or object to processing, and withdraw consent. Delete your account any time from settings. Contact details and the data-protection-authority complaint route are in the full text.
This Privacy Policy is published in English. Where we provide a summary or translation in another language, it is for convenience only; the English version is the authoritative version and controls in the event of conflict, except where a translated version is required by law and controls under that law.