Last updated: April 6, 2026
Kitchen Porter Costing ("KPC", "we", "us") is a food cost tracking platform operated as a Canadian business. This policy explains what personal and business information we collect, why we collect it, and your rights under the Personal Information Protection and Electronic Documents Act (PIPEDA), Quebec's Act Respecting the Protection of Personal Information in the Private Sector (Law 25), and — for users in the European Economic Area — the General Data Protection Regulation (GDPR).
Questions or requests can be directed to our Privacy Officer at [email protected].
We collect only what is necessary to operate the service:
| Account information | Your name (inferred from email), email address, and company name provided at registration. |
| Invoice files | PDF and image files you upload containing supplier invoices. These may include vendor names, pricing, and product descriptions. |
| Extracted invoice data | Structured line-item data (item name, quantity, unit price) extracted from your invoices and stored to power cost tracking. |
| Usage data | Basic server logs (IP address, timestamps, HTTP status codes) retained for security monitoring. We do not use third-party analytics trackers. |
| Billing information | If you subscribe to a paid plan, payment details are handled directly by Stripe. We never see or store your full card number. |
We do not collect sensitive personal information as defined under Law 25 (health data, biometrics, etc.).
| Providing the service | Account info and invoice data are required to operate the platform you signed up for. Without them the service cannot function. GDPR basis: Art. 6(1)(b) — performance of a contract. |
| AI invoice extraction | Invoice files are processed by an AI model to extract structured data. You consent to this at registration. See section 4 for details on the third-party processor used. GDPR basis: Art. 6(1)(a) — consent. |
| Security | Logs and rate-limiting data are retained to detect and prevent unauthorized access. GDPR basis: Art. 6(1)(f) — legitimate interests. |
| Billing | Payment processing data is used to manage your subscription. GDPR basis: Art. 6(1)(b) — contractual necessity. |
| Email notifications | We send transactional emails (account verification, price alerts you configure). No marketing emails are sent without separate consent. GDPR basis: Art. 6(1)(b) — contractual necessity; Art. 6(1)(a) — consent for optional alerts. |
We share data with the following sub-processors. Each is bound by a data processing agreement and is required to protect your information to a standard comparable to Canadian law. Because these processors operate infrastructure outside Canada, transfers are made on the basis of contractual safeguards (Standard Contractual Clauses for EU users where applicable).
| Anthropic (USA) | Your uploaded invoice files are sent to Anthropic's Claude API to extract line-item data. Invoice content may temporarily reside on Anthropic's US servers during processing. Anthropic does not use your data to train models under their commercial API terms. See: anthropic.com/legal/privacy |
| Resend (USA) | Transactional emails (verification links, notifications) are delivered via Resend. Your email address is shared for this purpose only. |
| Stripe (USA) | Payment processing for Pro subscriptions. Stripe handles PCI-DSS compliance independently. Your invoice content is never shared with Stripe. |
| DigitalOcean (Canada — Toronto, ON) | Our servers and database run on DigitalOcean infrastructure in the Toronto, Ontario region. Your data at rest is stored in Canada. |
We do not sell, rent, or share your data with any other third party for marketing, advertising, or analytics purposes.
KPC processes supplier names and related data solely as part of Customer-provided content, including invoices and manually entered information.
Supplier-related data is not obtained from, provided by, or verified against any third-party supplier.
KPC does not establish or maintain any direct relationship with third-party suppliers through the processing of such data.
Supplier names are processed strictly to enable categorization, analytics, and reporting within the Service.
All data at rest is stored on DigitalOcean infrastructure located in Toronto, Ontario, Canada. Invoice files are stored in encrypted object storage. Passwords are hashed using bcrypt and are never stored in plain text. Access tokens are short-lived and stored in HTTP-only cookies to prevent client-side access. We enforce brute-force lockout, rate limiting, and token versioning to protect your account.
No system is perfectly secure. In the event of a breach that creates a real risk of significant harm we will notify the Office of the Privacy Commissioner of Canada and affected individuals as required under PIPEDA.
Your data is retained for as long as your account is active. When you delete your account, all personal information and business data associated with your account (invoices, extracted line items, recipes, vendors, price history) is permanently deleted within 30 days. Anonymized aggregate statistics (e.g. total invoice count across all users for internal reporting) may be retained.
Invoice image retention: If enabled for your company, invoice images (PDFs and photos) uploaded to KPC are stored for up to 30 days from the date of upload for processing and verification purposes, after which they are automatically deleted. You can opt out at sign-up or later in Settings. Invoice data extracted from those images — line items, prices, vendor names, dates — is retained for the life of your account and is not affected by the image deletion.
Server access logs are retained for 90 days for security purposes and then deleted.
KPC stores all data at rest in Canada (DigitalOcean Toronto). Canada holds an EU adequacy decision under GDPR for organizations subject to PIPEDA, meaning personal data transferred from the EEA to KPC does not require Standard Contractual Clauses for the Canada-to-Canada leg. Sub-processors located in the USA (Anthropic, Resend, Stripe) are covered by Standard Contractual Clauses in our agreements with them.
If you would like a copy of the relevant transfer safeguards, email [email protected].
Under PIPEDA, Quebec Law 25, and — for EEA residents — GDPR, you have the right to:
To exercise any right, email [email protected]. We will respond within 30 days (or within 72 hours for breach notifications as required under GDPR Art. 33).
We use a single HTTP-only session cookie (access_token) to keep you logged in. This cookie is strictly necessary for the service to function and does not track you across other websites. We do not use advertising cookies, third-party tracking pixels, or analytics cookies.
We will notify active users by email before making material changes to this policy. The "last updated" date at the top of this page will always reflect the current version.