logo

Privacy Policy

Privacy Policy

Last Updated: 31 May 2026

  • Overview

    • AurithPay ("we", "our", "us") provides a browser extension and web application that helps you identify the best credit card to use at any merchant based on cashback and miles rewards. This policy explains what data we collect across all AurithPay services, how we use it, and your rights.



  • Data We Collect

    • Account information: When you sign in via Google, we receive your name, email address, profile picture, and a unique user ID from Google Firebase Authentication. Your email address is also recorded in our server logs when you make authenticated requests.

    • Credit card details: For each card you add, we store: a card identifier (card key), the last four digits, card provider (e.g. Visa, Mastercard, Amex), expiry date, and last statement date. We do not collect or store full card numbers, CVVs, PINs, or banking credentials.

    • Transaction records: When you log a transaction, we store: merchant name, amount, currency, transaction date and time, transaction type (physical, online, or mobile pay), category, region (local or international), payment network, MCC code, and a name and description you provide.

    • Reward data: We calculate and store cashback, miles, and reward amounts earned per transaction, along with a detailed audit trail of which reward rules were applied. Billing cycle summaries (total spend, miles, cashback per period) are also stored.

    • Website URLs: When you open the extension on a webpage, the current tab's URL is sent to our servers to identify the merchant and determine the appropriate reward category. URLs are used solely to resolve the merchant and are not retained after the request completes.

    • Merchant search queries: When you use the manual merchant lookup, the merchant name and selected currency are sent to our servers. These are not stored against your identity.

    • Local browser storage: The most recent merchant suggestion result is cached locally in your browser. This data does not leave your device except as part of the normal requests described above.

    • Server request logs: Our servers log every incoming request, including: timestamp, HTTP method, request path, and your IP address. These logs are used for debugging and security monitoring.



  • How We Use Your Data

    • Authenticate you and maintain your session

    • Store and display your card portfolio and transaction history

    • Recommend the best card for a given merchant or website

    • Calculate reward and cashback summaries across your billing cycles

    • Debug issues and monitor service health via server logs

    • We do not sell, rent, or share your personal data with third parties for advertising or marketing purposes.



  • Third-Party Services

    • We do not use advertising networks, behavioural analytics platforms, or third-party tracking SDKs.



  • Permissions for Browser Extension Explained

    • activeTab: Read the current tab's URL for automatic merchant detection

    • identity: Sign in users via Google OAuth

    • storage: Cache the last merchant suggestion result locally in the browser

    • Host access (`https://*/*`): Read the URL of any site to identify the merchant and recommend a card



  • Data Retention and Deletion

    • We retain your data for as long as your account is active.

      • Transactions: You may permanently delete any transaction at any time from within the extension or web app. Deletion recomputes affected reward cycle summaries.

      • Cards: Archiving a card with no transactions permanently removes it. Cards with existing transactions are marked inactive but retained to preserve the accuracy of historical reward data.

    • We do not apply automatic data expiration.



  • Children's Privacy

    • AurithPay is not directed at children under 13. We do not knowingly collect data from children.



  • Changes to This Policy

    • We may update this policy from time to time. Material changes will be communicated via the extension, web app, or our website. Continued use after changes constitutes acceptance of the updated policy.



AurithPay

https://www.aurithpay.com

  • Overview

    • AurithPay ("we", "our", "us") provides a browser extension and web application that helps you identify the best credit card to use at any merchant based on cashback and miles rewards. This policy explains what data we collect across all AurithPay services, how we use it, and your rights.



  • Data We Collect

    • Account information: When you sign in via Google, we receive your name, email address, profile picture, and a unique user ID from Google Firebase Authentication. Your email address is also recorded in our server logs when you make authenticated requests.

    • Credit card details: For each card you add, we store: a card identifier (card key), the last four digits, card provider (e.g. Visa, Mastercard, Amex), expiry date, and last statement date. We do not collect or store full card numbers, CVVs, PINs, or banking credentials.

    • Transaction records: When you log a transaction, we store: merchant name, amount, currency, transaction date and time, transaction type (physical, online, or mobile pay), category, region (local or international), payment network, MCC code, and a name and description you provide.

    • Reward data: We calculate and store cashback, miles, and reward amounts earned per transaction, along with a detailed audit trail of which reward rules were applied. Billing cycle summaries (total spend, miles, cashback per period) are also stored.

    • Website URLs: When you open the extension on a webpage, the current tab's URL is sent to our servers to identify the merchant and determine the appropriate reward category. URLs are used solely to resolve the merchant and are not retained after the request completes.

    • Merchant search queries: When you use the manual merchant lookup, the merchant name and selected currency are sent to our servers. These are not stored against your identity.

    • Local browser storage: The most recent merchant suggestion result is cached locally in your browser. This data does not leave your device except as part of the normal requests described above.

    • Server request logs: Our servers log every incoming request, including: timestamp, HTTP method, request path, and your IP address. These logs are used for debugging and security monitoring.



  • How We Use Your Data

    • Authenticate you and maintain your session

    • Store and display your card portfolio and transaction history

    • Recommend the best card for a given merchant or website

    • Calculate reward and cashback summaries across your billing cycles

    • Debug issues and monitor service health via server logs

    • We do not sell, rent, or share your personal data with third parties for advertising or marketing purposes.



  • Third-Party Services

    • We do not use advertising networks, behavioural analytics platforms, or third-party tracking SDKs.



  • Permissions for Browser Extension Explained

    • activeTab: Read the current tab's URL for automatic merchant detection

    • identity: Sign in users via Google OAuth

    • storage: Cache the last merchant suggestion result locally in the browser

    • Host access (`https://*/*`): Read the URL of any site to identify the merchant and recommend a card



  • Data Retention and Deletion

    • We retain your data for as long as your account is active.

      • Transactions: You may permanently delete any transaction at any time from within the extension or web app. Deletion recomputes affected reward cycle summaries.

      • Cards: Archiving a card with no transactions permanently removes it. Cards with existing transactions are marked inactive but retained to preserve the accuracy of historical reward data.

    • We do not apply automatic data expiration.



  • Children's Privacy

    • AurithPay is not directed at children under 13. We do not knowingly collect data from children.



  • Changes to This Policy

    • We may update this policy from time to time. Material changes will be communicated via the extension, web app, or our website. Continued use after changes constitutes acceptance of the updated policy.



AurithPay

https://www.aurithpay.com