Privacy Policy

Last updated: July 2026

1. Information we collect

When you create an account, we collect your name, email address, and profession. When you use Remit, we store the practice details, pay rules, pay periods, payment records, and expenses you enter. We do not collect information you have not explicitly provided.

2. How we use your information

We use your data to:

  • Provide the Remit service — calculating pay, generating reports, and tracking outstanding balances.
  • Send transactional emails — password resets, monthly digest summaries, and discrepancy alerts you have opted into.
  • Improve the product — aggregated, anonymised usage patterns help us prioritise features. We never sell individual data.

3. AI features

Remit uses Anthropic's Claude API to parse production reports, contracts, and answer questions about your data. When you use an AI feature, the relevant data (e.g. a PDF you upload or numbers from your pay periods) is sent to Anthropic for processing. Anthropic does not use your data to train models. See Anthropic's privacy policy for details.

4. Data storage and security

Your data is stored in a PostgreSQL database hosted by Neon (neon.tech) in the US. The connection is encrypted in transit (TLS). Passwords are hashed using bcrypt and never stored in plain text. We use HTTPS everywhere.

5. Third-party services

  • Neon — database hosting
  • Vercel — application hosting and analytics
  • Anthropic — AI features (Claude API)
  • Resend — transactional email delivery
  • Stripe — payment processing (we never see your full card number)

6. Your rights

You can export your data, update your profile, or delete your account at any time from the Settings page. When you delete your account, all your data is permanently removed within 30 days.

7. Cookies and local storage

Remit uses cookies and browser local storage in two ways:

  • Essential (always on). A session cookie set by our authentication system (Better-Auth) keeps you signed in. A CSRF token cookie protects sign-in and account actions from cross-site attacks. Stripe sets cookies during checkout to process your payment securely. These are required for Remit to work and cannot be turned off.
  • Analytics (opt-in).If you accept analytics cookies, Vercel Analytics collects anonymised page-view and device data (browser type, screen size, referrer) so we can see which pages are used and where users get stuck. No personally identifying information is collected. You can decline these on your first visit or change your choice at any time using the “Cookie settings” link in the site footer.

We also use browser local storage to remember small UI preferences (e.g. which pay-tracker filters you had open, your PDF-export layout choice, your cookie consent). Local storage data stays on your device — it is never sent to our servers.

We do not use advertising, marketing, or cross-site tracking cookies, and we do not share your data with advertising networks.

8. Changes to this policy

We may update this policy from time to time. If we make significant changes, we'll notify you by email.

9. Privacy Officer & contact

Remit has designated a Privacy Officer responsible for compliance with this policy and applicable privacy law (including PIPEDA and provincial privacy statutes). You can reach our Privacy Officer directly with any question, complaint, access request, correction request, or request to withdraw consent:

We will respond to privacy requests within 30 days. If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner of Canada (priv.gc.ca) or your provincial privacy commissioner. For general product questions, email info@get-remit.com.

10. Data breach notification

In the event of a data breach that creates a real risk of significant harm to affected individuals, we will notify affected users and the appropriate privacy regulator without unreasonable delay, as required by PIPEDA and applicable provincial law.