Skip to main content
← Back to InvGress AI

Privacy Policy

Last updated: April 22, 2025

1. Overview

InvGress AI ("we", "our", or "the Service") is an AI-powered invoice and financial document processing platform. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data when you use our service at invgressai.vercel.app.

2. Data We Collect

  • Account data: Name and email address via Clerk authentication.
  • Gmail data: With your explicit permission, we access your Gmail inbox to read emails and attachments (invoices, receipts). We only read; we never send emails on your behalf.
  • Google Drive / Sheets data: With your explicit permission, we read and write to a Google Spreadsheet named "InvGress AI" in your Drive to sync processed invoice data.
  • Invoice & financial documents: Files you upload or that are detected in your Gmail attachments (PDFs, images).
  • Usage data: Basic logs for error diagnosis and service improvement.

3. Google API Usage

InvGress AI uses the following Google APIs under your explicit OAuth consent:

  • Gmail API (read-only): To retrieve emails and invoice attachments from your inbox for automated processing.
  • Google Drive API: To locate your "InvGress AI" spreadsheet in your Drive.
  • Google Sheets API: To write processed invoice data to your "InvGress AI" spreadsheet.

InvGress AI's use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements.

4. How We Use Your Data

  • Process and extract data from invoices and receipts using AI models.
  • Sync extracted data to your connected accounting platform (Xero, QuickBooks).
  • Write summarised results to your Google Sheet.
  • Provide audit logs and financial insights within the dashboard.
  • Diagnose errors and improve service reliability.

We do not sell your data. We do not use your Gmail or Drive data for advertising purposes. We do not share your data with third parties except as required to operate the service (e.g., AI model API calls for document parsing).

5. Data Storage & Retention

Processed invoice data and audit logs are stored in a secure PostgreSQL database (Neon). Google OAuth refresh tokens are stored encrypted in our database solely to maintain your Google connection. You may revoke access at any time from your Google Account settings. Account data is retained until you delete your account. You may request deletion by contacting us at shcho2816@gmail.com.

6. Data Security

All data is transmitted over HTTPS. OAuth tokens are stored securely and are never exposed in client-side code. We implement rate limiting, authentication checks, and audit logging on all API endpoints. Access to production data is restricted to authorised personnel only.

7. Your Rights

  • Access: Request a copy of the data we hold about you.
  • Deletion: Request deletion of your account and associated data.
  • Revoke Google access: Disconnect Gmail/Sheets at any time via Settings or your Google Account.
  • Portability: Export your processed invoice data via the Google Sheet sync.

8. Third-Party Services

We use the following third-party services to operate InvGress AI:

  • Clerk — authentication
  • Neon — database hosting
  • Vercel — frontend hosting
  • Railway — backend hosting
  • OpenAI — AI document processing
  • Google APIs — Gmail, Drive, Sheets integration
  • Xero / QuickBooks — accounting platform integration

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date at the top of this page. Continued use of the Service after changes constitutes acceptance of the updated policy.

10. Contact

For privacy-related questions, data requests, or to revoke consent, contact us at: shcho2816@gmail.com