Privacy Policy

Introduction

ExtractiBill ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our Chrome extension and related services.

Information We Collect

Account Information

When you create an account, we collect:

• Email address (for authentication and account management)
• Subscription status and billing information (processed securely by Stripe)

Usage Data

We track basic usage metrics to enforce subscription limits:

• Number of invoice extractions per month
• Timestamp of extractions (for monthly reset)

Email Content (Temporary Processing Only)

When you use the extraction feature, email content is processed temporarily to extract invoice data. This content is never stored on our servers. It is sent to our AI processing service (OpenAI) only during the extraction and is immediately discarded after processing.

How We Use Your Information

• To provide and maintain our service
• To authenticate your account and manage sessions
• To enforce subscription limits and process payments
• To improve our AI extraction accuracy
• To communicate with you about your account or service updates

Data Security

We implement industry-standard security measures to protect your data:

• Encryption in transit: All data is transmitted over HTTPS/TLS
• Secure authentication: We use Supabase Auth with secure token management
• Payment security: All payment processing is handled by Stripe (PCI-DSS compliant)
• Privacy by design: Sensitive data like credit card numbers, SSNs, and bank accounts are automatically redacted before AI processing
• No email storage: We do not store your email content on our servers

Third-Party Services

We use the following third-party services:

• Supabase: Authentication and database hosting (Privacy Policy)
• OpenAI: AI-powered data extraction (Privacy Policy)
• Stripe: Payment processing (Privacy Policy)

Data Retention

• Account data: Retained until you delete your account
• Usage statistics: Retained for billing and analytics purposes
• Email content: Never stored; processed in real-time and immediately discarded
• Payment records: Retained as required by law and Stripe's policies

Your Rights

You have the right to:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your account and associated data
• Portability: Request your data in a machine-readable format
• Withdraw consent: Uninstall the extension at any time

To exercise these rights, contact us at support@extractibill.com.

Chrome Extension Permissions

ExtractiBill requests the following browser permissions:

• mail.google.com access: Required to read email content when you activate extraction
• Storage: To save your preferences and authentication state locally
• ActiveTab: To interact with the current Gmail tab when you click the extension

We do not access your browsing history, other websites, or any data outside of Gmail when you explicitly use the extraction feature.

Children's Privacy

ExtractiBill is not intended for use by children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Continued use of the service after changes constitutes acceptance of the updated policy.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

• Email: support@extractibill.com