Privacy Policy

Last updated: December 2025

Introduction

Paperbox ("the Application", "we", "our") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, and protect your information when you use our invoice management service.

Gmail Access

Paperbox requests read-only access to your Gmail account to automatically detect invoices and receipts sent to you via email. Access is limited to emails that may contain invoices or receipts and is not used for general email reading.

What we do:

  • Read emails that contain attachments
  • Identify invoices and receipts in attachments
  • Extract relevant data (amount, date, vendor)
  • Store invoices in the system for your convenience

What we don't do:

  • Send emails on your behalf
  • Delete emails
  • Modify or edit emails
  • Mark emails as read
  • Access contacts or calendar
  • Sell or share information for marketing purposes

Google API Services User Data Policy Compliance

PaperBox's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Learn more about Google API Services User Data Policy

AI Processing

For automatic data extraction from invoices, we use artificial intelligence services:

AI providers we use:

Important to know:

  • Invoice files are sent for processing only and are not stored on AI servers
  • Data is used only to extract details like amount, date, and vendor name
  • We use a secure API with full encryption
  • AI providers do not use your data to train models

Information We Collect

Account Information:

  • Email address
  • Username (optional)

Invoice Information:

  • Invoice and receipt files (PDF, images)
  • Extracted data: amount, date, vendor name, invoice number
  • Payment information (last 4 digits of credit card, if shown)

Technical Information:

  • Sync activity logs
  • Error information for service improvement

Data Security

We employ advanced security measures to protect your information:

  • Data encryption at rest and in transit (SSL/TLS)
  • Secure storage on protected cloud servers
  • Limited data access only for authorized personnel
  • Regular security audits
  • OAuth 2.0 for secure authentication with Google

Your Rights

You have full control over your information:

  • Disconnect Gmail: You can disconnect your Gmail account at any time through the system settings. Disconnection will immediately revoke our access to your email account.
  • Delete Data: You can request complete deletion of all your data by contacting us.
  • Export Data: You can export all your invoices at any time.
  • Revoke Google Permissions: You can also revoke our access through Google Security Settings

Data Retention

  • Your information is retained as long as your account is active
  • Upon account deletion, all data is deleted within 30 days
  • Secure backups are deleted within 90 days of account deletion
  • Technical logs are retained for 90 days for troubleshooting purposes

Policy Changes

We may update this policy from time to time. In case of material changes:

  • We will notify you via in-app notification or registered email
  • Material changes include: changes to the type of data collected, changes in usage purposes, or changes to third-party providers
  • Continued use of the application after publishing changes constitutes acceptance of the updated terms
  • The last update date always appears at the top of this policy

Contact Us

For questions or requests regarding this Privacy Policy, please contact us at: info@paperbox.co.il

תפריט נגישות מתקדם

נגישות לכולם

פרופילים מהירים

Talk with Us