Privacy Policy

1. Information We Collect

This application collects and processes the following information from your Gmail account:

• Email metadata: Message headers including sender, recipient, subject, date, and message ID
• Email attachments: PDF and image files attached to emails
• QR code data: QR codes extracted from attachments (specifically invoice QR codes)
• OAuth tokens: Access tokens required to access your Gmail account via the Gmail API

2. How We Use Your Information

We use the collected information solely for the following purposes:

• To process and analyze invoice attachments from your emails
• To extract QR code information from invoice documents
• To store processing results in our internal database for business workflow automation
• To track processing status using Gmail labels

We do not use your information for advertising, marketing, or any purpose other than the automated invoice processing described above.

3. Data Storage and Security

• OAuth tokens: Stored securely on our servers in an encrypted database
• Email metadata: Stored in our internal database for processing logs and audit purposes
• Attachments: Temporarily uploaded to object storage (OSS) for QR code recognition, then deleted after processing
• QR code data: Stored in our database along with associated metadata

We implement industry-standard security measures to protect your data from unauthorized access, disclosure, or destruction.

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• When required by law or legal process
• To comply with government requests or court orders
• To protect our rights, privacy, safety, or property
• With your explicit consent

5. Your Rights and Choices

You have the following rights regarding your data:

• Access: You can request access to the data we have collected about you
• Revocation: You can revoke OAuth access at any time through your Google Account settings
• Deletion: You can request deletion of your data by contacting us
• Correction: You can request correction of inaccurate data

To exercise these rights, please contact us using the information provided in the Contact section.

6. Data Retention

We retain your data only for as long as necessary to fulfill the purposes described in this privacy policy, unless a longer retention period is required by law.

• OAuth tokens are retained until you revoke access
• Email metadata and QR code data are retained for business and audit purposes
• Temporary files uploaded to object storage are deleted immediately after processing

7. Third-Party Services

This application uses the following third-party services:

• Google Gmail API: To access your Gmail account and process emails
• Google Drive API: To read storage quota information
• Object Storage Service (OSS): To temporarily store attachments for QR code recognition

These services have their own privacy policies. We encourage you to review their privacy policies to understand how they handle your data.

8. Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page and updating the "Last updated" date.

You are advised to review this privacy policy periodically for any changes.

9. Contact Us

If you have any questions about this privacy policy or our data practices, please contact us:

Email: sjian9207@gmail.com

(Replace this address with your actual contact email before deploying.)