Last updated · June 10, 2026
Privacy policy
DriveClerk is an AI filing assistant that finds business documents in your Gmail inbox and files renamed copies into your Google Drive. This policy explains what data we access, what we store, how we use it, and how you can get it back or delete it. The short version: we access the minimum we need to file your documents, we never sell your data, and you can delete everything at any time.
Data we access from Google
When you sign in with Google, you grant DriveClerk these scopes:
- Gmail (read-only). We search your inbox for messages with PDF attachments, read message metadata (sender, subject, date) and download those attachments so we can classify and file them. We never send email on your behalf and we never modify or delete your email.
- Google Drive (per-file). We use the drive.file scope, which only lets us see and manage folders and files that DriveClerk itself creates. We cannot see the rest of your Drive.
- Basic profile. Your email address, name, and profile picture, used to create and display your account.
DriveClerk's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
What we store
- Document metadata: document type, vendor, extracted invoice fields (number, dates, totals), confidence scores, and the Drive location we filed each document to. Metadata is retained while your account is active and is deleted when you delete your account.
- A short snippet of each processed email (at most 512 characters). We never store full email bodies. Snippets are retained while your account is active and are deleted when you delete your account.
- Copies of PDF attachments in private cloud storage while they are being processed, previewed, and filed. PDFs pulled for the training step are deleted from our storage once they are filed into your Drive, and unfiled copies are cleaned up periodically; the filed copies live in your own Google Drive. Copies staged during inbox sync are retained for up to 30 days to support retries and corrections.
- Your Google access tokens, encrypted at rest. They are decrypted only for the moment an API call to Google needs them.
- An audit log of actions taken on your account (sign-ins, syncs, filings, corrections), so you can see what the system did. Audit log entries are retained while your account is active and are deleted when you delete your account.
How we use your data
- To classify, rename, and file your documents. That is the product.
- To improve classification accuracy. When you label or correct a document, we keep that label together with a numerical representation (an embedding) of the document. Aggregated embeddings and labels, never raw document text or files, may be used to improve the shared classification model that benefits all users. Raw document content is never shared across accounts.
- To send you service email you have opted into: failure alerts, filing summaries, and a weekly digest. Each can be turned off in Settings.
We do not sell your data. We do not use it for advertising. No human at DriveClerk reads your documents except with your explicit permission to resolve a support issue, or where required for security review or by law.
Service providers we rely on
- Google Cloud Platform: application hosting, database, and file storage.
- Microsoft Azure AI Document Intelligence: invoice field extraction. PDF content is sent for extraction and is not retained by us beyond processing.
- Resend: transactional email delivery.
- Stripe: payment processing, if you purchase a paid plan. Stripe receives your payment details directly; we never see your card number.
- Google Analytics: anonymous usage analytics on the marketing site only.
Retention, export, and deletion
- We retain the data we store for as long as your account is active, then delete it when you delete your account. PDF copies follow the shorter windows described under What we store.
- You can export everything DriveClerk holds about your account as a single JSON file from Settings at any time.
- You can delete your account from Settings. Deletion permanently removes your account, document metadata, training labels, stored PDFs, and encrypted tokens. Documents already filed in your Google Drive are yours and are never touched.
- Disconnecting Google revokes our access tokens immediately. You can also revoke DriveClerk's access at myaccount.google.com/permissions.
Security
All data is encrypted in transit (TLS) and at rest. OAuth tokens are additionally encrypted at the application layer. Access to production systems is limited to the operator of the service. Every state-changing action is written to an audit log.
Cookies
We use one session cookie to keep you signed in. The marketing site uses Google Analytics cookies for anonymous traffic measurement.
Changes and contact
We will update this page when our practices change and revise the date at the top. Questions or requests: imannbrar25@gmail.com.