Numberify

Privacy Policy

Effective Date: 5/19/2026

1. Identity & Jurisdiction

Numberify is based in Toronto, Canada, and operates subject to the Personal Information Protection and Electronic Documents Act (PIPEDA). Our Privacy Officer is responsible for overseeing compliance with this policy.

2. Information We Collect & Data Minimization

Numberify only accesses and processes the minimum data necessary to provide our services. We collect:

  • Contact Information: Names and addresses of your clients/customers necessary for invoicing.
  • Email Content: With user permission, Numberify accesses Gmail messages that contain invoice-related information in order to extract the details necessary to generate invoices.

3. How We Use Gmail Data

Numberify accesses Gmail message content only after a user explicitly grants permission via Google OAuth. Numberify analyzes only the exact emails that the user manually selects and chooses to generate an invoice from. Numberify does not analyze, read, or process any other email that the user has not explicitly selected for invoice generation. By connecting your Gmail account and selecting an email, you provide explicit consent for our automated systems to analyze the content of that specific email for the sole purpose of extracting invoice-related information.

Gmail data is used solely to:

  • Extract relevant invoice details (such as customer name, line items, totals, and dates) from user-selected emails.
  • Generate draft invoices for the user inside Numberify.

Prohibited Uses of Gmail Data:

  • Numberify does not use Gmail data for serving advertisements.
  • We do not sell, rent, or lease Gmail user data to third parties.
  • We do not use Gmail data for training generalized machine learning models.
  • We do not use Gmail data for creditworthiness or lending purposes.
  • We do not allow humans to read your email content unless we have first obtained your affirmative agreement for specific messages (e.g., for tech support), it is necessary for security purposes, or it is required to comply with applicable law.
  • We will not transfer Gmail data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.

4. Third-Party Service Providers

Numberify relies on the following infrastructure providers to operate the service. These providers only process the minimum data necessary to perform their function and are contractually required to maintain appropriate security safeguards:

  • Supabase: Secure database hosting and encrypted storage.
  • Groq: Processing of invoice data for structured extraction. Data processed by Groq is used only for structured extraction and is not used to train AI models.
  • LangSmith: System monitoring, performance tracing, and debugging. May securely process and log raw email content strictly for diagnostic and troubleshooting purposes to ensure the extraction pipeline functions correctly.
  • Intuit QuickBooks: Syncing finalized invoices directly to your connected, designated QuickBooks account via API.

5. Google API Services Limited Use Disclosure

Numberify's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Numberify only uses Gmail data to provide user-facing features that are directly requested by the user. We do not use this data for advertising, profiling, or training generalized AI models.

6. Data Retention & Deletion

Numberify retains user data only for as long as necessary to provide the service.

  • Raw Email Content: Raw emails accessed for extraction are securely stored and encrypted in our database to provide necessary service support, traceability, and troubleshooting over the lifespan of the generated invoice.
  • Extracted Invoice Data: Generated invoice data and associated extracted information remain stored in your account until you delete the invoice or your account.
  • Account Deletion: When an account is deleted, all associated personal data—including encrypted raw emails and invoice metadata—is permanently and immediately deleted from our systems.

7. Security Measures

Numberify implements industry-standard security measures to protect user data, including:

  • Encryption of data in transit using HTTPS/TLS.
  • Encryption of stored data at rest (AES-256).
  • Access controls limiting internal access to authorized personnel only.

8. Cookies & Tracking

Numberify does not currently use cookies for tracking purposes. We only use functional cookies essential for the operation of the application (e.g., maintaining your active session).

9. International Data Transfers

Some of our service providers may process data in jurisdictions outside Canada. By using Numberify, you consent to such transfers where necessary to operate the service.

10. Your Rights & Account Controls

You have full control over your data. Numberify provides the following features to manage your footprint:

  • Unlink Accounts: You can disconnect your Google or QuickBooks accounts at any time from the Settings page.
  • Delete Account: You can permanently delete your Numberify account and all associated data via the Settings dashboard.

11. Children's Privacy

Numberify is not intended for individuals under the age of 13, and we do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the Effective Date at the top of this page.

13. Contact Us

If you have any questions or concerns about this privacy policy or our data practices, please contact our Privacy Officer at:
Email: privacy@numberify.app