Privacy Policy
Effective Date: March 1, 2026 | Last Updated: March 2, 2026
This Privacy Policy describes how Heavenly Estates LLC, a Wyoming limited liability company doing business as OfficePal ("Company," "we," "us," or "our"), collects, uses, and protects your personal information when you use the OfficePal platform and services at app.officepal.ai ("Service").
By using our Service, you agree to the collection and use of information as described in this policy.
1. Information We Collect
Account Information
- Your name
- Email address
- Business / company name
- Industry / vertical
- Referral source (if provided)
Google Sign-In Data
- If you sign in with Google, we receive your Google profile information: name, email address, and profile photo.
- This data is used solely for account creation and authentication.
Financial Data (via Plaid)
- Bank account transaction data (descriptions, amounts, dates, merchant names)
- Account identifiers and balances
- This data is accessed in read-only mode through Plaid. We cannot initiate transactions or modify your accounts.
Email Data (via Gmail/Outlook OAuth)
- Email message subjects, bodies, and headers
- Sender and recipient information (names, email addresses)
- Timestamps and labels/folders
- OAuth access and refresh tokens
- This data is accessed via OAuth 2.0 authorization. We access emails for categorization and draft generation purposes. We do not send emails on your behalf without your explicit action.
Google API Services Disclosure
OfficePal's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
- We only use Gmail data to provide and improve the email categorization and draft generation features you have explicitly authorized.
- We do not use Gmail data for advertising, market research, or any purpose unrelated to the core functionality of the Service.
- We do not allow humans to read your Gmail data unless: (a) you give us explicit consent, (b) it is necessary for security purposes (e.g., investigating abuse), (c) it is necessary to comply with applicable law, or (d) our use is limited to internal operations with aggregated and anonymized data.
- We do not transfer Gmail data to third parties except as necessary to provide the Service (e.g., AI processing via OpenAI API, which does not retain or train on API data), as required by law, or as part of a merger/acquisition with equivalent privacy protections.
Service Usage Data
- Expense categories and categorization history
- Email categories and AI-generated draft history
- User interactions with the platform
- Error logs and performance data
AI Agent and Chatbot Interaction Data
- Messages you send to the in-app AI Agent (conversational interface)
- Messages you send to the public website chatbot
- AI-generated responses and action confirmations
- Chatbot conversations may be recorded for quality improvement and lead detection purposes
- The AI Agent accesses your account data only within the scope of your authenticated session — it cannot access other users' data
Mobile Application Data
- Push notification tokens (stored securely for delivering notifications)
- Device type and operating system version
- Camera access (only when you explicitly use the receipt capture feature)
- We do not collect location data, contacts, or other device data beyond what is listed above
Payment Information
- Payment details are processed and stored by Stripe. We do not store your credit card numbers on our servers.
2. How We Use Your Information
- Provide the Service: Connect to your bank accounts and email accounts, retrieve transactions and emails, categorize data, and generate draft responses using AI.
- Improve AI processing: Use aggregated and anonymized data to improve our categorization and response generation models.
- Process payments: Manage your subscription and billing through Stripe.
- Communicate with you: Send service-related emails, updates, and support responses.
- Monitor and improve: Track errors, performance, and usage to improve the Service.
3. Third-Party Services
We share your data with the following third-party providers, solely to operate the Service:
| Provider | Purpose | Data Shared |
|---|
| Plaid | Bank account connection | Account credentials (tokenized), transaction data |
| Google | Gmail API — email access, OAuth authentication | OAuth tokens, email content (read access and draft creation) |
| Microsoft | Outlook API — email access, OAuth authentication | OAuth tokens, email content (read access and draft creation) |
| Stripe | Payment processing | Email, payment method details |
| Amazon Web Services (AWS) | Cloud hosting & data storage | All service data (encrypted) |
| OpenAI | AI expense categorization, email categorization, and draft response generation | Transaction descriptions and amounts (no account numbers); email subjects and bodies (PII redacted where feasible); no raw bank credentials |
| Google Analytics | Website analytics | Anonymized page views, session data, device info (no PII) |
| Sentry | Error tracking & monitoring | Error logs, stack traces, anonymized usage data |
Each third-party provider processes data in accordance with their own privacy policies. We encourage you to review them.
4. Sensitive and Personal Information in Emails
Emails processed by OfficePal may contain personally identifiable information (PII), including but not limited to:
- Names, addresses, and phone numbers
- Social Security numbers and tax identifiers
- Insurance policy numbers
- Financial account information
- Other sensitive personal or business data
We implement technical measures to minimize PII exposure to third-party AI providers, including redaction of identifiable information where feasible before data is sent for processing. However, due to the unstructured nature of email content, complete redaction cannot be guaranteed.
You should review what data your connected email accounts contain and ensure you have appropriate authority to allow AI processing of that data. If your emails regularly contain highly sensitive information (e.g., protected health information), please review our Terms of Service for important disclaimers.
5. We Do Not Sell Your Data
We do not sell, rent, or trade your personal information or financial data to any third parties. Your data is used exclusively to provide and improve the Service.
6. Data Storage and Security
- Infrastructure: All data is stored on Amazon Web Services (AWS) infrastructure in the us-west-2 region.
- Encryption in transit: All data transmitted between your browser, our servers, and third-party providers is encrypted using TLS/SSL.
- Encryption at rest: Data stored in our databases and storage systems is encrypted at rest using AES-256.
- OAuth tokens: Gmail and Outlook OAuth tokens are encrypted at rest and stored separately from email content.
- Email data isolation: Email content is stored in encrypted DynamoDB tables with per-tenant isolation — your email data is logically separated from other customers' data.
- Access controls: Access to production data is restricted to authorized personnel only.
While we implement industry-standard security measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.
7. Data Retention
- Active accounts: We retain your data for as long as your account is active.
- Email content: Email message bodies and full content are automatically purged after 90 days. Email metadata (subjects, categories, timestamps) is retained for the lifetime of your account.
- OAuth tokens: When you disconnect an email account, the associated OAuth tokens are immediately revoked and deleted.
- After cancellation: We retain your data for 30 days after account cancellation to allow for reactivation. After 30 days, your data is permanently deleted from our systems.
- Backups: Data may persist in encrypted backups for up to 90 days after deletion, after which backups are rotated and destroyed.
8. Your Rights
You have the right to:
- Access your data: Request a copy of the personal and financial data we hold about you.
- Export your data: Request an export of your categorized transaction data in a standard format (CSV).
- Delete your data: Request permanent deletion of your account and all associated data.
- Delete email data: Request deletion of all stored email content, categories, and AI-generated drafts associated with your account.
- Correct your data: Request corrections to any inaccurate personal information.
- Disconnect bank accounts: Remove linked bank accounts at any time through the platform or by contacting us.
- Disconnect email accounts: Remove linked email accounts and revoke OAuth access at any time through your account settings, or directly through your Google or Microsoft account settings.
To exercise any of these rights, contact us at hello@officepal.ai. We will respond within 30 days.
9. Cookies and Tracking
We use essential cookies to maintain your session and authentication state. We do not use advertising or third-party tracking cookies.
Google Analytics (GA4): We use Google Analytics to collect anonymized usage data, including page views, session duration, and device information. Google Analytics does not collect personally identifiable information through our implementation. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.
Error monitoring (Sentry) may collect anonymized technical data about your browser and device.
10. AI Data Processing
We use OpenAI to process your data via their API. Here's what that means:
- API-only processing: Your data is sent to OpenAI via their API for real-time processing. Per OpenAI's API data usage policy, API data is not used to train OpenAI's models.
- Data Processing Agreement: We maintain a Data Processing Agreement (DPA) with OpenAI that governs how your data is handled.
- Encryption: All data transmitted to OpenAI is encrypted in transit via TLS.
What we send to OpenAI:
- Transaction descriptions and amounts (no bank account numbers or routing numbers)
- Email subjects and email bodies (with PII redacted where feasible)
- AI Agent conversation messages (your natural language queries and the results of data lookups)
- Website chatbot messages (general questions about our services — no customer data)
- No raw bank credentials, passwords, OAuth tokens, or internal system identifiers
Data Agent — uploaded data:
- Uploaded files (CSVs, spreadsheets, PDFs, documents) are stored encrypted at rest in our database. They are not sent to any third party except for AI query processing as described above.
- Document text is extracted and stored as searchable embeddings. These embeddings are mathematical representations that cannot be reverse-engineered back into the original text.
- When you ask the Data Agent a question, relevant portions of your uploaded data may be sent to the AI provider for processing. Full datasets are not sent — only the data relevant to your specific query.
- We may use Amazon Bedrock (AWS) as an alternative AI provider. Amazon Bedrock is SOC 2 and HIPAA eligible and does not use customer data to train models.
- You may delete uploaded data at any time. Deletion removes the data from active storage; backups are purged within 30 days.
AI Agent data isolation: When the AI Agent processes your requests, your identity and account information are managed server-side and are never sent to the AI provider. The AI model does not receive your tenant ID, email address, or any information that could identify you or your business to the AI provider. Data returned from your account is sanitized to remove internal system details before being processed by AI.
11. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to know: You may request details about the categories and specific pieces of personal information we have collected about you.
- Right to delete: You may request deletion of your personal information, subject to certain exceptions.
- Right to opt-out of sale: We do not sell your personal information. No opt-out is necessary, but you have the right to confirm this at any time.
- Non-discrimination: We will not discriminate against you for exercising your CCPA rights.
To exercise your CCPA rights, contact us at hello@officepal.ai.
12. Children's Privacy
The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected such information, please contact us immediately.
13. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email to the address associated with your account. The "Last Updated" date at the top reflects the most recent revision. Continued use after changes constitutes acceptance.
14. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your data, contact us at:
Heavenly Estates LLC dba OfficePal
Email: hello@officepal.ai
Website: officepal.ai