paid-app.com

Privacy Policy

Last updated: May 3, 2026

Introduction

Paid provides a B2B software service that helps professional services firms follow up on overdue invoices. This Privacy Policy describes how we collect, use, store, and share information when you use our website at paid-app.com and related services (the “Service”).

Information we collect

Account and contact data

Information you provide when you register or contact us, such as your name, work email address, and authentication details.

Integration data

  • QuickBooks: open receivables, invoice amounts, due dates, customer names, contact details, line descriptions, and identifiers needed to display balances and draft reminders.
  • Gmail: we access your Google account only as described below.

Usage data

Standard log and device information (browser type, IP, timestamps) for security, troubleshooting, and aggregate usage analysis.

How we use Gmail access

Paid requests Google OAuth permissions only for the scopes we need. Paid does not use any restricted Google scope. The web app uses userinfo.email solely to bind the OAuth grant to the correct Paid account. The Paid Gmail Add-On uses gmail.addons.execute, gmail.addons.current.message.metadata, gmail.addons.current.message.readonly, and gmail.addons.current.action.compose so it can render contextual cards and prepare drafts inside Gmail. Paid never sends email programmatically; when you approve a reminder, Paid opens Gmail’s compose window prefilled with the draft and you click Send yourself in Gmail. The add-on reads the body of a single open message only when you click “Classify reply.” We do not read other messages, scan your inbox in the background, or use Gmail data for advertising, profiling, or unrelated purposes.

  • Prepare payment reminder drafts you initiate or approve. The reminder is opened prefilled in your Gmail compose window; you click Send in Gmail so the message goes from your real address, not from an unrelated domain.
  • On your explicit click, read the plain-text body of one open Gmail message to classify a client’s reply (e.g., “will pay next week”) and suggest a next step. Raw bodies are processed in transit and not retained.
  • Confirm the email address you authorized.

You may revoke Paid’s access at any time in your Google Account security settings.

Limited Use of Google user data

Paid’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We use Google user data only to provide or improve user-facing features that are prominent in the Paid UI (sending reminders you approve, classifying a reply you opened, confirming your email).
  • We do not transfer Google user data to third parties except as necessary to provide those features, to comply with applicable law, or as part of a merger or acquisition with notice to users.
  • We do not use Google user data for serving advertisements, including retargeting, personalized, or interest-based ads.
  • We do not allow humans to read Google user data unless we have your affirmative agreement, it is necessary for security (such as investigating abuse), to comply with law, or for aggregated and anonymized operations.
  • We do not use Google user data to develop, improve, or train generalized AI/ML models. Where AI is used inside Paid (e.g., to draft a reminder), prompts are sent to our model provider only to return that response to you and are not used to train models that serve other customers.

How we use QuickBooks data

We read unpaid invoices and related customer records you authorize, and use them only to operate Paid’s invoice follow-up features. We do not advertise unrelated products to your clients.

Sharing

We use service providers (hosting, authentication, email delivery, analytics, AI inference) who process data on our instructions. We may disclose information if required by law or to protect users.

Data retention and deletion

We retain account and integration data while your account is active. Disconnecting an integration deletes or de-identifies its tokens and cached data within a reasonable period. To delete your account or request data export, email privacy@paid-app.com; we process within 30 days. We may retain anonymized aggregates and records required by law (tax, accounting) without time limit.

Security

We implement administrative, technical, and organizational measures designed to protect information against unauthorized access, loss, or misuse. No method of transmission over the Internet is completely secure.

Your rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or export personal data; to object to or restrict processing; and to withdraw consent. To exercise these rights, contact privacy@paid-app.com. California residents have rights under CCPA/CPRA; Paid does not “sell” personal information for money. EEA, UK, and Swiss users are processed under GDPR with appropriate safeguards for international transfers.

Children

The Service is not directed to individuals under 16, and we do not knowingly collect their information.

Changes

We may update this policy. We will update the “Last updated” date and, for material changes, provide additional notice.

Contact

Privacy questions or requests: privacy@paid-app.com.