Privacy Policy
How we handle your data
Privacy at a Glance
- 1Zero document retention - your documents are not stored
- 2Customer-specific encryption - your data protected with YOUR unique keys
- 3Automatic key rotation - fresh encryption after every processing run
- 4Advanced processing technology - proprietary algorithms, signal systems, and SOC 2 Type I and Type II compliant third-party AI services
- 5Your documents are NEVER used for AI training
- 6Minimal data collection - only email and payment info
- 7Informational use only - data accuracy and quality analysis, not financial or lending advice
- 8You control your data - stored in YOUR Google Drive, you can revoke access anytime
What We Don't Collect or Store
Zero document retention architecture
Your Loan Documents
Your documents are NOT stored on our servers. Documents are processed in real-time during each processing run, then immediately deleted. Zero document retention.
Your Document Content
Processing results are encrypted with YOUR unique customer-specific keys and stored in YOUR Google Drive AppData (not our servers). You control access and can revoke permissions anytime.
Personal Information from Documents
Borrower names, addresses, SSNs, financial data, and other sensitive information from loan documents are NOT stored on our servers. All data is encrypted and stored in YOUR Google Drive.
Your Data for AI Training
We NEVER use your documents or extracted data for AI model training. Third-party AI services are contractually prohibited from using your data for training and process data ephemerally.
What We Do Collect
Minimal data necessary to provide service
Account Information
Email address, name, and Google account ID when you sign in with Google OAuth.
Payment Information
Billing handled by Stripe (PCI-compliant). We store only your Stripe customer ID - never credit card numbers.
Encryption Keys
Your customer-specific encryption keys are stored in YOUR Google Drive AppData folder. Keys are automatically rotated after every processing run. We can't access your encrypted data without your Google OAuth permissions.
Processing Results
Encrypted processing results (dashboard data, extracted information) are stored in YOUR Google Drive AppData. All data encrypted throughout the entire process with your unique keys.
API Usage Metrics
Document counts, processing times, API calls for billing and service monitoring. No document content is logged.
Technical Logs
Error logs, performance metrics, and system diagnostics. Logs are retained for 30 days maximum.
Google OAuth Tokens (Optional)
If you enable Google Drive integration, we store encrypted OAuth tokens to access your designated Drive folder. You can revoke access anytime.
How We Use Your Data
- Provide and maintain the LoanIntelligence service
- Process payments and manage subscriptions via Stripe
- Respond to support requests and troubleshoot issues
- Monitor system performance and improve service quality
- Detect and prevent fraud, abuse, and security incidents
- Comply with legal obligations and enforce our terms
We will never use your data for marketing, advertising, or sell it to third parties.
Third-Party Services
Services we use to operate
Stripe (Payment Processing)
PCI-compliant payment processor. See Stripe's privacy policy at stripe.com/privacy.
Google (OAuth & Drive Integration)
OAuth authentication and optional Drive API access. See Google's privacy policy at policies.google.com/privacy.
Third-Party AI Services
We use proprietary algorithms and signal systems to ensure data accuracy and quality. Third-party AI services are SOC 2 Type I and Type II certified, contractually prohibited from using your data for training, and process data ephemerally with encryption in transit.
We do not sell or share your data with any other third parties.
Your Privacy Rights
Control your data
Access Your Data
Request a copy of your account data via email to [email protected]
Delete Your Data
Delete your account anytime from Dashboard → Settings. All data deleted within 24 hours.
Export Your Data
API responses and Google Sheets integration provide real-time export of all processed data.
Revoke OAuth Access
Disconnect Google Drive integration anytime from Dashboard → Settings → Google Drive.
Opt-Out
Don't use the service = no data collected. Zero retention means no ongoing data storage.
International Privacy
GDPR Compliance (EU)
Zero retention architecture ensures compliance. You have rights to access, deletion, portability, and restriction of processing.
CCPA Compliance (California)
We do not sell personal information. California residents have rights to know what data is collected, delete data, and opt-out.
Data Retention
- Your documents: 0 days (NOT stored - deleted immediately after processing)
- Encrypted processing results: Stored in YOUR Google Drive (you control retention and deletion)
- Encryption keys: Rotated automatically after every processing run (old keys discarded)
- Account info: Until account deletion
- API usage logs: 12 months for billing (counts only, no document content)
- Error logs: 30 days maximum (no document content)
- OAuth tokens: Until revoked by you
Security Measures
Zero-retention architecture with customer-specific encryption. All data encrypted throughout the entire process. Encryption keys automatically rotated after every processing run. OAuth tokens stored with AES-256 encryption. All data in transit encrypted via HTTPS/TLS. See /security for full details.
View Security DetailsChanges to This Policy
We may update this policy as our service evolves. Material changes will be announced via email 30 days before taking effect. Continued use after changes constitutes acceptance.
Need help?
Questions About Privacy?
Email our legal team at [email protected] and we'll get back to you within one business day.
We respond within one business day.