AI Data Use
Last updated: November 06, 2025
This page explains how Invoice Data Extraction uses AI within the Service. It focuses on what is sent to AI model providers, how we control retention and training, where processing happens, and how you stay in control of your data.
- We transmit invoice content to vetted AI model providers only to perform the extraction you request.
- We do not allow model training on your content.
- We disable provider retention where possible or rely on short, provider-imposed retention windows limited to abuse prevention/debugging.
- Primary hosting and storage are US-based; some AI providers may process content globally.
- Uploads & pipeline logs are deleted within 24 hours; generated outputs are deleted after 90 days. You can delete a task at any time.
- We are not a HIPAA Business Associate. Do not upload PHI or sector-regulated data (PCI card data, GLBA, FERPA, etc.).
- See also: Security and Subprocessors. Questions: [email protected]
1) What we send to AI providers (purpose-limited)
To extract structured fields from your invoices, we send:
- The invoice file content (e.g., PDF/image text or extracted text snippets).
- Your instructions/prompts (e.g., which fields to extract), and derivations of your prompts.
We do not send your account details (email, name, etc.) or payment details to AI providers (payments are handled by Paddle), and we do not use your content for model training.
Legal role: for Customer Content and Customer Account Data, we act as your service provider/processor under U.S. state privacy laws.
2) AI model providers we use
We may use one or more of the following providers to perform extraction. The exact mix can change over time; we post updates at Subprocessors.
| Provider | Purpose | Notes |
|---|---|---|
| OpenAI | Model inference | No training on your content; retention disabled or minimized where settings allow. |
| Anthropic | Model inference | Same as above. |
| Google Gemini (including via Vertex AI) | Model inference | Same as above. |
| Models available via OpenRouter | Model inference gateway | Same as above (gateway + selected models). |
We contractually and technically restrict use to performing your requested extraction and apply no-training and restricted/disabled retention configurations where available.
AI providers process Customer Content only; they do not receive Customer Account Data.
3) Model training and retention
- No training: We do not permit AI providers to train their models on your Customer Content.
- Retention controls: We configure provider settings to disable data retention where available. If a provider requires short retention for security/abuse prevention, we rely on the provider’s short, fixed windows and do not authorize secondary use.
- Documentation: On request ([email protected]), we can share the current retention/configuration posture for active providers.
4) Regions and data location
- Primary hosting & storage: United States (application hosting, database, object storage).
- AI processing: Some model providers operate global infrastructure. Your content may be processed outside the US solely to perform the extraction. We continue to enforce no training and restricted retention in these workflows.
For a complete, up-to-date list of vendors and locations, see Subprocessors.
5) Data lifecycle and your controls
- Uploads & pipeline logs: Deleted within 24 hours after processing completes.
- Generated outputs (e.g., spreadsheets): Retained 90 days for convenience; then permanently deleted.
- Manual deletion: You can delete a task at any time in the dashboard. This removes associated files from storage and the task metadata from the database.
- Backups: We rely on provider-managed database snapshots (encrypted) with a typical rotation of ~7 days. We do not maintain separate backups of object storage.
For additional technical details, see Security.
6) What not to upload
For security and regulatory compliance, please do not upload:
- PHI or any data requiring a HIPAA Business Associate Agreement (we do not sign BAAs).
- Payment card primary account numbers (PCI DSS) or full cardholder data.
- GLBA-regulated financial data, FERPA student records, or other sector-specific regulated data we have not expressly agreed to process, any category of health-related information regulated under U.S. state law (including ‘consumer health data’ or substantially similar concepts).
If you’re unsure, email [email protected] before uploading.
7) Frequently asked questions
Q: Do you “sell” or “share” personal information for cross-context behavioral advertising?
A: No. We do not sell personal information or share it for CCPA/CPRA cross-context behavioral advertising.
Q: Can we get a DPA?
A: Yes. Our Data Processing Addendum applies automatically to business customers that process personal information through the Services. If your procurement requires a countersigned copy, email [email protected].
Q: Can you prove retention is disabled?
A: We maintain internal documentation of our provider configurations and can summarize the current settings on request.
Q: Where can I see your current vendors?
A: Our live list (with 15-day change notices) is at Subprocessors.
Q: How fast will you notify us of a security incident?
A: We commit to notify without undue delay and no later than 48 hours after becoming aware of a confirmed incident affecting Customer Content.
Q: Do you send user identities or account details to AI providers?
A: No. We do not send Customer Account Data (e.g., user emails, names, authentication identifiers, org membership/roles) to AI providers.
8) How this page relates to other documents
- Binding terms live in our Data Processing Addendum and Terms of Service. This page is an informational summary of AI-specific practices.
- For privacy rights and requests, see the Privacy Policy (US State Privacy Rights and Notice at Collection).
9) Contacts
Privacy & data requests: [email protected]
Security & incident/vulnerability reports: [email protected]
General support: [email protected]