Book a demo

Google User Data

What Google Data We Access

When You connect Your Google account to Listra, We request access to specific Google services through Google’s OAuth 2.0 authorization process. You will be shown exactly which permissions We are requesting before You grant access. The Google user data We access includes:

  • Gmail (Read): We access Your email messages to identify and extract invoices, payment notifications, and vendor communications relevant to Your accounts payable workflows.
  • Gmail (Send): We send emails on Your behalf to vendors and other parties as part of the accounts payable process. Every email sent through Listra is first drafted by our system, presented to You for review, and sent only after You explicitly approve the message within the Listra platform.

We only request the minimum permissions necessary to provide our accounts payable automation functionality.

How We Use Google Data

We use Your Google user data solely to provide and improve the accounts payable automation features within the Listra platform, including:

  • Ingesting and processing invoices and payment-related communications from Your email
  • Drafting and, upon Your explicit approval, sending responses to vendors and other parties on Your behalf
  • Organizing and categorizing accounts payable communications

We do not use Your Google user data to:

  • Serve You advertisements, including retargeting, personalized, or interest-based advertising
  • Sell or transfer Your data to third parties such as advertising platforms, data brokers, or information resellers
  • Determine creditworthiness or for lending purposes
  • Train generalized (non-personalized) artificial intelligence or machine learning models
  • Conduct or facilitate surveillance

Human Access to Google Data

Listra does not allow its employees, agents, or contractors to read Your Google user data unless:

  • You have provided Your affirmative consent for a specific purpose (for example, to assist with a technical support request)
  • It is necessary for security purposes, such as investigating a bug or potential abuse
  • It is required to comply with applicable law or regulation
  • The data has been aggregated and anonymized for internal operational purposes

How We Store and Protect Google Data

Your Google user data is encrypted in transit using TLS 1.2 or higher and encrypted at rest. OAuth tokens used to access Your Google account are stored server-side in encrypted form and are never exposed to Your browser or any client application. Your data is logically isolated from other customers within our multi-tenant infrastructure.

How We Share Google Data

We do not sell, rent, or trade Your Google user data. We may share Your Google user data only in the following limited circumstances:

  • With infrastructure service providers (such as cloud hosting providers) strictly as needed to operate the Listra platform, and only under obligations of confidentiality
  • When required by law, regulation, or valid legal process
  • As part of a merger, acquisition, or sale of assets, subject to the acquiring entity agreeing to the same data protection obligations described in this policy

Any third parties that process Google user data on our behalf are bound by confidentiality obligations and are prohibited from using the data for any purpose other than providing services to Listra.

Data Retention and Deletion

You may disconnect Your Google account from Listra at any time through Your account settings. When You disconnect:

  • Your OAuth access and refresh tokens are permanently deleted from our systems
  • You may request deletion of any Google user data previously collected by contacting us at contact@listra.ai

We retain Google user data only for as long as necessary to provide the services You have authorized. Upon account termination or disconnection, Google user data is deleted in accordance with our data retention schedule.

Revoking Access

In addition to disconnecting within Listra, You can revoke Listra’s access to Your Google account at any time through Your Google Account permissions page at https://myaccount.google.com/permissions.

Google API Services User Data Policy Compliance

Listra’s use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.