Bizzy Privacy Policy

Google API scopes Bizzy requests

https://www.googleapis.com/auth/gmail.readonly

Read-only access to your Gmail messages and metadata. Bizzy uses this scope only to detect production callsheets in your inbox and extract the structured information required for invoicing reminders, including subject, sender, shoot date, location, production company, and contact. Bizzy never reads, indexes, or stores messages that are not classified as callsheets.

https://www.googleapis.com/auth/gmail.send

(optional — only requested if you opt in to Gmail-based invoice sending) Permission to send email on your behalf. Used only to send invoices and follow-up reminders that you author, to recipients you select, from your own Gmail address so that replies thread correctly. Bizzy never sends email autonomously.

https://www.googleapis.com/auth/userinfo.email

Access to your Google account email address. Used only to identify which Google account you linked and to display it in Bizzy's Settings page.

How Bizzy uses Gmail data

Callsheet detection. Bizzy subscribes to Gmail push notifications for your inbox. When a new message arrives, Bizzy fetches its subject, sender, and — for messages whose subject matches a callsheet keyword classifier — its body. The body is passed to a third-party large language model (Google Gemini) under a zero-retention agreement to extract structured fields: shoot date, location, production company, and contact. The raw email body is held only transiently in serverless function memory and is discarded as soon as extraction completes.

Invoice delivery. When you click "Send Invoice" with the optional Gmail sender enabled, Bizzy uses the gmail.send scope to deliver the invoice email — PDF attached, text body you wrote — to the recipients you select. The outgoing message is recorded in your Gmail Sent folder as if you sent it yourself.

No content indexing or AI training. Bizzy does not read, index, cache, or use your Gmail data to train AI or machine learning models. The extraction prompts and completions exchanged with Google Gemini are not retained by Google under our zero-retention agreement.

Storage and security

Gmail OAuth refresh tokens are stored encrypted at rest in Bizzy's database. Email bodies are transiently fetched into serverless function memory during processing and are never written to durable storage. Only the extracted callsheet fields — subject, sender, shoot date, contact match, and message ID for deduplication — are persisted.

All API traffic to Google and between Bizzy's services is transport-encrypted using TLS 1.2 or higher. Access to the underlying database is restricted to Bizzy's serverless functions running under short-lived service-role credentials; no Bizzy employee has standing access to individual customers' Gmail data.

Bizzy's source code, OAuth implementation, and storage practices are independently audited annually under the Cloud Application Security Assessment (CASA) Tier 2 program required by Google for restricted scopes.

Data sharing

Bizzy does not sell, rent, or share Gmail data with third parties except as strictly necessary to provide the features you have enabled:

• Google Gemini — callsheet body text is sent to Google Gemini for structured field extraction under a zero-retention agreement.
• Infrastructure providers (Supabase, Vercel, Google Cloud Pub/Sub) — store and transport data solely to operate Bizzy's services.

Bizzy does not share Gmail data for advertising, analytics, or profiling purposes.

Deletion and revocation

You may disconnect Gmail at any time by either:

1. Going to Settings → Email → Disconnect Gmail in Bizzy. This revokes the OAuth token, deletes the stored refresh token, and stops Callsheet Watcher processing for your account.
2. Visiting https://myaccount.google.com/permissions in Google and removing Bizzy.

Upon disconnection or account deletion, Bizzy purges the OAuth tokens, Gmail watch subscription, Gmail history cursor, and any transient message IDs within 30 days. Extracted callsheet job records remain in your Bizzy account until you delete them individually, since these are your business records, not raw Gmail data.

Google API Services User Data Policy — Limited Use

Bizzy's use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, Bizzy:

• Limits the use of Gmail data to providing the user-facing features listed above.
• Does not use Gmail data to serve advertisements.
• Does not transfer Gmail data to third parties except as necessary to provide or improve the user-facing features, comply with applicable law, or as part of a merger, acquisition, or sale of assets with prior notice to users.
• Does not allow humans to read Gmail data unless (a) you give explicit consent for specific messages, (b) it is necessary for security purposes such as investigating abuse, (c) it is required for compliance with applicable law, or (d) the data has been aggregated and anonymized for internal operational analytics.