Privacy Policy

Effective date: February 14, 2026

This Privacy Policy explains how Bizora Inc. (“Bizora,” “we,” “us,” or “our”) collects, uses, shares, and protects information when you use our websites, applications, and related services (collectively, the “Services”), including integrations such as QuickBooks Online.​

Bizora Inc.
530 Technology Dr, Suite 100
Irvine, CA 92618, USA
Email: admin@bizora.ai
Phone: +1 (949) 385-1655

‍This Privacy Policy applies to information we process:
• When you visit our website(s) (including bizora.ai)
• When you use our application (including the Bizora web app)
• When you connect third-party services (e.g., QuickBooks Online) to Bizora

If you use a third-party service through Bizora, that third party’s privacy practices also apply to information they collect directly.

‍We collect information in three main ways: (a) information you provide, (b) information collected automatically, and (c) information from connected third-party services (with your permission).

• Account information: name, email, password (or authentication method), organization/firm details
• Support & communications: messages you send us, feedback, and support requests
• User content: prompts, queries, documents/files you upload, and outputs you generate using the Services

• Device and usage data: IP address, browser type, device identifiers, timestamps, pages/screens viewed, referring URLs, and interaction logs
• Cookies and similar technologies: used for authentication, security, preferences, and analytics (you can control cookies via your browser settings)

‍If you connect QuickBooks Online using OAuth, Bizora may access and process data you authorize, which can include (depending on permissions/scopes you grant) items such as:
• Company/account metadata
• Chart of accounts
• Customers/vendors
• Invoices, bills, payments
• Expenses and transactions
• Reports or other accounting objects available through the integration

Bizora does not ask for or store your QuickBooks password. Access is provided via OAuth authorization and tokens.​

C. Information from third-party integrations (e.g., QuickBooks Online)
If you connect QuickBooks Online using OAuth, Bizora may access and process data you authorize, which can include (depending on permissions/scopes you grant) items such as:
• Company/account metadata
• Chart of accounts
• Customers/vendors
• Invoices, bills, payments
• Expenses and transactions
• Reports or other accounting objects available through the integration

Bizora does not ask for or store your QuickBooks password. Access is provided via OAuth authorization and tokens.​

We use information to:
• Provide and operate the Services (including syncing/importing data from connected accounts like QuickBooks Online)
• Generate responses and workflows you request (e.g., tax research outputs, summaries, and insights)
• Maintain safety and security, prevent abuse, and troubleshoot issues
• Improve and develop features, product performance, and user experience
• Communicate with you about updates, support, and administrative messages
• Comply with legal obligations and enforce our agreements

We may share information in limited circumstances:
• Service providers / processors that help us run the Services (e.g., hosting, databases, analytics, customer support tools). They are permitted to process information only for providing services to us.
• Third-party integrations you enable (e.g., when you connect QuickBooks Online, data is exchanged as needed to provide the integration).
• Legal and safety reasons, such as to comply with law, respond to lawful requests, or protect rights, safety, and security.
• Business transfers, such as a merger, acquisition, financing, or sale of assets (we will take steps to protect your information).

We do not sell your personal information.

We retain information for as long as necessary to provide the Services and for legitimate business purposes, such as:
• Maintaining your account and providing features you use
• Meeting legal, tax, accounting, or reporting obligations
• Security, fraud prevention, and dispute resolution
‍
If you disconnect an integration (like QuickBooks Online), we stop accessing new data from that integration. You may request deletion of stored integration data as described below.

We use administrative, technical, and organizational measures designed to protect information, including encryption in transit and appropriate access controls.​
‍
For integrations like QuickBooks Online, we store OAuth tokens in a secure manner (including encryption for sensitive token material), consistent with common security practices and Intuit’s published requirements for OAuth token management.​

No system is 100% secure. You are responsible for keeping your credentials confidential and for using the Services in a secure environment.

Depending on where you live, you may have rights to:
• Access information we hold about you
• Correct inaccurate information
• Delete certain information
• Export your information (where applicable)
• Opt out of marketing communications (you can use the unsubscribe link in emails)

To make a request, email adam@bizora.ai with the subject line “Privacy Request.”

If you are a California resident, you may have rights under California privacy laws (including the right to know, delete, and correct certain personal information, and to not be discriminated against for exercising your rights). Bizora does not sell personal information.

If you access the Services from outside the United States, your information may be processed in the United States or other locations where we or our service providers operate.

The Services are not intended for children under 13, and we do not knowingly collect personal information from children under 13.

Bizora integrates with Google Services to allow users to import and analyze tax-related documents from Google Drive.

Our application uses the Google Drive API with the following scope:Bizora integrates with Google Services to allow users to import and analyze tax-related documents from Google Drive and to connect Gmail for selected email-based workflows.

Our application may use the following Google API scopes:

This scope allows Bizora to read file content and metadata from Google Drive. Bizora only accesses files that you explicitly select within the application. We do not access, scan, or process Drive files without user action.

This scope allows Bizora to read Gmail messages, message metadata, thread content, attachment metadata, and attachments in your Gmail account. Bizora uses this access only to let you search Gmail threads, preview selected conversations, attach selected thread content as assistant context, and import user-selected Gmail attachments into Bizora’s document workflow.

The narrower gmail.metadata scope is not sufficient for this functionality because it does not provide message body content or attachment content.

Bizora only accesses Google Drive files, Gmail threads, and Gmail attachments that you select or interact with inside the application.

Access is limited to what is necessary to provide user-facing features, including:

• browsing and selecting relevant Google Drive documents;

• searching and previewing Gmail conversation threads;

• attaching selected Gmail thread content as context inside Bizora;

• importing user-selected Google Drive files or Gmail attachments for document analysis.

Bizora does not send, modify, delete, label, draft, or reply to Gmail messages.

We do not use Google user data for advertising.

We do not use Google user data to train generalized AI or machine learning models.

Google Drive files, Gmail thread previews, and selected Gmail attachments may be processed by Bizora servers to provide the requested functionality.

User-selected documents and attachments imported into Bizora may be stored securely in Bizora’s standard document storage systems, including S3 or equivalent infrastructure, as part of the user’s workspace.

We do not store or cache Google user data beyond what is necessary to provide the requested functionality.

Google user data is stored securely and retained only for as long as necessary to provide our services.

Users may delete imported files or attachments at any time. Deleted imported files and associated data are permanently deleted from our systems within 10 days of deletion, unless retention is required for legal or security purposes.

Users may revoke Bizora’s access to their Google account at any time through their Google Account permissions.

Bizora’s use and transfer of information received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.

• No Advertising: We do not use Google user data for serving advertisements.

• No Generalized AI Training: We do not use Google user data to train generalized AI or machine learning models.

• ‍No Human Access: Humans do not read Google user data unless we have obtained your affirmative agreement for specific content, it is necessary for security purposes, or it is necessary to comply with legal obligations.

• No Sale of Data: We do not sell Google user data to third parties.

• Limited Transfer: We transfer Google user data only as necessary to provide or improve user-facing Bizora features, or as otherwise permitted by the Google API Services User Data Policy.

We may update this Privacy Policy from time to time. We will update the “Effective date” above and may provide additional notice where required.​

Questions about privacy? Contact:
admin@bizora.ai
Bizora Inc., 530 Technology Dr, Suite 100, Irvine, CA 92618, USA