1. Information We Collect
What data we gather and how
- Account information: name and email address provided via Google OAuth sign-in
- Business data: customer records, quotes, invoices, job details, and email content you create or import through the service
- Communications: messages you send to us (support requests, feedback)
- Integration credentials: OAuth tokens for Gmail, Microsoft 365 / Outlook, QuickBooks, Xero, and Slack connections you authorize
- Usage data: pages visited, features used, actions taken within the application
- Device information: browser type, operating system, screen resolution
- Log data: IP address, access times, referring URLs, error logs
- Cookies: session authentication cookies (essential) and optional analytics cookies (see Section 8)
- Google: profile information (name, email, profile picture) when you sign in with Google OAuth
- Gmail: email messages when you connect your Gmail account to process quote requests
- Microsoft: email messages from your connected Outlook / Microsoft 365 mailbox when you connect it to process quote requests (read-only)
- QuickBooks: customer records, invoices, and estimates when you connect your QuickBooks account
- Xero: contact and customer records, and the invoices Setell creates in your Xero organisation when you connect your Xero account
- Stripe: subscription status and billing events (we never receive or store your credit card number)
- Email content: when you click the "Send to Setell" button on an open Gmail thread, the extension reads the sender, subject, and body of that single thread and sends it to your Setell account at go.setell.ai — no background scanning, no other tabs, no Gmail data is read without an explicit click
- Purpose: the email content is delivered to your Setell account where Setell uses it to draft a quote for you (the user-facing feature you signed up for) — the extension does not use Gmail content for any other purpose
- Local storage (chrome.storage.local): your Setell API key (used to authenticate to your own account) and a rolling 7-day count of how many emails you've sent — both stored on your device only, never transmitted except to authenticate to Setell
- Uninstall behavior: when you remove the extension from Chrome, all locally-stored extension data (API key, send count) is removed automatically by Chrome — to delete the corresponding data inside Setell, see Section 5 (Retention) below
- No third-party analytics, ad networks, or trackers are loaded inside the extension
- Data the extension sends is processed by Setell under the same terms as the rest of this policy and inherits the Google API Limited Use restrictions in Section 9
2. How We Use Your Information
Why we process your data
- Parse inbound emails to identify quote requests
- Generate, revise, and send quotes using AI
- Create invoices and sync them with QuickBooks
- Create invoices in your connected Xero account
- Manage your job pipeline and customer records
- Send emails on your behalf through your connected Gmail
- Monitor for errors and fix bugs (via Sentry error tracking)
- Analyze usage patterns to improve the product (aggregated, not individual)
- Detect and prevent fraud, abuse, and security threats
- Enforce our terms of service
- Send transactional emails (account confirmation, billing receipts)
- Respond to support requests
- Send product updates and announcements (you can opt out at any time)
3. Legal Basis (GDPR)
Lawful basis for processing
For users in the European Union and European Economic Area, we process personal data under the following legal bases:
3a. Privacy by Design
Privacy by design & by default
Setell follows the principles of data protection by design and by default as set out in GDPR Article 25. These are not aspirations — they are structural choices in how the product is built.
4. Sharing
Who we share your data with
We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. We share data only with the following categories of recipients:
- AWS (hosting and compute)
- Neon (database hosting)
- Stripe (payment processing)
- Anthropic (AI quote generation — does not use your data for model training)
- Sentry (error monitoring)
- Google (authentication and Gmail API)
- Microsoft (Outlook / Microsoft 365 mailbox and Entra sign-in)
- Intuit (QuickBooks API)
- Xero (Xero API)
- Twilio (SMS delivery)
- Emails sent to your customers through your connected Gmail
- Invoices created in your connected QuickBooks account
- Invoices created in your connected Xero account
- Quotes shared via portal link with your customers
- Notifications sent to your connected Slack workspace
4a. SMS / Text Messaging
How text messaging and consent work
If you are a customer of a business that uses Setell, you may receive text messages (SMS) about your quote, estimate, invoice, or job, and you may reply to communicate with that business. SMS is always optional and is never sent without your explicit, prior consent. Consent to receive text messages is never required to receive a quote, sign, make a payment, or complete any transaction — you can use every part of the service by email or in your online portal without opting in. This section explains how that consent works and how we handle your mobile information.
- On the web — by entering your mobile number and checking the consent box in your online quote portal (express written consent)
- By text — after a business sends a one-time confirmation message, you reply YES to begin receiving texts (double opt-in)
- Opting in is optional — consent is not a condition of purchase and is never required to receive a quote, sign, make a payment, or complete any transaction. You can use every feature by email or in your online portal without it.
- Transactional updates about your quote, estimate, signature request, invoice, or payment, sent by the business you are working with
- Replies within a two-way conversation when you text back
- Message frequency varies based on your job activity. Message and data rates may apply.
- Reply STOP (or STOPALL, UNSUBSCRIBE, QUIT, CANCEL, END) at any time to stop all texts from that number
- Reply HELP for help, or contact the business directly
- You can also turn texts off from your online quote portal
4b. Agent Connections (MCP)
AI agents you connect to your account
Setell offers an MCP (Model Context Protocol) connector so AI agents you choose — such as Claude, ChatGPT, or Claude Code — can work with your Setell account on your behalf. Connections are created only by you, through an explicit consent screen, and every connection is yours to revoke.
- Read your jobs, customers, quotes, and pricing signals
- Draft, send, and schedule quotes (subject to your autonomy settings)
- Save customer notes and pricing memory
- No access to other Setell accounts, billing credentials, or connected-integration tokens
- You approve each connection on a Setell consent screen that names the requesting app
- Setell issues the agent expiring, revocable access credentials — your password is never shared
- Credentials are stored as cryptographic digests; the raw values are never persisted
- Each connection is bound to exactly one Setell account
- Settings → Connected agents lists every active connection with last-used time
- Disconnect revokes an agent’s access immediately
- Data the agent reads is governed by the agent provider’s own privacy policy (e.g. Anthropic for Claude, OpenAI for ChatGPT) once it leaves Setell at your direction
5. Retention
How long we keep your data
- Account and business data is retained for the duration of your subscription
- Integration credentials are retained while the integration is connected
- Usage logs are retained for 90 days
- Error logs are retained for 30 days
- Personal data is purged within 30 days of account deletion request
- Integration tokens are deleted immediately upon disconnection
- Setell Chrome extension API keys are revoked immediately when you rotate or delete them in Settings → Extension, and locally-stored extension data is removed automatically by Chrome when the extension is uninstalled
- Backup copies are purged within 90 days
- Anonymized, aggregated analytics may be retained indefinitely
6. Your Rights
Privacy rights under GDPR & CCPA
- Access — request a copy of all personal data we hold about you
- Rectification — correct inaccurate personal data
- Erasure — request deletion of your personal data
- Portability — receive your data in a machine-readable format
- Restriction — limit how we process your data
- Objection — object to processing based on legitimate interest
- Withdraw consent — at any time, without affecting prior processing
- Lodge a complaint with your local supervisory authority
- Know — what personal information we collect, use, and disclose
- Delete — request deletion of your personal information
- Opt-out — of the sale or sharing of personal information (we do not sell your data)
- Non-discrimination — equal service regardless of exercising your rights
- Correct — request correction of inaccurate personal information
- Limit use of sensitive personal information
7. International Transfers
Where your data is processed
- Standard Contractual Clauses (SCCs) approved by the European Commission for transfers from the EU/EEA
- Data Processing Agreements (DPAs) with all sub-processors
- Encryption in transit (TLS 1.2+) and at rest (AES-256)
- All sub-processors maintain SOC 2 Type II or equivalent certifications
8. Cookies
Cookies & tracking technologies
- Session authentication cookie (HttpOnly, Secure, SameSite=Lax)
- CSRF protection token
- Google Analytics 4 (GA4) — opt-out via the cookie banner
- Page views, session duration, and feature usage only
- IP anonymization enabled; no advertising cookies set
- No personal data included in analytics events
9. Google API Data
Google API Services User Data Policy
Setell's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
- We only access Gmail data necessary to provide quoting and invoicing functionality (parsing inbound emails, sending quote drafts)
- We do not use Gmail data for advertising, market research, or to serve ads
- We do not allow humans to read your email content except with your explicit consent, for security purposes (investigating abuse), or as required by law
- We do not transfer Gmail data to third parties except as necessary to provide the service (AI processing via Anthropic, which does not use API inputs for training), with your consent, or as required by law
- You can disconnect Gmail and revoke access at any time from Settings or your Google account — credentials are deleted immediately upon disconnection
- The Setell Chrome extension is subject to the same Limited Use restrictions: it reads only the Gmail thread you have open at the moment you click "Send to Setell" — no background scanning, no other tabs, no usage for advertising or model training
10. Security
How we protect your data
We implement industry-standard technical and organizational measures to protect your data. For full details, see our Security Policy. Key measures include:
- Encryption in transit (TLS 1.2+) and at rest (AES-256)
- OAuth 2.0 authentication — we never store your Google password
- Webhook signature verification (HMAC-SHA256) with timing-safe comparison
- Input validation on all API endpoints (Zod schema validation)
- Parameterized database queries (SQL injection prevention)
- Rate limiting on all public-facing endpoints
- Real-time error and security event monitoring
- Formal incident response plan with 72-hour breach notification
11. Children
Children's privacy
12. Changes
Updates to this policy
Questions?
Contact us
If you have questions about this privacy policy, want to exercise your data rights, or have concerns about how we handle your information, reach out to us.
This privacy policy is reviewed and updated at least annually.
Last updated: June 10, 2026.