Privacy Policy

Last updated: April 2, 2026

ApproveIt ("we", "our", "us") operates the web application at approveit.xaigrowthlab.com (the "Service"). This Privacy Policy explains how we collect, use, and protect your information.

1. Information We Collect

Data you provide: When you use ApproveIt, you may enter business information (company name, contact details), customer information (name, email, phone, address), job descriptions, line items, pricing, signatures, and photos. This data is stored locally on your device using your browser's localStorage.

Gmail access: If you choose to connect your Gmail account, we request permission to send emails on your behalf (gmail.send scope). We also request your email address (userinfo.email scope) to display which account is connected. We do not read, store, or access your existing emails.

No server-side storage: ApproveIt is a client-side application. Your quote data, customer information, signatures, and photos are stored only in your browser's local storage on your device. We do not have access to this data.

2. How We Use Your Information

• Quote creation and management: To build, store, and manage work order quotes on your device.
• PDF generation: To generate downloadable PDF documents of your quotes, processed entirely on your device.
• Email delivery: If you connect Gmail, to send signed quote confirmations to your customers on your behalf using the Gmail API.
• Webhook integration: If you configure a webhook URL, to send quote data to your automation platform (e.g., n8n, Zapier) when a customer signs.

3. Gmail API Usage

ApproveIt's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

• We only request the minimum scopes necessary (gmail.send and userinfo.email).
• We use Gmail access solely to send emails that you explicitly initiate by tapping "Email to Customer."
• We do not read, scan, or store your email content.
• Gmail OAuth tokens are stored only in your browser's local storage and are transmitted to our email-sending service solely to execute the send request you initiated.
• We do not share Google user data with third parties.
• You can disconnect Gmail at any time from the Settings screen, which immediately deletes the stored tokens.

4. Data Storage and Security

All quote data is stored locally on your device in your browser's localStorage. We do not operate a centralized database of user data. Gmail OAuth tokens are stored in your browser's localStorage and transmitted securely via HTTPS when sending emails.

5. Data Sharing

We do not sell, trade, or share your personal information with third parties. Data is only transmitted when:

• You explicitly send an email to a customer (transmitted to Gmail API).
• You configure and use a webhook integration (transmitted to your specified webhook URL).

6. Your Rights

You have full control over your data:

• Access and export: Use the "Export All Data" button in Settings to download all your data as a JSON file.
• Deletion: Use "Clear All Data" in Settings to permanently delete all stored data, or clear your browser's localStorage.
• Gmail disconnection: Tap "Disconnect Gmail" in Settings to remove stored tokens. You can also revoke access at myaccount.google.com/permissions.

7. Cookies and Tracking

ApproveIt does not use cookies, analytics trackers, or any third-party tracking scripts.

8. Children's Privacy

ApproveIt is not intended for use by individuals under the age of 18.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date.

10. Contact

If you have questions about this Privacy Policy, contact us at:

Email: support@xaigrowthlab.com