Oinc
What Oinc collects
Oinc stores account profile details, sign-in session metadata, derived financial records, and Gmail sync state that is required to power the product surfaces you explicitly enable.
When you connect Gmail, Oinc requests the narrow gmail.readonly scope and uses it to detect finance-related messages, review eligible receipts, statements, and finance PDFs, extract structured fields such as merchant, amount, due date, account last-4, and statement period, and maintain the inbox and dashboard workflows you can review in the app.
How Gmail and derived data are handled
Refresh tokens are stored encrypted at rest, provider revocation is attempted when you disconnect Gmail, and privacy export packages exclude raw Gmail content plus stored secrets.
Operational logging is structured and redacted. Successful Gmail classification and verification prune raw subject, sender, snippet, and body fields immediately, and any remaining raw message content falls back to a 1-day retention window instead of becoming a long-lived mailbox replica.
If a finance email includes a statement, receipt, or similar PDF or image attachment, Oinc may download that file, extract the document fields needed for the visible workflow, and link the resulting transaction or document summary back to your account.
When Gmail-powered extraction runs, Oinc sends only the minimized finance-related fields required for the visible feature to approved external AI processors through controlled routes. The current reviewed processors are OpenRouter-managed calls pinned to OpenAI and Google Vertex AI with deny-collection and zero-data-retention controls enabled.
Oinc shares, transfers, or discloses Google user data only to service providers and processors that help operate the user-facing product features you enable, including secure hosting, database, storage, logging, authentication, notification, support, and the approved AI processing routes described above.
Raw prompt text and raw model responses are not retained in Oinc's normal observability path. Privacy export packages include derived transaction history, durable financial document metadata, and extracted document text, but exclude raw Gmail content, encrypted Gmail secrets, stored password secrets, and password HMAC values used during document processing.
Oinc does not use Gmail-derived data for ads, broad profiling, marketing enrichment, or shared-model training. Gmail-derived data stays limited to user-facing finance workflows, security operations, and the short-lived diagnostics documented in the repository compliance inventory.
Your controls
Signed-in users can review privacy status, request an account deletion window, cancel a pending deletion, and request an export of their account data from the in-product privacy surfaces.
Deletion requests place the account into a read-only state while the grace period is active so you can review or reverse the request before the final purge runs.
Disconnecting Gmail stops future sync, clears Oinc's stored Gmail token material for that connection, and asks Google to revoke the provider grant. Imported finance history, including derived transactions, merchants, and document summaries, remains in your account until you reconnect, export it, or complete account deletion.
Dominican Republic privacy rights
For Dominican Republic Ley No. 172-13 privacy rights, Oinc Labs, LLC is responsible for deciding how personal data is processed in Oinc. You can contact Oinc Labs, LLC at admin@oinc.app or at 30 N Gould St, STE R, Sheridan, WY 82801, USA.
Verified users can request access, rectification, update, suppression, deletion, or Gmail disconnect support through admin@oinc.app and in-product controls. Routine account deletion keeps the configured recovery window; verified legal suppression requests can be escalated through admin export, forced logout, and immediate deletion.