Effective Date: January 18, 2026
This Privacy Policy explains how Sledge collects, uses, shares, and protects information when you use our software platform, websites, applications, and integrations, which we refer to as the Services. By using the Services, you agree to the practices described in this Privacy Policy.
This Privacy Policy applies to information we collect through the Services, through communications with you such as support requests, and from third-party platforms and integrations that you choose to connect to Sledge. This Privacy Policy does not apply to third-party services that operate independently of Sledge and have their own privacy practices.
When you use Sledge, you may provide information directly to us. This includes account information such as your name, email address, phone number, business name, and role. It includes authentication information such as login credentials and security tokens, which are stored securely. It includes billing and payment information, which is processed by secure third-party payment processors. It includes business content such as invoices, documents, files, and related metadata that you upload or submit through the Services. It also includes communications such as support requests, feedback, and inquiries you send to us.
When you use the Services, we automatically collect certain information. This may include your IP address, device type, approximate location, browser type, operating system, usage activity, performance logs, error reports, and diagnostic data. We also use cookies and similar technologies to maintain sessions, remember preferences, enhance security, analyze usage, and improve performance. You can control cookies through your browser settings, but disabling cookies may affect how the Services function.
If you connect third-party services to Sledge, we may access information made available through those integrations. This may include email data such as message metadata, attachments, sender and recipient information, and timestamps; accounting and financial data such as company profiles, vendors, customers, transactions, and records; integration configuration data such as sync status and timestamps; and access tokens required to maintain secure connections.
We only access data that you explicitly authorize. You are responsible for ensuring that you have the legal right and permission to share any data with Sledge, including data related to employees, contractors, vendors, or customers.
We store onboarding progress, preferences, and integration settings needed for the Services to operate properly.
We use the information we collect to operate and maintain the Services, authenticate users and secure accounts, enable integrations and user-requested workflows, process invoices, documents, and business records, manage billing and subscriptions, improve functionality and reliability, prevent misuse and fraud, communicate with you about updates and support, and comply with legal and regulatory obligations.
We do not sell personal information.
Depending on the context, Sledge may act as a data controller or a data processor. We act as a data controller for account administration, billing, marketing communications, and Service operations. We act as a data processor for customer content and integrated data that we process on your behalf according to your instructions. Customers remain responsible for determining how their business data is used within the Services.
Sledge integrates with third-party platforms and services at the direction of users, including Google services (Gmail, Google OAuth, Google Maps), Microsoft services (Outlook, Exchange, Microsoft Entra ID), and accounting platforms (Intuit QuickBooks).
Sledge's use and transfer of information received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.
When you connect your Gmail account, Sledge requests the following OAuth permissions:
Google user data accessed through these permissions is used solely to provide the invoice processing features you explicitly authorize. We do not sell Google user data, do not use it for advertising, do not use it to train AI or machine learning models, and do not share it with third parties except as necessary to operate the Services. Access to Google user data is restricted to authorized engineering and data processing systems operating under least-privilege access controls. Google user data is retained only while your Gmail integration is active and is deleted within 30 days of disconnecting the integration or closing your account, except where retention is required by law.
Users may revoke Sledge's access to Google data at any time through their Google Account permissions or through your Sledge account settings under Integrations.
Sledge uses the Google Maps Platform APIs (Places API, Geocoding API) to look up and validate vendor and customer address information. When you enter or process an address, that address string is sent to Google's servers to return structured location data, coordinates, and place details. No personal user account data is transmitted to Google Maps; only address queries initiated by you or derived from documents you submit are used. This data is governed by Google's Privacy Policy.
When you connect your Microsoft Outlook account, Sledge requests the following permissions:
Microsoft data accessed through these permissions is used only to provide the invoice processing features you authorize. It is not sold, not used for advertising, and not used to train AI or machine learning models. You may revoke access at any time through your Microsoft account settings or your Sledge Integrations settings.
When you connect QuickBooks, Sledge requests the com.intuit.quickbooks.accounting scope, which provides access to your QuickBooks company's accounting data including vendors, customers, bills, and transactions. This data is used solely to sync invoice records, vendors, and financial data between Sledge and QuickBooks as you direct. It is not sold, not used for advertising, and not shared with unrelated third parties. You may revoke access through your Intuit account settings or your Sledge Integrations settings.
For all third-party integrations, data is used only to provide the specific Services you request, is not sold, is not used for advertising or AI/ML training, and access is restricted to authorized systems and personnel. You may revoke any integration at any time through your Sledge account settings or the connected platform's permission settings.
The Services use automated systems and AI-assisted processing to analyze documents, extract information, classify and organize data, and generate structured outputs. Automated results may contain errors. You are responsible for reviewing and validating outputs before relying on them for business, financial, or legal decisions.
We share information with trusted service providers that help operate the Services, such as cloud hosting providers, infrastructure and database providers, AI and data processing providers, payment processors, email and notification services, and integration partners you authorize. These providers may use information only as necessary to provide services to Sledge and are subject to confidentiality and security obligations.
If Sledge is involved in a merger, acquisition, or sale of assets, information may be transferred as part of that transaction and will remain protected under appropriate agreements.
We may disclose information when required by law or to protect the rights, safety, and security of Sledge, our users, or others.
We retain information for as long as necessary to provide the Services, fulfill contractual obligations, comply with legal, accounting, and regulatory requirements, resolve disputes, and enforce agreements.
We use industry-standard security measures to protect information, including encryption in transit and at rest, access controls, least-privilege policies, network security protections, monitoring, and ongoing security reviews. No system is completely secure, but we take reasonable steps to safeguard your data.
We use cookies and similar technologies to maintain user sessions, remember preferences, enhance security, analyze usage, and improve performance. You can control cookies through browser settings, though disabling cookies may affect functionality.
The Services are operated from the United States. If you access the Services from outside the United States, your information may be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction.
You are responsible for obtaining appropriate permissions to share data with Sledge, complying with applicable privacy and data protection laws, and reviewing automated outputs before relying on them.
You may update your account information, disconnect integrations, or request deletion of your account. Certain information may be retained if required by law or for legitimate business purposes.
The Services are intended for business use only and are not directed to individuals under the age of 18. We do not knowingly collect information from children.
The Services may link to or integrate with third-party services. Sledge does not control those services or their privacy practices. You should review their policies separately.
We may update this Privacy Policy from time to time. Updates will be posted on this page, and continued use of the Services after an update constitutes acceptance of the revised policy.
If you have questions about this Privacy Policy or our data practices, you can contact us at support@getsledge.com.