PPandaza
Get started

Privacy Policy

Draft — pending legal review. Last updated: 2026-06-16.

Pandaza (“Pandaza”, “we”) provides document-reconciliation software. This policy explains what we collect, how we use it, and your rights.

Information we collect

  • Account data: name, email, organization, role.
  • Documents you upload or forward for reconciliation, processed transiently (see below).
  • Usage data: feature usage and aggregate metrics; product analytics (opt-in).

How we handle your documents

Raw documents are processed in an isolated, no-network sandbox and then deleted (zero-retention) — we do not keep your files. We store only non-sensitive summaries (match rate, counts, field names), not the underlying values. Staff have no standing access; any access to a flagged item is just-in-time, reasoned, and audit-logged.

Google user data (Limited Use)

If you connect Google Drive or Gmail, we use the drive.file and gmail.send scopes only to act on the specific files you pick and to send your results. Pandaza’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data to train models, we do not sell it, and it is never read by a human except under break-glass access with your consent.

Sub-processors

  • SupabaseDatabase, auth, storage
  • VercelApp + marketing hosting
  • UpstashQuota + rate limiting (Redis)
  • CloudflareInbound email routing, DNS
  • ResendTransactional + result email
  • SafepayPayments
  • OpenRouterAI model access (onboarding only)
  • SentryError monitoring (optional)
  • PostHogProduct analytics (optional)

Retention

Raw documents: deleted immediately after processing (zero-retention).

Generated report files (downloadable PDF/Excel) are kept for a limited window that depends on your plan, after which the file is removed but its history entry remains: Base 30 days, Trial 90 days, Starter 1 year, Professional 2 years, Enterprise for the life of the contract.

History summaries (match rate, counts, field names — never the underlying values) are retained for your account until you delete them or close your account. You can delete any item, or your whole account, at any time from Settings.

Your rights & choices

Subject to applicable law, you have the right to access, correct, export (portability), and delete your personal data, and to object to or restrict certain processing.

GDPR (EU/Germany): rights under Articles 15–21, and the right to lodge a complaint with your supervisory authority.

CCPA/CPRA (California): the right to know, delete, and correct your personal information, and to opt out of “sale” or “sharing.” We do not sell or share your personal information, and we do not use it for cross-context behavioral advertising.

How to exercise these — all self-serve, no email required:

  • Delete everything: Dashboard → Settings → Organization → “Delete account” permanently erases your organization and all data immediately.
  • Opt out of marketing: Settings → Notifications → turn off “Product updates & tips” (transactional/security emails always send).
  • Cookies: use “Cookie preferences” in the footer to change or withdraw analytics consent at any time.
  • Anything else: email privacy@pandaza.net.

Changes & contact

We’ll post updates here. Questions: privacy@pandaza.net.