Privacy Policy
The privacy of your data — and it is your data, not ours! — is a big deal to us. In this policy, we lay out: what data we collect and why; how your data is handled; and your rights to your data.
This website's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
We use Replit database to temporarily store your Access Token. We delete it after 60mins since your last activity or when you logout. They are completely private and isolated. Refer Replit docs for more info https://docs.replit.com/hosting/databases/replit-database#is-my-database-private
What we collect and why
Our guiding principle is to collect only what we need. Here’s what that means in practice:
Identity & access
When you sign up for a gdriveaudit.com product, we collect identifying information such as your name, email address, access token from your google account. That’s just so we can personalize your new account and fetch required drive files and folder names & their permissions metadata. We also use profile picture that displays in our products, but we do not normally look at or access that picture. We won’t use your name or company in marketing statements without your permission either. If our website goes down for any reason, you can still revoke access to our app from your google account by visiting https://myaccount.google.com/permissions, scroll to the bottom, click on 'Delete all connections you have with File Access Audit for Drive' card and click 'Confirm'.
Data Storage
We do not store any of your confidential data in a persistent storage like hard disks or databases. We do store your google drive access token to fetch the results. These records are deleted on Logout. If you forget to logout, this access token is by default invalidated after 60 mins of generation. After which we do not have access to your google drive files/folders. If you would like to delete the access token from our database immediately, then you need to login again and click 'Logout'. Results are rendered directly in your browser. Your sessions only last for 60 mins from your last interaction with the website.
The reason we require full access to your google drive is because when you request a scan, we need to iterate over each file/folder to check if it has been shared with anyone. We cannot see this data as it is not being stored and the output of such processing is directly displayed on your webpage. What you see on that webpage is the only data we process. It means that when we scan the files/folders to provide you the requested results, we just process the File Name, File Created Date, File Modifed Date & Email ID of users you have shared it with. All the aforementioned details are displayed just for the user to easily identify the files/folders and the users it has been shared with. We do not store any of this data and do not run any form of analytics on it.
Geolocation data
We do not log any data except application requests for access & error monitoring. For more details on our hosting sub-processor: Replit, Cloudflare & Google Analytics. They may log full IP addresses used to access our website.
Website interactions
When you browse our marketing pages or applications, your browser automatically shares certain information such as which operating system and browser version you are using. Our sub-processor: Replit, Cloudflare & Google Analytics may track such information, along with the pages you are visiting, page load timing, and which website referred you for statistical data only.
Voluntary correspondence
When you write gdriveaudit.com with a question or to ask for help, we keep that correspondence, including the email address, so that we have a history of past correspondences to reference if you reach out in the future.
We also store any information you volunteer like surveys. Sometimes when we do customer interviews, we may ask for your permission to record the conversation for future reference or use. We only do so if you give your express consent.
Information we do not collect
We don’t collect any characteristics of protected classifications including race, religion, sexual orientation & gender expression. You may provide these data voluntarily, such as if you include a pronoun preference in your email signature when writing into our Support team.
We also do not collect any biometric data. We use your google account profile picture for your easy recognition of your own account & to make user interface more plesasing. We do not extract any information from profile pictures: they are for your use alone.
How we approach permissions
By default, we have access to the network to ensure the app can connect to and communicate with the Internet. We ask for google account permission while registering via your account, so that you can decide if you want to grant access. By registering and granting access to our app, you provide us the credentials to access private information from your account which includes complete access to your google drive files & folders with read & write permissions.
We do not use these information for anything other than providing you an easy to use interface to manage your shared files/folders by revoking unwanted permissions to file particiapnts thereby protecting your data. We do not store or share this information with anyone else.
It’s impossible for our apps to try to use a sensitive feature without requesting access explicitly from you, so you’ll always know exactly when and what we’re requesting. You will never be required to grant any permission (although a given feature may not work or work well without it).
When we access or share your information
Our default practice is to not access your information. The only times we’ll ever access or share your info are:
To provide products or services you’ve requested. We do use some third-party services to run our applications and only to the extent necessary process some or all of your personal information via these third parties. Having third-parties means we are using technology to access your data. No gdriveaudit.com human looks at your data for these purposes unless an error occurs that stops an automated process from working and requires manual intervention to fix. These are rare cases and when they happen, we look for root cause solutions as much as possible to avoid them from reoccurring.
To help you troubleshoot or squash a software bug, with your permission: If at any point we need to access your account to help you with a Support case, we will ask for your consent before proceeding.
To investigate, prevent, or take action regarding restricted uses: Accessing a customer’s account when investigating potential abuse is a measure of last resort. We have an obligation to protect the privacy and safety of both our customers and the people reporting issues to us. We do our best to balance those responsibilities throughout the process. If we do discover you are using our products for a restricted purpose, we will report the incident to the appropriate authorities.
When required under applicable law.
Finally, we do not store any email id's of our users who have signed into our wbesite. This makes it immposible for us to update you when we change how the website works or changes in our privacy policy.
How we secure your data
All data is encrypted via SSL/TLS when transmitted between our servers and your browser.
Location of website and data
Our products and other web properties are operated by our sub-processors: Replit, Cloudflare & Google Analytics. If you are located in the European Union, please be aware that any information you provide to us will be transferred as per their policy. By using our website, participating in any of our services and/or providing us with your information, you consent to this transfer.