Your privacy and the security of your data are paramount to us. This policy transparently outlines how the Auto Merge Sheet Add-On accesses, uses, and protects your Google™ user data. 

The Add-on integrates with your Google™ Workspace environment to provide its core functionalities. It accesses specific Google user data only when you use the Add-on and strictly for the purposes described below. We adhere to Google's API Services User Data Policy, including the Limited Use requirements.

The Add-on utilizes the following Google OAuth 2.0 scopes:

• https://www.googleapis.com/auth/spreadsheets.currentonly —Accesses only the current spreadsheet where the Add-on is active. Used to read the specified data from source sheets, write the final merged data to the target sheet.

• https://www.googleapis.com/auth/script.container.ui —to display user interface components, such as sidebars and custom menus within Google Sheets, enabling user to configure settings and initiate actions.

• https://www.googleapis.com/auth/drive.file — Accesses only files and folders explicitly chosen by user through the Google Picker interface. To discovering and listing Google Sheets files within a user-specified source folder for merging. 

• https://www.googleapis.com/auth/userinfo.email —allows the Add-on to identify your Google account's email address. This email is used as a unique identifier to associate your usage and subscription status. 

• https://www.googleapis.com/auth/script.external_request —Allows the Add-on to create outbound network connections using the UrlFetchApp service. This permission is used for communicating with external, non-Google services (such as third-party payment processors) and for internal REST API calls to Google Cloud services (like Firebase) that require Service Account authentication.

Local Processing: Your spreadsheet content and Drive file information are processed only locally within your Google account's environment during your active use of the Add-on.

Core Functionality: The data is used solely to:

• Merge data from multiple source sheets into a target sheet.

• Determine and manage your subscription status for feature access.

No External Servers for Content Data: The Add-on does not transmit, store, or share your actual spreadsheet content or Drive file data on any external servers or with any third-party services outside of your Google account. All merging, processing, and backup creation happen within Google's secure infrastructure.

We are committed to protecting your sensitive data. Our data protection mechanisms include:

• Data Residency within Google's Infrastructure: All sensitive user data (spreadsheet content, Drive files) accessed by the Add-on remains within your Google account and Google's secure cloud infrastructure. It is not copied or transferred to our external servers.

• Google's Security Standards: We leverage Google's robust security measures, including:

  • Encryption at Rest: Your data stored in Google Drive and Google Sheets is encrypted by Google.

  • Encryption in Transit: All communication between your browser, Google Sheets, Apps Script, and Google's APIs is encrypted using industry-standard TLS/SSL protocols.

  • Access Controls: Access to your data is strictly controlled by Google's OAuth 2.0 framework, ensuring the Add-on can only perform actions you have explicitly authorized.

• • No Direct Access to Content Data: As developers, we do not have direct, programmatic access to your spreadsheet content or Drive files. All operations on this data are performed by the Add-on within your Google environment.

  • Subscription Data Access: We maintain a Firestore database containing only your subscription status (e.g., trial start, premium status, plan ID, payment dates, and your sanitized email as a document ID). This data is accessed only for billing, subscription management, and support purposes. Access to this database is restricted to authorized personnel and is secured via Google Cloud IAM policies.

  • Support Access (User Initiated): In rare cases, if you request technical support for an issue that requires us to inspect logs or certain script properties, we may, with your explicit consent, temporarily access limited diagnostic information. This access is strictly for troubleshooting the reported issue and is immediately revoked upon resolution. We will never access your actual spreadsheet content or Drive files for support purposes without your direct, explicit instruction and presence.

No Sharing with Third Parties: We do not share, sell, or rent your Google user data with any third parties. 

• User Content Data: The Add-on does not retain any of your spreadsheet content or Drive file data on its own servers. All such data resides within your Google Drive and Google Sheets, subject to Google's data retention policies.

• Subscription Status Data: Your subscription status data (email, trial/premium status, plan details, dates) is stored in our Google Cloud Firestore database for the duration of your active subscription and for a reasonable period thereafter for billing, support, and analytical purposes, in accordance with applicable laws. You can request deletion of this data by contacting us.

You retain full control over your Google user data:

• You can manage or delete your spreadsheets and Drive files directly within Google Drive.

• You can revoke the Add-on's access to your Google account at any time by visiting your Google Account's "Third-party apps with account access" page (https://myaccount.google.com/connections). Revoking access will disable the Add-on's functionality.

• You can uninstall the Add-on from Google Sheets at any time.

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal reasons. We will notify you of any significant changes by updating the "Last Updated" date at the top of this policy and, where appropriate, through the Google Workspace Marketplace.