Skip to main content

Integrate Google Drive Privacy Policy

Your privacy is very important to us. At SoftLab we have a few fundamental principles that we follow:

  • We don’t ask you for personal information unless we truly need it.
  • We don’t share your personal information with anyone except to comply with the law, develop our products, or protect our rights.
  • We don’t store personal information on our servers.

IMPORTANT: This privacy policy applies only when using our built-in app to authenticate the Application plugin with your Google Drive account. If you configure the Application to use your own app, this policy does not apply, as all data and communication will be managed directly by your server.

This Privacy Policy outlines how the SoftLab (“Application”) and Integrate Google Drive WordPress Plugin (“Plugin”) collects, uses, maintains, and discloses information gathered from users of the Plugin. This policy applies to the Plugin and all related services.

Our privacy policy is structured as follows:

Table of Content

  1. Information about us as controllers of your data
  2. The rights of users and data subjects
  3. Information about the data processing

1. Information about us as controllers of your data

The party responsible for this application (the “controller”) for purposes of data protection law is:

softlabbd.com
6610. Pbana
Dhaka, Bangladesh
[email protected]

2. The rights of users and data subjects

With regard to the data processing to be described in more detail below, users and data subjects have the right

  • to confirmation of whether data concerning them is being processed, information about the data being processed, further information about the nature of the data processing, and copies of the data (cf. also Art. 15 GDPR);
  • to correct or complete incorrect or incomplete data (cf. also Art. 16 GDPR);
  • to the immediate deletion of data concerning them (cf. also Art. 17 DSGVO), or, alternatively, if further processing is necessary as stipulated in Art. 17 Para. 3 GDPR, to restrict said processing per Art. 18 GDPR;
  • to receive copies of the data concerning them and/or provided by them and to have the same transmitted to other providers/controllers (cf. also Art. 20 GDPR);
  • to file complaints with the supervisory authority if they believe that data concerning them is being processed by the controller in breach of data protection provisions (see also Art. 77 GDPR).

In addition, the controller is obliged to inform all recipients to whom it discloses data of any such corrections, deletions, or restrictions placed on processing the same per Art. 16, 17 Para. 1, 18 GDPR. However, this obligation does not apply if such notification is impossible or involves a disproportionate effort. Nevertheless, users have a right to information about these recipients.

Likewise, under Art. 21 GDPR, users and data subjects have the right to object to the controller’s future processing of their data pursuant to Art. 6 Para. 1 lit. f) GDPR.

3. Information about the data

Server data

For technical reasons, the following data sent by your internet browser to us or to our server provider will be collected. These server log files record:

  • the type and version of your browser,
  • operating system,
  • the date and time of your visit,
  • the IP address from which you visited our site.
  • the short lived authorization code generated by the OAuth flow.

The data thus collected will be temporarily stored, but not in association with any other of your data. We carry out no processing on this information and it is not shared with any third party.

The basis for this storage is Art. 6 Para. 1 lit. f) GDPR. Our legitimate interest lies in the improvement, stability, functionality, and security of our website.

The data will be deleted within no more than seven days, unless continued storage is required for evidentiary purposes. In which case, all or part of the data will be excluded from deletion until the investigation of the relevant incident is finally resolved.

Plugin Authorization flow (OAuth)

Use of the Application involves visiting our authentication server (website) as part of the authentication (OAuth) flow to provide the Application access to the Google Drive API. The Application obtains the following information when you use the built-in app for authentication and link the Application with your Google Drive Account:

  • Your WordPress website address.
  • A short lived authorization code generated by the OAuth flow.

This information is obtained and used after you decide to grand the Application the requested access via the Google OAuth consent screen. After giving the consent, you will be redirected to the server of wpmilitary.com which will redirect you back to your own site where the authorization process is finalized.
This redirect via the server of wpmilitary.com is required for any easy plugin setup where you don’t need to create your own Google App which also allows you to set your own Authorized redirect URI.

On your own server, the short-lived authorization code will be exchanged for the actual access token and refresh token which are stored, encrypted, on your server. The authorization code can only be used once and will immediately become inactive after it has been exchanged for the access token or within minutes if it is not used.

IMPORTANT: When you use the Application, all other communications are strictly between your server and the cloud storage service servers. The communication is encrypted and the communication will not go through WP Cloud Plugins servers. We do not collect and do not have access to your files.

Google Permissions for OAuth Integration

During the standard OAuth authorization flow, users are required to grant specific permissions to ensure the seamless operation of the Application. We encourage users to refer to the respective privacy policies for a detailed understanding of data handling practices. The following details the permissions granted and their associated scopes:

  • Google Drive API: Users grant the Application the ability to see, edit, create, and delete all files within their Google Drive. The specified scope is necessary for the comprehensive integration of Google Drive functionalities with the Application. Refer to the Application’s privacy policy for specific details on how this access is employed.

Do third parties see and/or have access to information obtained by the Application?

We will share your information with third parties only in the ways that are described in this privacy statement:

  • as required by law, such as to comply with a subpoena, or similar legal process;
  • when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request;

Data Access Disclosures

Google Drive Integration:

  • The Plugin requests access to your Google account to facilitate file integration and synchronization. This access includes viewing, editing, creating, and deleting all files within your Google Drive, necessary for the comprehensive integration of Google Drive functionalities.

OAuth Integration:

  • The Plugin utilizes OAuth for secure authentication. During this process, specific information such as your WordPress website address, application license code, and a short-lived authorization code is collected.

Information Sharing and Disclosure

The Plugin does not sell, trade, or rent users’ personal information to third parties. However, information may be shared in the following instances:

  1. Consent: With the explicit consent of the user for specific purposes.
  2. Legal Requirements: If required by law or in response to a valid legal request.

Data Retention and Deletion

We understand the importance of maintaining user privacy and are committed to adhering to data retention and deletion practices. Below outlines our policies regarding the retention and deletion of Google user data:

  • Retention: We retain Google user data only for the duration necessary to fulfill the purposes outlined in our services. This may include providing access to integrated Google Drive functionality and ensuring the seamless operation of our application.
  • Deletion: Upon the completion of the purposes for which the Google user data was collected or if requested by the user, we will promptly delete the relevant data from our systems. Users can request data deletion by contacting us through the provided contact information below.

Children

We do not use the Application to knowingly solicit data from or market to children under the age of 18. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at [email protected]. We will delete such information from our files within a reasonable time.

Security

We are concerned about safeguarding the confidentiality of your information. We provide physical, electronic, and procedural safeguards to protect the information we process and maintain. For example, we limit access to this information to authorized employees who need to know that information in order to operate, develop or improve our Application. Please be aware that, although we endeavor to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.

Changes

This Privacy Policy may be updated from time to time for any reason. We will notify you of any changes to our Privacy Policy by posting the new Privacy Policy on this page. You are advised to consult this Privacy Policy regularly for any changes, as continued use is deemed approval of all changes.

Your Consent

By using the Application, you are consenting to our processing of your information as set forth in this Privacy Policy now and as amended by us. “Processing,” means using or touching information in any way, including, but not limited to, collecting, storing, deleting, using, combining, and disclosing information in ways needed to ensure the proper functionality of the Application and as described in this Privacy Policy.

Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at [[email protected]].

By using the Integrate Google Drive WordPress Plugin, you agree to the terms outlined in this Privacy Policy.

Last Updated: June 24, 2024