🔒 Privacy Policy
Effective Date: December 2, 2024
Last Updated: December 2, 2024
1. Introduction
SheetGPT ("we," "our," or "us") is a Chrome extension that provides AI-powered assistance for Google Sheets. This Privacy Policy describes how we collect, use, store, and protect your personal information when you use our extension.
By using SheetGPT, you agree to the collection and use of information in accordance with this policy.
3. Information We Collect
3.1 Personal Information
- Google Account Email: We collect your email address when you authenticate via Google OAuth. This is required to access the Google Sheets API on your behalf.
- Telegram User ID: If you choose to link your account via our Telegram bot, we store your Telegram user ID and username for license management and support purposes.
3.2 Spreadsheet Data
- Cell Data: When you use AI commands, we temporarily process the content of your active spreadsheet (cell values, column names, formulas) to generate results.
- Important: Spreadsheet data is processed in real-time and is NOT permanently stored on our servers. Data is only held in memory during request processing and immediately discarded after.
3.3 Usage Information
- Query Count: We track the number of AI queries you make to enforce rate limits (10 queries/day for free users, unlimited for PRO subscribers).
- Subscription Status: We store your subscription tier (Free or PRO) and expiration date.
- License Key: A unique identifier generated for your account to manage access.
3.4 Technical Information
- We do not collect IP addresses, device information, or browsing history.
- Google OAuth handles authentication; we receive only the access token and email.
4. How We Use Your Information
- Provide Services: To authenticate you with Google Sheets API and process your AI commands.
- Manage Subscriptions: To track your usage limits and subscription status.
- Customer Support: To respond to your support requests via Telegram or email.
- Service Improvement: To analyze aggregated, anonymized usage patterns (e.g., popular query types) to improve our AI models.
We do NOT:
- Store your spreadsheet data permanently
- Share your data with third parties for marketing purposes
- Use your data to train AI models (OpenAI's API does not use customer data for training)
- Sell your personal information
5. Data Storage and Security
5.1 What We Store
- Email address (encrypted)
- License key (hashed)
- Query count and reset date
- Subscription tier and expiration date
- Telegram ID (if linked)
5.2 What We Do NOT Store
- Spreadsheet content or cell values
- Formulas or data you process
- Query text or AI responses
5.3 Security Measures
- All communications use HTTPS/TLS encryption
- Database credentials are encrypted at rest
- Access to servers is restricted and logged
- We use Railway.app for hosting with industry-standard security
6. Third-Party Services
6.1 Google OAuth & Sheets API
We use Google OAuth 2.0 for authentication and Google Sheets API to read/write spreadsheet data. This is governed by Google's Privacy Policy.
- Scopes Used:
https://www.googleapis.com/auth/spreadsheets (read and write access to Google Sheets)
- Purpose: To execute your AI commands on the active spreadsheet
6.2 OpenAI API
We use OpenAI's GPT models to process your natural language queries. According to OpenAI's API Data Usage Policy, data sent via API is not used to train or improve their models.
- Spreadsheet data is sent to OpenAI only during active query processing
- OpenAI retains API data for a maximum of 30 days for abuse monitoring, then deletes it
6.3 Railway.app (Hosting)
Our backend is hosted on Railway.app. They provide infrastructure but do not access our application data.
7. Data Retention
- Account Data: Stored as long as you use the extension. Deleted within 30 days of account deletion request.
- Spreadsheet Data: Processed in real-time and immediately discarded (not stored).
- Logs: System logs (errors, performance metrics) are retained for 7 days for debugging purposes.
8. Your Rights and Choices
8.1 Access and Deletion
- Request Data Export: Email us to receive a copy of your stored data (email, subscription status, usage count).
- Delete Your Account: Contact us to permanently delete your account and all associated data.
8.2 Revoke Access
- Google OAuth: You can revoke access anytime via Google Account Permissions.
- Uninstall Extension: Simply remove the extension from Chrome to stop all data processing.
8.3 Opt-Out of Telegram
- You can use the extension without linking your Telegram account. Telegram integration is optional.
9. Children's Privacy
SheetGPT is not intended for users under the age of 13. We do not knowingly collect personal information from children. If we discover that a child under 13 has provided us with personal information, we will delete it immediately.
10. International Data Transfers
Our servers are located in the United States (via Railway.app). By using SheetGPT, you consent to the transfer of your data to the U.S. We comply with applicable data protection laws, including GDPR for European users.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Continued use of the extension after changes constitutes acceptance of the new policy.
12. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), we process your data under the following legal bases:
- Consent: By using the extension, you consent to data processing as described.
- Contractual Necessity: Processing is necessary to provide the service you requested.
- Legitimate Interest: We have a legitimate interest in preventing abuse and improving our service.
SheetGPT - AI Assistant for Google Sheets
© 2024 Kirill Pogorelyy. All rights reserved.