Aller au contenu principal

Google OAuth Verification Form - English Responses

This document contains all the English text responses ready to copy-paste for the Google OAuth verification form, specifically for the "Data Access" section.

πŸ“‹ Overview​

Application Name: Aaperture
Scopes Used: profile, email, https://www.googleapis.com/auth/calendar.events.owned, https://www.googleapis.com/auth/calendar
Sensitive Fields: None

πŸ” Data Access Section​

1. What user data do you access?​

Response:

Our application accesses the following Google user data through OAuth 2.0:

**Profile Information (OAuth scopes: profile, email):**
β€’ Display name (full name)
β€’ Email address
β€’ Profile picture URL
β€’ Unique Google user identifier (Google ID)
β€’ Language preferences (locale settings)

**Google Calendar Data (OAuth scopes: https://www.googleapis.com/auth/calendar.events.owned + https://www.googleapis.com/auth/calendar):**
β€’ Read access: view calendar events created by our application, including event titles, descriptions, dates, times, and attendees
β€’ Write access: create new calendar events, modify existing events, and delete events related to photography sessions scheduled through our application
β€’ Calendar metadata: calendar names, calendar IDs, and timezone information (only for calendars containing events created by our application)

**OAuth Tokens:**
β€’ Access tokens: temporary tokens that allow our application to make API calls to Google services on your behalf
β€’ Refresh tokens: long-lived tokens used to obtain new access tokens when they expire

**Important Note:**
We use the restrictive `calendar.events.owned` scope for event data access and request the broader `calendar` scope solely to create/manage a dedicated "Aaperture" calendar in the user's account. We never read or modify events outside of those created by our application.

2. Why do you need this data?​

Response:

We use Google user data exclusively for the following specific purposes within our application:

**Profile Information Usage:**
β€’ Account Creation: using display name, email address, and profile picture to automatically create and populate user accounts in our application
β€’ User Identification: using unique Google identifier to link Google accounts to application accounts for authentication purposes
β€’ Localization: using language preferences (locale) to set the default language interface of the application
β€’ Account Management: displaying user name and profile picture in the application interface for personalization

**Google Calendar Data Usage:**
β€’ Session Scheduling: creating calendar events in the user's Google Calendar for scheduled photography sessions, including event title, date, time, location, and description
β€’ Calendar Synchronization: reading calendar events created by our application to check for availability and prevent scheduling conflicts
β€’ Event Management: modifying calendar events when session details change (date, time, location updates)
β€’ Event Viewing: displaying calendar events created by our application within the application to help users manage their photography schedule

**OAuth Tokens Usage:**
β€’ API Authentication: using access tokens to authenticate API requests to Google Calendar API
β€’ Token Refresh: using refresh tokens to obtain new access tokens when they expire, ensuring continuous service availability

**What We Do NOT Do:**
β€’ We do NOT use Google data for advertising, marketing, or promotional purposes
β€’ We do NOT analyze Google data for behavioral profiling or user analytics
β€’ We do NOT share Google data with third-party advertisers or marketing companies
β€’ We do NOT use Google data for any purpose other than providing the core application features described above
β€’ We do NOT access events created by other applications or users

3. How do you use this data?​

Response:

**Data Processing:**

1. **Profile Information:**
   - Stored in our database to create and manage user accounts
   - Used for authentication and user identification
   - Displayed in the application interface for personalization
   - Processed in accordance with our privacy policy

2. **Google Calendar Data:**
   - Events created by our application are stored as metadata (title, date, time, location)
   - We do NOT store the full content of calendar events
   - Calendar events are synchronized with Google Calendar in real-time
   - Users can view and manage events both in our application and in their Google Calendar

3. **OAuth Tokens:**
   - Encrypted with AES-256-GCM before storage in our database
   - Used only for API authentication to Google Calendar
   - Automatically refreshed when expired
   - Deleted immediately when user revokes access

**Data Storage:**
β€’ All sensitive data (OAuth tokens) is encrypted at rest using AES-256-GCM
β€’ Profile information is stored in our PostgreSQL database with access controls
β€’ Calendar event metadata is stored in our database for application functionality
β€’ No data is stored on local devices or unsecured files

**Data Transmission:**
β€’ All API calls to Google services use HTTPS/TLS 1.2+
β€’ OAuth tokens are transmitted securely
β€’ No intermediate storage of sensitive data

4. How do you protect this data?​

Response:

We implement comprehensive security measures to protect Google user data:

**Data Storage:**
β€’ All OAuth tokens (access tokens and refresh tokens) are encrypted at rest using AES-256-GCM encryption
β€’ Encryption key: 32 bytes (256 bits) derived via scrypt with random salt
β€’ Tokens stored in encrypted database fields to prevent unauthorized access
β€’ Profile information stored in our PostgreSQL database with access controls
β€’ No local storage of sensitive data

**Access Control:**
β€’ Limited Access: Only our application's backend systems have access to Google tokens, and only for authorized operations (authenticating API requests to Google Calendar API)
β€’ No Human Access: Our employees, contractors, or administrators do not have direct access to Google tokens or can view them in plain text
β€’ Role-Based Access: Database access is restricted to authorized application services only

**Secure Transmission:**
β€’ HTTPS/TLS: All communications between our application and Google APIs use HTTPS/TLS encryption (TLS 1.2 or higher)
β€’ Secure API Calls: All API requests to Google Calendar API are made over encrypted connections
β€’ Token Transmission: OAuth tokens are never transmitted over unencrypted connections

**Authentication Security:**
β€’ OAuth 2.0 Protocol: We use Google's standard OAuth 2.0 authentication protocol
β€’ Token Expiration: Access tokens automatically expire after 1 hour and are securely renewed using refresh tokens
β€’ Revocation Support: If users revoke access from their Google Account settings, we immediately stop using tokens and delete them from our database

**Security Monitoring:**
β€’ Audit Logging: All access to Google data is logged in our audit system for security monitoring
β€’ Anomaly Detection: We monitor for unusual patterns in API usage that might indicate unauthorized access
β€’ Regular Security Updates: Our systems are regularly updated with security patches and improvements

5. Do you share this data with third parties?​

Response:

**We do NOT share your Google user data with any third parties.**

Your Google data, including:
β€’ OAuth access tokens and refresh tokens
β€’ Profile information (name, email, picture, Google ID)
β€’ Google Calendar data (events created by our application, calendar information)

...is stored securely in our database and used exclusively by our application to provide the services you have requested. We do not transfer, sell, rent, lease, or provide your Google data to any third-party companies, services, or individuals.

**No Third-Party Sharing:**
β€’ We do NOT share your Google data with advertising networks, marketing companies, or data brokers
β€’ We do NOT share your Google data with analytics services, tracking services, or behavioral analysis platforms
β€’ We do NOT share your Google data with cloud service providers beyond what is necessary for hosting our application infrastructure
β€’ We do NOT share your Google data with any business partners, affiliates, or subsidiaries

**Limited Exceptions (Legal Requirements Only):**
The only circumstances under which we may be required to disclose your Google data are:
β€’ **Legal Obligations**: If required by law, court order, or government regulation, we may be legally obligated to disclose information to competent legal authorities. In such cases, we will only disclose the minimum amount of information required by law.
β€’ **Protection of Rights**: In the event of suspected violation of our Terms of Use, fraud, or illegal activity, we may disclose information to legal authorities or law enforcement agencies to protect our rights and the rights of other users.

**Data Processing Services:**
Our application uses the following infrastructure services that may process your Google data as part of providing our service:
β€’ **Database Hosting**: Your Google data (tokens, profile information) is stored in our PostgreSQL database hosted on secure servers
β€’ **Cloud Storage**: Profile pictures downloaded from Google are stored in Cloudflare R2 (S3-compatible storage) for performance optimization

These services act as data processors under our strict instructions and are contractually bound to protect your data. They do not have independent rights to use your Google data for their own purposes.

**We do not sell, rent, lease, or monetize your Google data in any way, shape, or form.**

6. Sensitive Application Fields​

Response:

**None. No sensitive application fields are used.**

Our application uses only the following OAuth scopes:
β€’ `profile` - Basic profile information (non-sensitive)
β€’ `email` - Email address (non-sensitive)
β€’ `https://www.googleapis.com/auth/calendar.events.owned` - Calendar events created by our application only (non-sensitive)
β€’ `https://www.googleapis.com/auth/calendar` - Required to create and manage the dedicated "Aaperture" calendar within the user's account

We use the restrictive `calendar.events.owned` scope for event data so we only read/write events created by Aaperture. The broader `calendar` scope is used strictly to create, verify, or delete the dedicated Aaperture calendar containerβ€”without it the Google Calendar API does not allow us to create a separate calendar for the user's photography sessions.

**No sensitive data is accessed:**
β€’ No access to emails (Gmail API removed)
β€’ No access to contacts
β€’ No access to health data
β€’ No access to financial data
β€’ No access to precise location
β€’ No access to all calendar events (only those created by our application)

7. Data Retention and Deletion​

Response:

**Data Retention Policy:**

We retain your Google user data according to the following policy:

β€’ **Active Account Retention**: We retain your Google data (OAuth tokens, profile information, calendar data references) for as long as your account is active and you continue to use Google-related features (Google Calendar integration)

β€’ **Token Retention**: OAuth access tokens and refresh tokens are retained until:
  - You explicitly revoke access from your Google Account settings
  - You disconnect Google from the application settings
  - Your account is deleted or deactivated
  - Tokens expire and are not renewed (for expired access tokens without valid refresh tokens)

β€’ **Inactive Account Retention**: If you do not log into your account for an extended period (12 months or more), we may automatically delete expired OAuth tokens. However, your profile information (name, email) may be retained in your user account if you continue to use the application without Google connection

β€’ **Account Deletion**: If you delete your account, all Google data associated with your account is permanently deleted from our database within 30 days

**Data Deletion - How to Request:**

Users have the right to request deletion of their Google user data at any time through the following methods:

**Method 1: Google Account Settings (Immediate Revocation)**
β€’ Go to Google Account settings: https://myaccount.google.com/permissions
β€’ Find "Aaperture" in the list of connected apps
β€’ Click "Revoke access" or "Remove access"
β€’ This immediately revokes our application's access to your Google data
β€’ We will detect this revocation and delete all stored tokens from our database within 24 hours

**Method 2: Application Settings (Immediate Deletion)**
β€’ Log into your Aaperture account
β€’ Navigate to Settings > Connections
β€’ Find the Google connection section
β€’ Click "Disconnect Google" or "Remove Google Connection"
β€’ This immediately deletes all Google OAuth tokens (access tokens and refresh tokens) from our database
β€’ Your Google Calendar features will no longer be available

**Method 3: Direct Contact (Full Account Deletion)**
β€’ Send an email to our support team requesting deletion of your Google data
β€’ Include your account email address and specify whether you want:
  - Deletion of Google tokens only (you can continue using the app without Google features)
  - Complete account deletion (all data including Google data will be deleted)
β€’ We will process your request within 7 business days
β€’ Contact email: contact@aaperture.com

**What Gets Deleted:**

When you request deletion of your Google data, we immediately delete:
β€’ All OAuth access tokens
β€’ All OAuth refresh tokens
β€’ Token expiration timestamps
β€’ Google Calendar integration settings

**Deletion Timeline:**

β€’ **Immediate**: OAuth tokens are deleted immediately when you disconnect Google from the application settings
β€’ **Within 24 hours**: Tokens are deleted within 24 hours when you revoke access from Google Account settings
β€’ **Within 7 business days**: Deletion requests via email are processed within 7 business days
β€’ **Within 30 days**: All Google data is permanently deleted from backups and archived data within 30 days of account deletion

πŸ“ Quick Reference - One-Line Answers​

If the form has short answer fields, here are concise versions:

What data do you access?​

Profile information (name, email, picture, Google ID) plus the dedicated Aaperture calendar we create in the user's account (scopes: calendar.events.owned + calendar).

Why do you need this data?​

To create user accounts, authenticate users, and manage the Aaperture calendar used for scheduled photography sessions. We access only the events we create (calendar.events.owned) and request the calendar scope exclusively to create/manage that separate calendar.

How do you protect this data?​

All OAuth tokens are encrypted with AES-256-GCM before storage. All API calls use HTTPS/TLS. Access is restricted to authorized application services only. No human access to tokens.

Do you share data with third parties?​

No. We do not share Google user data with any third parties. Data is used exclusively by our application to provide requested services.

Sensitive fields?​

None. We use basic scopes (profile, email) plus calendar.events.owned for our own events and the calendar scope strictly to create/manage the dedicated Aaperture calendar; we never read user-created events outside of that context.

βœ… Checklist Before Submission​

  • All responses copied and ready to paste
  • Privacy policy URL updated (without Gmail references)
  • Terms of service URL updated
  • Support email verified (contact@aaperture.com)
  • Homepage URL verified (https://aaperture.com)
  • Only 4 scopes listed: profile, email, calendar.events.owned, calendar
  • Gmail API disabled in Google Cloud Console
  • Application tested in "Testing" mode

Last Updated: 2025-01-26
Status: Ready for Google OAuth Verification Submission