DataToDoc

Privacy Policy

Privacy Policy

Effective Date: April 22, 2025

This Privacy Policy is intended to help you understand what information we collect and why, how data is classified, and how you can delete it.

About DataToDoc

DataToDoc is an add-on for Google Docs, Google Sheets, and Google Drive that:

  • Is launched by the user (via Extensions > DataToDoc > Start) as a sidebar within the currently open Google Document. This document will later serve as a template.
  • Upon user request, reads a list of accessible spreadsheets (including XLSX and CSV files) by file name and ID, and presents them to the user for selection, including fast search functionality.
  • Reads sheet names and the first row of the selected spreadsheet, then presents them in the sidebar to facilitate user interaction.
  • Allows the user to insert selected sheets and columns into the template, with fast search, to help structure the document for merging.
  • Upon the user clicking “Merge,” reads the full content of the selected spreadsheet and template, and sends it to Google Cloud Run functions for processing. During processing, the user’s quota is checked according to their subscription plan using Google Firestore. A hashed version of the user’s email is stored for this purpose.

All processing and storage takes place within the Google ecosystem, ensuring your data never leaves Google servers.

  • Stripe.com is used to manage paid user subscriptions.

This add-on is integrated with your Google account and the data stored within it. When you install the add-on from the Google Workspace Marketplace, you will be asked to authorize access to various parts of your Google account. These permissions are used only to provide the functionality you request from the add-on.

To remove the add-on’s access to your Google account, you must uninstall it from Google Workspace Marketplace (see “User Account Deletion”).

The add-on is developed and operates using Google Apps Script on Google’s servers.

✅ Data collected by DataToDoc is never sold or shared with third parties.

Use of data obtained via Google API and any data transfers to other services will fully comply with the Google API Services User Data Policy, including the Limited Use requirements.

User Account Deletion

DataToDoc only accesses data that is strictly necessary for the add-on to function.

If you wish to stop using our service, please follow these steps to remove DataToDoc from your Google account:

  1. Go to your Google Workspace Marketplace App Management
  2. Next to DataToDoc, click the menu icon
  3. Click “Uninstall” from the dropdown menu

Uninstalling DataToDoc will deactivate all add-on functionality in your Google account.

📌 Please note: User data stored in Firestore is not automatically deleted. To request deletion, email us at support@datatodoc.de, and we will initiate the removal process within 30 days.

Data Classification

Based on security impact, data is categorized into five levels:

  1. Highly Confidential Data
    These remain fully under your control. For example, the full content of your Gmail messages and your entire Google Drive are never accessed or processed by DataToDoc. The add-on only accesses specific files you explicitly select.
  2. Confidential Data
    Accessed only as needed to provide the core merging and document generation functionality of DataToDoc. This includes:
    The contents of Google Docs and Google Sheets files explicitly selected by the user. These are read temporarily in order to extract structure, detect merge fields, and perform merge operations. Your email address, accessed only to Check the status of your subscription via Stripe. A hashed version of an email address used internally to enforce usage quotas. No email content is accessed, and your email is never used for personalization or ownership tracking.
  3. Shareable Data
    May be shared voluntarily with DataToDoc support (e.g., shared access to specific Sheets or Forms for troubleshooting). We do not keep copies of your documents and strongly recommend revoking access after support cases are resolved.
  4. Public Data
    Includes public content published on our website (https://www.datatodoc.de).
  5. Personal Data
    Limited to individuals responsible for maintaining and backing up the system.

Data Access

When you install DataToDoc, you are asked to grant the following permissions:

Why does DataToDoc need access to these scopes?

  • See and download all your Google Drive files
    To list your available spreadsheets, XLSX, and CSV files for selection.
    📌 Read-only access only. No modifications or deletions.
  • See, edit, create, and delete only specific Google Drive files you use with this app
    To create and store result files in a dedicated folder.
    📌 We never delete your files or folders.
  • View and manage documents this application is installed in
    To allow insertion of placeholders into the open template.
  • Connect to an external service
    To access Google Cloud Run functions for merging documents, tracking quotas, and verifying subscriptions.
  • Display and run third-party web content in prompts and sidebars inside Google applications
    To display the sidebar interface within Google Docs.

Data Storage

DataToDoc stores limited user data and usage statistics on the Google Cloud Platform:

We store:

  • User Identification
    ▸ Hashed Gmail address — to identify users.
    ▸ Subscription details (Basic, Pro plans) and usage quotas

All payment processing and subscription data is handled by Stripe.com.

During operation, DataToDoc accesses:

  • File IDs and names from your Google Drive
  • Names of worksheets from the selected spreadsheet

📌 We do not copy spreadsheet or document contents into any database.

Data Protection Measures

We store the minimum amount of user data necessary.
All stored data resides on Firestore and Stripe infrastructure, meeting industry security standards.
Access is restricted to authorized DataToDoc personnel who are committed to maintaining data confidentiality.

Data Retention

We retain collected data only as long as needed to provide services.
We apply commercially reasonable practices to protect stored data from loss, theft, unauthorized access, or misuse.

Changes to This Privacy Policy

This policy may be updated over time. We reserve the right to revise this Privacy Policy at any time.

When we do, the updated date at the bottom of the Privacy Policy page will be changed.

Continuing to use DataToDoc after policy changes implies acceptance of those changes.

If your organization requires explicit notifications of policy changes, contact support@datatodoc.de to be added to our notification list.
.