Privacy Policy

Last updated:

1. Introduction

Welcome to PolicyTracker (referred to as "the App" or "PolicyTracker.online"). This Privacy Policy explains how we handle your data when you use our application. Because of our unique "zero-backend" architecture, we do not collect, store, or process any of your personal data on our servers.

2. Data Collection and Storage

PolicyTracker acts solely as a client-side interface between your browser and your personal Google Account. All data you enter into PolicyTracker (including family member profiles, insurance policy details, premium information, and payment histories) is stored directly in a Google Sheet hosted entirely on your personal Google Drive account.

We do not operate any databases, analytics servers, or backend storage systems that hold or process your information. Your data remains entirely in your possession.

3. Use of Google APIs (Data Accessed)

Our app requires explicit authorization to interact with your Google Account. We access and interact with the following specific types of Google User Data:

Google Profile Data (scopes: openid, profile, email): We access your basic profile information (such as your full name, email address, and profile photo URL) solely to display them within the application header to confirm which Google Account is currently signed in.
Google Spreadsheets (scope: https://www.googleapis.com/auth/spreadsheets): We create, read, and write data to a specific spreadsheet named "PolicyTracker_Data" in your Google Drive. This spreadsheet stores your family member list, insurance policy records, premiums, payment logs, and user settings. We do not access or interact with any of your other Google Spreadsheets.
Google Drive Files (scope: https://www.googleapis.com/auth/drive.file): We create a dedicated folder named "PolicyTracker_Data" and a subfolder named "Documents" on your Google Drive. This permission is used exclusively to save the application spreadsheet and to securely upload and store PDF/image policy documents that you choose to attach to your policy records. We cannot access, view, or modify any other files or folders in your Google Drive.

PolicyTracker's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

4. Data Storage & Protection Practices

Since PolicyTracker is fully serverless, we implement the following practices to store and protect your data:

Infrastructure Security: Because all your data is stored directly in your Google Drive and Google Sheets, it is protected by Google's own enterprise-grade security infrastructure. This includes advanced encryption at rest and in transit, multi-factor authentication (2FA), and Google's threat protection systems.
No External Transmission: Your data is never transmitted to, stored on, or shared with PolicyTracker developers or any third-party servers. All communications occur directly and securely between your browser and Google's official API endpoints.
Local Caching: Your Google OAuth access token and session metadata are temporarily cached in your browser's local storage (localStorage) to maintain your login session so you don't have to authenticate every time you open the app. This local data is immediately and permanently deleted when you click the "Sign Out" button or run the "Wipe Data" utility.

5. Data Sharing and Third-Party Transfer

Because we do not collect or possess your data, we cannot and do not share, sell, or distribute your data to any third parties, advertising networks, or external applications. Your data remains entirely within your Google Account ecosystem.

6. Revoking Access and Data Deletion

You have full control over your data and access permissions:

You can revoke PolicyTracker's access to your Google Account at any time by visiting your Google Account settings page (Security > Third-party apps with account access). Revoking access will not delete your data, as your Google Sheet and uploaded policy documents will remain safely in your personal Google Drive.
If you wish to delete your data completely, you can delete the "PolicyTracker_Data" folder and spreadsheet directly from your Google Drive account, or click the "Wipe Data" button inside the App's settings tab.

7. Contact Us

If you have any questions about this Privacy Policy, please contact us via email at jaynesh1701+appsupport@gmail.com.