Legal

Privacy Policy

Effective Date: April 14, 2026  ·  Last Updated: April 17, 2026

1. Who We Are

This Privacy Policy describes how we ("we", "our", "us") process information in connection with our application GFM — Google Forms Manager ("GFM", "the app").

This policy applies to GFM and any future products published under the same identity at gformmanager.netlify.app.

2. What GFM Is

GFM is a mobile client application that interacts directly with Google APIs (Google Forms API and Google Drive API) on behalf of the signed-in user. GFM does not operate a backend server for storing user-generated form content. All form structures, questions, settings, and responses remain within the user's own Google account. The application uses Firebase services for crash reporting and aggregate usage analytics, as detailed in §8.

3. Google API Services — Limited Use Compliance

GFM's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, we affirm:

  • We use Google user data only to provide and improve user-facing features within GFM.
  • We do not sell Google user data.
  • We do not use Google user data for advertising purposes.
  • We do not use Google user data to build user profiles or to train AI/ML models.
  • We do not transfer Google user data to third parties, except to Google services as required for the application to function, or as required by law.
  • We do not allow humans to read Google user data, except with the user's explicit consent for support, for security investigations, or to comply with applicable law.

3a. Google User Data — Required Disclosures

This section directly addresses the disclosure requirements set out in the Google API Services User Data Policy.

Data Accessed

GFM requests three OAuth scopes from the signed-in Google user:

  • drive.file — metadata and content of Google Drive files that the user creates inside GFM, or explicitly opens within GFM. Also used to upload images the user embeds in their forms. GFM cannot access any other files in the user's Drive.
  • forms.body — the structure of the user's Google Forms: titles, descriptions, questions, sections, settings, quiz configuration, and publish state for forms created or opened in GFM.
  • forms.responses.readonly — submitted responses to the user's forms, for display in the in-app Responses view and CSV export. Read-only; GFM never writes response data.

No additional Google account data (contacts, email, calendar, profile beyond a sign-in identifier, etc.) is requested or accessed.

Data Usage

Google user data is used exclusively to operate GFM's core features:

  • Drive file data is used to list the user's forms on the dashboard and to upload embedded images to the user's own Drive.
  • Form body data is used to render, create, edit, reorder, and publish forms and their questions within the app.
  • Response data is used to display individual and summary responses to the signed-in user, and to generate CSV exports the user initiates.

Data is never used for advertising, profiling, AI/ML model training, or any purpose beyond providing the in-app features described above.

Data Sharing

GFM does not share Google user data with any third party. The only data flows are:

  • Between the app and Google's own APIs (Forms API, Drive API) — required for the app to function.
  • Aggregate, anonymous crash and usage telemetry to Firebase (a Google service), which contains no form content, no response data, and no personally identifying information. See §8 for details.
  • CSV exports that the user manually initiates and shares via the device's native share sheet — to a destination the user chooses.

We do not sell, rent, lease, or otherwise transfer Google user data to advertisers, data brokers, or any unaffiliated third party.

Data Storage & Protection

  • GFM does not operate backend servers that store Google user data. All form data, questions, and responses remain in the user's Google account.
  • OAuth refresh tokens are stored on-device using the operating system's secure enclave (Android Keystore / iOS Keychain). Access tokens are held in memory only for the duration of an active session.
  • Any temporary on-device cache of form content is private to the user's device, encrypted at rest where the OS supports it, and never transmitted externally.
  • All network communication uses HTTPS/TLS. GFM never sees the user's Google password — authentication is handled entirely by Google's OAuth 2.0 SDK.

Data Retention & Deletion

  • Google user data (forms, responses) is not retained by GFM. It lives in the user's Google account and is subject to Google's own retention policies.
  • On-device cache is deleted automatically when the user signs out or uninstalls the app, and can also be cleared via the device's app settings at any time.
  • OAuth tokens are deleted from the device upon sign-out, uninstall, or when the user revokes GFM's access from their Google Account settings.
  • To delete forms and responses created via GFM, users can do so directly from Google Drive or the Google Forms web interface.
  • To revoke all access: visit Google Account → Security → Third-party apps with account access and remove GFM.
  • To request deletion of any Firebase telemetry data tied to your installation, contact us at formmanager000@gmail.com.

4. Data Storage and On-Device Caching

We do not store, log, or persist Google user data on our servers. To provide a responsive user experience, GFM may temporarily cache form content on the user's device. This local cache:

  • is private to the user's device,
  • is encrypted at rest where supported by the operating system (Android Keystore, iOS Keychain),
  • is cleared automatically on sign-out or app uninstall,
  • is never transmitted to external servers or to any third party other than Google APIs.

5. Google API Scopes and Why We Need Them

drive.file

Used to create new Google Forms in the user's Drive; open, modify, and delete forms the user creates within GFM or explicitly opens by pasting a link; and upload images that the user chooses to embed in their forms. This scope restricts GFM to files the app itself created or that the user explicitly opened — GFM cannot see other files in the user's Drive.

forms.body

Used to create form titles, descriptions, and settings; add, edit, reorder, and delete questions, sections, and media items; configure quiz settings, grading, and form publish state.

forms.responses.readonly

Used to display response counts and individual responses to the signed-in user, for forms they have access to, and to power the in-app "Responses" view and CSV export. Access occurs only during active user interaction. We do not perform background polling, bulk extraction, or external processing of response data.

6. Sensitive Data in Form Responses

Form responses may contain personal or sensitive information. GFM enforces:

  • No storage of response data on external servers.
  • No transmission of response data outside of Google APIs and the user's device.
  • No analysis, profiling, or aggregation of response content.

Response data is displayed only to the signed-in Google user who has access to the form.

7. Authentication and Tokens

  • Refresh tokens are stored encrypted on-device using the operating system's secure storage (Android Keystore, iOS Keychain).
  • Access tokens are held in memory only during an active session.
  • All tokens are deleted from the device when the user signs out, uninstalls the app, or revokes access from their Google Account.
  • We never transmit OAuth tokens to external servers or to any third party other than Google.

8. Analytics and Crash Reporting

GFM uses two Firebase services from Google to maintain app quality:

  • Firebase Analytics — to understand aggregate, anonymous usage patterns (which screens are visited, which features are used).
  • Firebase Crashlytics — to receive automated crash reports so we can fix bugs.

These services may collect:

  • Device type, operating system version, app version, language, country.
  • Anonymous, randomly-generated installation identifiers.
  • IP address (collected by Firebase SDK; used for approximate location and abuse prevention).
  • Crash stack traces and the application state at the time of a crash.

No form content, question text, response data, or personal user identifiers (including email addresses) are sent to Firebase. Firebase data is used strictly to maintain app stability and improve the product — never for advertising, profiling, or sale to third parties. Firebase data handling is governed by Google's privacy policies.

9. Data Retention

  • Google user data: not retained by any external entity. All form data lives in the user's Google account.
  • On-device cache: retained until the user signs out, uninstalls the app, or clears app data.
  • Firebase Analytics and Crashlytics: retained according to Firebase's default retention settings, controlled by Google.

10. Data Deletion and Revocation

To revoke GFM's access:

Go to your Google Account → Security → Third-party apps with account access and remove GFM. Access is revoked immediately.

To delete data created with GFM:

Forms created in GFM are stored in your Google Drive. Delete them directly from Drive or the Google Forms web interface.

To clear on-device data:

Uninstall the app, or use your device's app settings to clear app data.

11. Data Sharing

We do not sell, rent, lease, or share user data with third parties for any purpose other than the service provider relationships described in this policy (Google APIs, Firebase). We do not share data with advertisers. We do not transfer Google user data outside of Google's services.

12. Uploaded Images and Link-Based Access

When a user adds an image to a form through GFM, the image is uploaded to the user's own Google Drive and its sharing permission is set to "anyone with the link can view," which is required by the Google Forms API for embedded images to render. Once a file is set to "anyone with the link," anyone who obtains the link may view the file. Users are responsible for managing the visibility of files they upload.

13. Security Measures

  • HTTPS encryption for all network communications.
  • OAuth 2.0 authentication via Google's official SDK — GFM never sees the user's Google password.
  • On-device encryption of authentication tokens via OS-provided secure storage.
  • No storage of Google user data on external infrastructure, eliminating server-side breach risk for that data class.
  • Regular updates to the application and its dependencies to address security advisories.

14. Children and Educational Use

GFM is intended for adults (typically aged 18 and over) and is not directed to children under 13 (or under 16 in jurisdictions where that is the applicable threshold under GDPR-K). We do not knowingly collect personal information from children. When teachers use GFM to collect responses from students, those responses are stored within the teacher's Google account — we do not receive, store, or process student response data. If you believe a child has provided personal information through GFM, contact formmanager000@gmail.com.

15. International Data Transfers

GFM is operated from Bangladesh. Google and Firebase services may process data on servers located in countries other than the user's own, including the United States. Where required by applicable law (including GDPR), such transfers rely on the legal mechanisms Google maintains for its services. By using GFM, you acknowledge that data processed by Google APIs and Firebase is handled in accordance with Google's own data transfer frameworks.

16. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you (in our case, none beyond Firebase telemetry tied to a random installation ID).
  • Request correction or deletion of your data.
  • Withdraw your consent to data processing at any time by revoking the app's Google access (see §10).
  • Lodge a complaint with your local data protection authority.

To exercise any of these rights, contact formmanager000@gmail.com.

17. Changes to This Policy

We may update this Privacy Policy from time to time. The current version is always available at gformmanager.netlify.app/privacy. For material changes that affect how we process your data, we will notify you within the app and where appropriate require re-acknowledgement before continued use. Minor clarifications will be reflected via an updated "Last Updated" date.

18. Contact

Email: formmanager000@gmail.com
Website: gformmanager.netlify.app

19. Governing Law

This Privacy Policy is governed by the laws of Bangladesh, without regard to its conflict-of-law provisions.