Legal

Google API Services Disclosure

Which Google APIs ProductImageSync uses, what data is received, and how we comply with the Limited Use requirements.

Last updated: May 16, 2026

ProductImageSync ("the Service", "we") uses Google API Services to deliver its core functionality. This page discloses which Google APIs the Service interacts with, what data is received, how that data is used, and how we comply with the Google API Services User Data Policy, including the Limited Use requirements.

1. Google APIs used by ProductImageSync

ProductImageSync requests the following OAuth scopes:

1.1. spreadsheets (sensitive)

Scope: https://www.googleapis.com/auth/spreadsheets

Used to read product rows, image columns, and floating image positions from the active spreadsheet, and to write image URLs and =IMAGE formulas back into that same spreadsheet. ProductImageSync is designed to access only the spreadsheet in which the user opens and runs the add-on, and only the rows, columns, formulas, images, and metadata necessary to complete the user-initiated job.

1.2. drive.file (non-sensitive)

Scope: https://www.googleapis.com/auth/drive.file

Used to upload exported product images into a folder owned by the user inside their own Google Drive. Under the drive.file scope, the Service can only see and modify files it creates on the user's behalf. The Service does not have access to any other file in the user's Google Drive.

1.3. script.container.ui (non-sensitive)

Scope: https://www.googleapis.com/auth/script.container.ui

Used to render the add-on's sidebar (Setup, Progress, Help, Feedback, Settings) and validation dialogs inside the Google Sheets user interface.

1.4. script.scriptapp (sensitive)

Scope: https://www.googleapis.com/auth/script.scriptapp

Used to schedule short-lived internal triggers that resume large jobs across Apps Script's six-minute execution limit. This scope is used only to create, manage, and delete these resume triggers. The triggers are deleted as soon as the job completes, fails, or expires, and the scope is not used to schedule activity outside of an active job.

1.5. script.external_request (sensitive)

Scope: https://www.googleapis.com/auth/script.external_request

Used to send the job request to our private Cloud Run worker (hosted on Google Cloud, currently in the us-central1 region) and to poll for job status and results. The Service does not contact any other external endpoint.

Least privilege: ProductImageSync does not request any restricted-tier Google OAuth scopes. The Service deliberately uses drive.file (per-file) instead of broader Drive scopes, so it cannot read or modify files it did not create.

2. What data we receive from Google APIs

When a job runs, the Service receives, on the user's behalf and through the scopes above:

  • The structure and contents of the active spreadsheet relevant to the job (product rows, image columns, floating image positions, formulas, image source URLs).
  • A short-lived Google OAuth access token. The token is used only for the Google API operations the job requires: exporting the active sheet to obtain its embedded floating images, fetching source images that require Google authentication, and uploading the resulting images to the user's Drive folder. The token is transmitted over HTTPS, is used only during the active job, is not stored persistently, is not written to our logs, and is discarded when the job completes or fails.
  • Image content for the job, fetched from the spreadsheet's embedded images or from image URLs provided in the spreadsheet.

The Service does not receive data from Gmail, Google Calendar, Google Contacts, or Google Drive files other than the files and folders created or selected for the user-initiated job, and it does not receive data from any other Google service.

3. How we use Google user data

The data described in Section 2 is used exclusively to deliver the user-facing features of ProductImageSync:

  • placing floating images into the correct cells;
  • uploading product images to the user's Google Drive;
  • renaming images using the SKU or identifier the user specified;
  • generating image URLs that the user can use in CRM, ERP, CMS, or online-store imports;
  • surfacing job progress, errors, and completion status inside the add-on's sidebar.

We do not use Google user data for any other purpose.

4. Limited Use compliance

ProductImageSync's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We use Google user data only to provide, maintain, secure, troubleshoot, and improve the specific user-facing features described in Section 3.
  • We do not use Google user data to develop, improve, or train generalized machine-learning or artificial-intelligence models.
  • We do not use Google user data to serve advertisements, and we do not allow advertising networks to access this data in any form.
  • We do not transfer Google user data to third parties, except (a) as necessary to provide, maintain, secure, troubleshoot, or improve the Service (specifically, processing on Google Cloud Platform), (b) with the user's affirmative consent, or (c) as required by applicable law and with appropriate safeguards.
  • We do not allow humans to read Google user data unless we have the user's affirmative consent for a specific support case, it is required for security purposes (such as investigating abuse), or it is required by applicable law.

5. Data retention and deletion

  • Image content is not persisted on our servers. It is processed transiently in memory only to complete the upload to the user's Google Drive folder. We do not persist image content in databases, object storage, or application logs.
  • Job metadata (status, item counts, error messages) is stored in our Firestore database for twenty-four (24) hours, then automatically deleted.
  • Pseudonymous telemetry events are stored in Google Cloud Logging for thirty (30) days, then automatically deleted.
  • You can request deletion of all telemetry associated with your pseudonymous installation UUID by emailing hello@productimagesync.com with the subject "GDPR data request".

6. Public sharing of generated image links

For =IMAGE formulas to render inside spreadsheet cells, and for exported URLs to be usable in external systems, the image files ProductImageSync uploads to the user's Google Drive folder are shared with "anyone with the link can view" access. Anyone who obtains such a link can view that image. This sharing applies only to files the Service has uploaded on the user's behalf and does not expose any other file in the user's Drive. The user may change or revoke this sharing at any time through standard Google Drive controls.

7. Revoking access

You may revoke ProductImageSync's access to your Google account at any time at myaccount.google.com/permissions. Once revoked, the Service can no longer read or write any data in your Google account.

8. Contact

ProductImageSync Team
Email: hello@productimagesync.com
Website: productimagesync.com

Related documents