Information We Access
Selected Google Docs image metadata and image content needed to create an annotation session.
Images uploaded directly to the editor, annotated PNGs, generated revisions, and edit brief JSON when you choose to save or generate outputs.
Session identifiers and temporary tokens used to verify that an editor request belongs to the user who opened the add-on.
Operational logs needed to diagnose errors, protect the service, and confirm that image generation requests completed.
How We Use Information
We use this data to load the selected image, display it in the editor, export annotated copies, generate clean AI revisions when requested, and insert outputs back into your Google Docs workflow.
We do not use Google Workspace user data for advertising, user profiling, or unrelated product analytics.
Google API Services and Limited Use
Use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
Google Workspace data is used only to provide or improve user-facing features that are visible in the plugin workflow.
Human access to user data is limited to cases where the user asks for support, where access is required for security or abuse investigation, or where required by law.
Data Sharing and Third-Party Processing
Image Markup may send the original image, annotated image, and edit brief to RunningHub or another configured AI image generation provider only when you choose to generate a clean revision. It may also store temporary image objects in Cloudflare R2 or equivalent private object storage for upload, download, and provider handoff.
We do not sell user data. We do not transfer Google Workspace user data to third parties except as needed to provide the requested plugin functionality, comply with law, or protect the service.
Retention and Deletion
Workspace content is kept only as long as needed for the active workflow, configured storage, troubleshooting, or legal obligations. Temporary image objects are normally deleted or expired within 30 days unless a user or administrator configures a shorter retention period.
Operational logs used for security and reliability are normally retained for up to 90 days, unless a longer period is required to investigate abuse, security incidents, service errors, or legal obligations.
If the plugin is deployed by your organization, deletion timing may depend on that organization's Google Workspace, Apps Script, Drive, and storage configuration.
To request deletion of data controlled by the plugin operator, contact a17369332769@gmail.com and include the Google account, document context, and approximate time of the workflow when possible.
Security
The plugin uses Google Workspace authorization scopes and Apps Script controls to limit access to the data needed for the requested workflow.
Server-side API keys and provider credentials should be stored in secure deployment environment variables, not in browser code or Apps Script files.
Changes
We may update this policy when plugin capabilities, Google Workspace scopes, storage, or third-party processors change.
The effective date above indicates the latest published version of this policy.