Google Data Privacy Policy
Last updated: 2025-12-27
Google integration disclosure: this page describes how Google Drive data is accessed and used by the ArtGo.Digital Google Drive integration for automated folder synchronization. For our general website privacy policy, see Privacy Policy.
Key point: a customer admin/user connects a Google account, selects one or more folders to synchronize, and ArtGo.Digital periodically scans those selected folder(s) (and their subfolders) to detect and import new or updated files into the customer’s ArtGo.Digital workspace.
1. Introduction
Bluevoria B.V. (“Bluevoria”, “we”, “our”, or “us”) provides the ArtGo.Digital product, a cloud-based design and digital asset management platform for professional design studios and enterprises. We are committed to protecting the privacy and security of our users and handling all data in accordance with applicable data protection laws, including the GDPR, and Google’s API Services User Data Policy.
This Privacy Policy explains how we collect, use, store, and protect personal data, including data accessed through Google integrations.
2. Scope of This Policy
This Privacy Policy applies to:
- Visitors to our website
- Registered users of the ArtGo.Digital platform
- Users who connect third-party services, including Google Drive
This policy does not apply to data stored in your own Google account outside of the permissions you explicitly grant to ArtGo.Digital.
3. Data We Collect
3.1 Account & Contact Information
We may collect:
- Name
- Business email address
- Company name
3.2 Uploaded & Managed Content
When using the platform, users may upload or manage:
- Design files
- Images
- Documents
- Metadata associated with those assets
ArtGo.Digital does not claim ownership over customer content.
4. Google Drive Integration
4.1 Google API Data Access
ArtGo.Digital offers an optional integration with Google Drive. When a user explicitly connects their Google account, the application requests the following OAuth scope:
https://www.googleapis.com/auth/drive.readonly
This scope provides read-only access to Google Drive files and metadata. For least privilege, the integration is configured to operate only on the folder(s) a customer explicitly selects for synchronization (and their subfolders), so we can detect new and modified files at regular intervals.
4.2 Purpose of Google Drive Access
Google Drive data is accessed solely for the following purposes:
- Allowing users/admins to connect a Google account and choose one or more folders from Google Drive or Shared Drives for synchronization
- Detecting new or updated files in the selected folder(s) (and subfolders) at regular intervals
- Importing eligible file types (e.g.,
.jpg,.tiff,.png,.psd) for viewing or management purposes inside the ArtGo.Digital platform - Generating thumbnail previews and displaying file previews or metadata inside the ArtGo.Digital platform
ArtGo.Digital does not:
- Modify Google Drive files
- Delete Google Drive files
- Share Google Drive data with other tenants/customers
- Access files outside the customer-selected folder scope used for synchronization
4.3 Google Drive Data Handling
- Google Drive data is processed only on behalf of the authenticated customer/user.
- File content is accessed read-only and only as needed to import new or updated files from the selected folder scope and to generate thumbnail previews.
- Google Drive data is not permanently stored unless the customer’s configuration results in importing/storing the file (or derived previews/metadata) into their ArtGo.Digital workspace.
- Any cached data is retained only as long as necessary to provide synchronization and platform functionality.
4.4 Compliance with Google API Services User Data Policy
ArtGo.Digital complies with the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
- Google Drive data is used only to provide user-facing functionality.
- Google Drive data is never used for advertising.
- Google Drive data is never sold.
- Google Drive data is never used to train generalized AI models.
ArtGo.Digital may use vetted infrastructure providers (subprocessors) as necessary to operate the service under contractual confidentiality and data protection obligations.
5. Data Retention
We retain personal data only for as long as necessary to provide our services or comply with legal obligations.
Google Drive Data
- Access tokens and metadata are retained only while the integration is active.
- Cached Drive data is automatically deleted after a defined, limited retention period (as determined by product configuration and operational needs).
- When a user disconnects Google Drive, associated tokens are invalidated and removed.
Stored File Representations & Retention
When users connect Google Drive and select folder(s) for synchronization, ArtGo.Digital may generate or store derived or imported representations of selected files to enable viewing and asset management within the platform (for example: thumbnails, previews, and extracted metadata; and, depending on configuration, imported file copies).
Stored file representations are retained independently from the original Google Drive location. If a file is removed from Google Drive, the corresponding item may remain available in ArtGo.Digital until it is manually removed by an authorized user or the tenant account is deleted.
All stored file representations are permanently deleted when the tenant account is deleted or when an authorized user removes the item from the ArtGo.Digital platform.
6. Data Security
ArtGo.Digital applies industry-standard security measures, including:
- TLS 1.2+ encryption for data in transit
- Encryption for data at rest where applicable
- Encrypted storage of OAuth access and refresh tokens
- Strict access control and tenant isolation
- Regular security updates and dependency monitoring
Access to customer data is limited to authorized personnel and systems only.
7. User Control & Data Deletion
Users have full control over their data:
- Users may disconnect Google Drive access at any time
- Users may revoke Google OAuth consent via their Google Account settings
- Upon revocation or disconnection, access tokens are invalidated and removed
- Users may request full account deletion, after which associated data is deleted in accordance with our retention policy
8. Incident Response
In the event of a data security incident:
- We will promptly investigate and mitigate the issue
- Affected users will be notified without undue delay
- Google will be notified in accordance with Google API Services requirements
- Regulatory authorities will be notified where legally required
9. Data Sharing
ArtGo.Digital does not sell, rent, or trade personal data.
Data is shared only:
- With infrastructure providers necessary to operate the platform (e.g. cloud hosting)
- When legally required
All service providers are bound by confidentiality and data protection agreements.
10. International Data Transfers
ArtGo.Digital operates within the European Union. If data is processed outside the EU, appropriate safeguards are applied in accordance with GDPR requirements.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated through our website or platform.
12. Contact Information
For privacy-related questions or requests, contact:
Bluevoria B.V. (ArtGo.Digital)
Email: [click to reveal]
Website: https://artgo.digital
ArtGo.Digital’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.