Last updated: March 2026. This is a template — consult a legal professional before launching.

Privacy Policy

1. Information We Collect

When you use DriveTree, we collect:

• Google profile information: your name, email address, and profile photo (provided via Google OAuth).
• Google Drive metadata: file names, folder structure, MIME types, file sizes, and modification dates. We do NOT access or store the actual contents of your files.
• OAuth tokens: access and refresh tokens to maintain your Google Drive connection. These are stored encrypted in our database.
• Usage data: basic analytics such as pages visited, features used, and session duration.

2. How We Use Your Information

• To display your Google Drive file tree within DriveTree.
• To authenticate you and maintain your session.
• To communicate service updates and billing information.
• To improve and optimize the Service.

3. Third-Party Services

DriveTree uses the following third-party services:

• Google: OAuth authentication and Drive API (read-only).
• Supabase: Authentication, database, and secure token storage.
• Vercel: Application hosting and deployment.

4. Data Retention & Deletion

We retain your data for as long as your account is active. Drive metadata is fetched on-demand and is not permanently cached. When you delete your account, all associated data (profile, connected drives, tokens, subscription) is permanently removed within 30 days.

5. Your Rights

You have the right to:

• Access your personal data stored in our system.
• Delete your account and all associated data at any time from Settings.
• Revoke Google Drive access at any time via your Google Account permissions.
• Export your data upon request.

6. Cookies

DriveTree uses essential cookies for authentication and session management. We do not use advertising or tracking cookies.

7. Security

OAuth tokens are stored encrypted. All data is transmitted over HTTPS. We use Supabase Row Level Security to ensure users can only access their own data.

8. Children's Privacy

DriveTree is not intended for children under 13. We do not knowingly collect data from children under 13.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via email or in-app notice.

10. Contact

Questions? Contact us at privacy@drivetree.app.