Privacy Policy
Last Updated: December 20, 2025
1. Introduction
Secure Drive ("we", "our", or "the bot") provides Google Drive management services through Telegram. This Privacy Policy explains how we collect, use, store, and delete your data.
2. Information We Collect
We collect and process the following information:
- Telegram User ID: Your unique Telegram identifier to link your account
- Google Drive Email: The email address associated with your connected Google Drive account
- OAuth Access Tokens: Encrypted tokens to access your Google Drive on your behalf
- File Metadata: Temporary file information (names, IDs, types) during operations
3. How We Use Your Information
Your data is used exclusively for:
- Authenticating and managing your Google Drive accounts
- Browsing, uploading, downloading, and searching files
- Creating shareable links
- Performing file operations (rename, delete, organize)
We do NOT: Store file contents permanently, share your data with third parties, use your data for advertising, or access your Drive without explicit user commands.
4. Data Storage and Security
We implement industry-standard security measures:
- Encryption: OAuth tokens are encrypted using AES-256 encryption
- Secure Database: All data is stored in MongoDB with access controls
- No File Storage: File contents are never permanently stored on our servers
- Secure Transmission: All API communications use HTTPS/TLS
5. Data Retention and Deletion
Data Retention:
- Account Data: We retain your Telegram User ID, connected email addresses, and OAuth tokens for as long as your Google Drive account remains connected to the bot
- File Metadata: Temporary file information is retained only during active operations and is automatically deleted after completion
- Session Data: OAuth states and temporary session data expire after 1 hour
Data Deletion:
You have full control over your data. We delete your information in the following ways:
- Manual Deletion: Use the /settings command in the bot and select "Remove Account" to immediately delete all stored data for that specific Google Drive account, including OAuth tokens and account information
- Complete Account Removal: All your data is permanently deleted from our database within 24 hours of account disconnection
- Inactive Accounts: Accounts inactive for more than 12 months may be automatically purged from our system
- Upon Request: Contact us at support@arshman.space to request immediate data deletion, and we will comply within 7 business days
Note: After deletion, you will need to re-authenticate if you wish to use the service again. Data deletion is irreversible.
6. Google API Services User Data Policy
Secure Drive's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
We only request the minimum necessary permissions to provide our service and never use your Google user data for purposes unrelated to providing and improving Secure's features.
7. Third-Party Services
We use the following third-party services:
- Telegram: For bot messaging interface
- Google Drive API: For file operations
- MongoDB: For secure data storage
Each service has its own privacy policy and data handling practices.
8. Your Rights
You have the right to:
- Access your stored data
- Request data deletion at any time
- Revoke Google Drive access
- Disconnect your account
9. Changes to This Policy
We may update this Privacy Policy from time to time. Continued use of the bot after changes constitutes acceptance of the updated policy.
10. Contact Us
For questions or concerns about this Privacy Policy or your data, contact us at: support@arshman.space
← Back to Home