Note, the information published on this page is applicable to version 2+ of the application.
Google Form submission data
We do not
store your Google Form submission data and approval records.
This information is retained in your
Google account and is accessed by the add-on with the authorization you provide.
When you install the add-on, it will ask for authorization to run on your account.
The authorizations will be used for the sole purpose of providing the service to you.
The authorizations we require for the add-on to operate are:
||...is required for
|Display and run third-party web content in prompts and sidebars inside Google applications
||This authorization is required for the add-on to work within a sidebar inside Google Forms, where you can add recipients, recipient
order, recipient logic, and configure other settings.
|Allow this application to run when you are not present
||This authorization is required for the add-on to detect when form submissions are made on your form and include information from
the form submission in notifications sent to the requestor and recipients.
|Connect to an external service
||This authorization is required for the add-on to send/retrieve information from Google Cloud Datastore. Refer to section below titled 'Data
|View and manage the files in your Google Drive
||Google Forms provides functionality for you to include 'File upload' questions in your form.
Files uploaded via your form are stored in your Google Drive account. This authorization is required for the add-on to share view access of files uploaded (via your Google Form) with your recipients.
|View and manage your spreadsheets in Google Drive
||This authorization is required for the add-on to update the Google Spreadsheet with the approval status.
|View and manage your forms in Google Drive
||This authorization is required for the add-on to access the form for which you have setup the add-on. The add-on obtains response data from this form and includes it in email notifications to your requestor and recipients.
|Manage your contacts
||This authorization is required for the add-on to provide the Group approvals feature (when an approval request is sent to multiple people but only require one to approve) and to provide the auto-complete email address functionality within the add-on sidebar.
|Send email as you
||This authorization is required for the add-on to send email notifications to requestors and recipients on your behalf. The add-on will send email from your account each time a form submission is received or an approval is made.
|Manage your basic email settings
||This authorization is required to give you the ability to send emails from an alias email address.
It is important to note:
- The add-on does not have authorization to read or modify emails in your email account.
- The add-on will only ever use the authorizations listed above for the sole purpose of providing you the service.
- The add-on developer and support team have no access to your files. Should you require technical assistance we may ask you to grant temporary access to your files in order to troubleshoot. You are under no obligation to grant access.
When developing the add-on, we have consciously designed the information flow in
a way that minimizes the data which is required to be stored. To function, the
add-on stores the following minimal information in Google's Cloud Datastore.
The add-on stores your:
- Form Id
- Spreadsheet Id
- Sheet Ids
- Add-on administrator's email address
- Add-on administrator's authorization details
- That's it!
That is the absolute minimum information we are required to store to provide you the service.
Further details of the information we collect is in our Privacy
. All form response data and approval records are stored in your
Data center security
The Service is a cloud service, hosted by Google in data centers with the highest level of
certifications including ISO 27001 and SOC.
For more compliance information, you can visit the Google Cloud Platform (GCP) webpage or refer to
and GCP Compliance
All application servers are hosted by Google and data stored by the add-on is stored in
Google Cloud Platform's datacentres. When first configuring the add-on, you will be asked to select a region 'Americas', 'Europe' or 'Other'.
The data is stored and processed in the region you select.
If 'Americas' is selected your data is stored and processed in the US. If 'Europe' is selected your data is stored and processed in the Europe. If 'Other' is selected, your data is also stored and processed in Europe.
Selecting the region closest to you (and your recipients) also provides an incremental performance benefit.
All data is logically separated
using Google Cloud Platform's multi-tenancy data partitioning.
Decommissioning and data removal
All customer data is stored on GCP services, and follows a strict decommissioning policy
outlined under Secure Data Storage of the Google Infrastructure Security Design Overview.
For customer-specific data, we will manually remove all data associated with your
form from our datastore on request. You may remove the add-ons access to your account
at any time by following the intstructions in Google's support article
remove a site or app with access to your account
Uptime & Reliability
We constantly monitor our service performance and have automatic notifications to ensure
rapid response for service interruptions. All code is audited before deploying to production
servers. We also monitor updates from the security community and immediately update our
systems when vulnerabilities are discovered.
Customer data is encrypted when in-transit and at rest.
When at rest, customer data is encrypted using a key management system which logs all access
automatically. Additionally, encryption key is itself encrypted with a regularly rotated set
of master keys, which protect them even in the unlikely event of unauthorized database
When in transit, mail is encrypted using Transport Layer Security (TLS). TLS ensures that a
message and its metadata is encrypted as it passes between the sending and receiving mail
server. In situations where a receiving mail server doesn’t support TLS, the message is sent
if you use Google Mail, you can check if your emails have been
encrypted. On an email you have received, click the down arrow (show details) next to the
recipients email address. Encrypted emails appear with a closed padlock and non-encrypted
emails appear with an open padlock.
Email notifications can be delivered from your account directly via Google Mail or via the
formapprovals.com domain via Google Mail or Mailgun. Organisations that do not have MX records
pointed to Google for incoming mail will need to use the add-on from another account or request
for emails to be sent from the formapprovals.com domain.
Approval and tracking links within email notifications will direct your users to a
subdomain of formapprovals.com. Organisations that utilise URL protection services, will need
to whitelist our domain / subdomain when using our 1-click approval feature. 1-click approvals
may be disabled in the Settings tab of the add-on.
Due to the limited amount of data stored by the application and ease of data restoration, customer data is not backed up.
Google Form submission data and approval records are stored in your linked spreadsheet
and are therefore not
stored by the add-on. It is your responsibility to protect this information.
In the unlikely event of a security breach, our team will promptly notify you of
unauthorized access to your data.
How to contact us
We know these issues are important to you too. If you have any additional questions that
aren't answered above, please email firstname.lastname@example.org and we'll reply as
fast as we can.