Google User Data Policy
This policy explains how OpenTeam handles information received from Google APIs for Team-owned and user-authorized Portal connections.
Last updated: May 20, 2026
Google Data We Handle
- Gmail data, such as message and thread metadata, message bodies, attachments, labels, drafts, and send actions, when a user connects Gmail and requests mailbox work.
- Google Drive and Google Docs data, such as file and folder metadata, document content, permissions, and shared-drive information, when a user requests file or document work.
- Google Calendar data, such as calendars, events, availability, attendees, conferencing details, and event changes, when a user requests scheduling work.
- Google Business Profile data, such as locations, profile fields, posts, reviews, and related listing data, when a user requests profile work.
- Google Ads data, such as customer accounts, campaigns, budgets, ad groups, ads, assets, keywords, conversions, recommendations, and performance reports, when a user connects Google Ads and requests advertising management work.
Google OAuth Scopes
OpenTeam requests only the scopes needed for the Google connector and workflow the user authorizes. The table below explains the Google scopes covered by this policy.
| Scope | Use |
|---|---|
| openid | Associates the connected Google Account with the authorized user session. |
| https://www.googleapis.com/auth/userinfo.email | Reads the primary Google Account email address for sign-in, account display, and connector ownership. |
| https://www.googleapis.com/auth/userinfo.profile | Reads basic Google Account profile information for account display and connector ownership. |
| https://www.googleapis.com/auth/gmail.modify | Reads and manages Gmail messages, drafts, labels, and Trash-only mailbox changes requested by the user. |
| https://www.googleapis.com/auth/drive.file | Creates, reads, edits, moves, shares, and trashes Drive files opened, created, selected, or shared for OpenTeam workflows. |
| https://www.googleapis.com/auth/calendar.events | Reads, creates, edits, and removes Google Calendar events requested by the user. |
| https://www.googleapis.com/auth/calendar.app.created | Creates and manages secondary calendars and events created for OpenTeam workflows. |
| https://www.googleapis.com/auth/calendar.calendarlist | Reads, adds, and removes calendars in the user subscription list when needed for scheduling workflows. |
| https://www.googleapis.com/auth/business.manage | Reads and updates Google Business Profile accounts, locations, posts, reviews, and listing data requested by the user. |
| https://www.googleapis.com/auth/adwords | Reads and manages Google Ads customer accounts, campaigns, budgets, ad groups, ads, assets, keywords, conversions, recommendations, and reports requested by the user. |
Use And Runtime Access
- OpenTeam requests Google access only when a user starts a Google OAuth connection and grants the requested scopes.
- Google data is used only to perform user-requested workflows in Portal, Gateway runtimes, and selected connector MCP services.
- Google data may be used as context for AI-assisted actions requested by the user, such as summarizing messages, drafting replies, organizing Drive files, scheduling events, updating business profiles, or preparing Google Ads campaign changes.
- OpenTeam stores connection records and refreshes Google access tokens so authorized workflows can continue without asking users to reconnect every session.
- Agents and runtime services receive Google credentials only through authenticated, Team-scoped runtime credential endpoints for the selected connection.
Sensitive Actions
- OpenTeam does not use Gmail full mailbox access to permanently delete messages. Gmail deletion workflows move messages or threads to Trash.
- Drive deletion workflows move files to Trash where supported.
- Google Ads budget, campaign, ad, conversion, or recommendation changes are performed only through user-authorized workflows.
- Business Profile publishing, Calendar invitation, and other externally visible changes require a user-requested workflow and appropriate authorization.
Limited Use And Sharing
OpenTeam's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including Limited Use requirements.
- Google data may be processed by OpenTeam infrastructure providers that operate hosting, database, logging, email, security, and support systems on OpenTeam's behalf.
- Google data may be sent to Google services when a user asks OpenTeam to send mail, save drafts, edit files, change calendars, publish content, or otherwise transmit data through Google.
- OpenTeam may use Google Ads account data only to help the user manage their own Google Ads accounts at their request, such as creating campaigns, drafting ad content, changing budgets, and reviewing performance.
- OpenTeam does not use Google API data to serve OpenTeam ads, retarget users, build advertising profiles, sell advertising data, or train generalized AI or ML models.
Retention, Deletion, And Controls
OpenTeam keeps Google connection and operational information for as long as needed to provide Portal, maintain security, meet legal obligations, resolve disputes, and enforce agreements. Disconnecting a connector removes that connection from normal runtime credential access. Routine backups are generally retained for up to 35 days, and audit, security, abuse-prevention, and support logs are generally retained for up to 400 days unless a longer period is required for legal, security, or dispute-resolution reasons.
- Disconnect a Google connected account in Portal Apps.
- Revoke Google OAuth access from the user's Google Account security settings.
- Request deletion or export of Portal data by contacting OpenTeam.
- Ask questions or report a concern about Google user data handling.
Contact
For questions, data requests, or concerns about Google user data, contact [email protected] .