Privacy first, with accurate limits.
This policy describes how Tidy Cloud handles data in order to provide Gmail and Google Drive cleanup features. It is written to match the current product behavior. It is not a claim that the service stores nothing at all.
What Tidy Cloud is for
Tidy Cloud helps users review and clean up their own Gmail and Google Drive content. The service is intended to act only on behalf of the signed-in user and only for the cleanup features the user chooses to run.
Data the service does store
Tidy Cloud currently stores operational data required to run the product, including account records, session records, OAuth account linkage, access and refresh tokens provided by Google, cleanup history, saved recipes, recurring schedules, and feature entitlement settings.
Data the service reads from Google
When authorized by the user, Tidy Cloud reads Gmail metadata, Gmail message previews, Gmail labels, Google Drive file metadata, and related Google account access tokens needed to perform cleanup actions and show review screens.
What the service does not do
Tidy Cloud does not use Google user data for advertising, resale, profile enrichment, or unrelated product analytics. It is not intended to train general-purpose models on user mailbox or Drive content. The product is meant to use Google data only to power the cleanup workflows the user requests.
User-directed actions and recovery
Cleanup actions are initiated by the user. Tidy Cloud is designed to move content to Trash where the connected service supports that behavior, but recovery windows, restore options, and permanent deletion timing are governed by the connected service's own terms, retention rules, and policies.
Retention and deletion
Operational data may remain in the database until the service is updated with a full self-serve deletion flow or the operator removes it manually. If you want a stronger deletion posture, the product should add account deletion and token revocation flows before launch.
Security and access
Access to Google data should be limited to the scopes required for cleanup features. The service should continue to minimize scopes, protect production credentials, and restrict internal access to the database and deployment environment.
Changes
If Tidy Cloud changes its storage, analytics, model usage, or support model, this policy should be updated to stay accurate.