We take user privacy and security very seriously. This document provides an overview of our security policies and technology. We are happy to discuss any of these points in more detail with concerned customers.
Authentication
- G Merge Plus uses Google Sign In for user authentication and authorization. We never have access to our users' Gmail passwords.
- On first use, G Merge Plus need users’ permission to run: users have to authorize G Merge Plus to use user's information in accordance to our terms of service and privacy policies.
- For some features, we request access to user data on other services, including access to Google Contacts, Drive and Gmail. We treat these credentials as highly secure information, which we keep on users’ behalf. You may revoke these credentials at the issuer at any time, or we will destroy them when asked.
Access to Systems and Hosting
- interaction between GSuite Apps and our application occurs over a secure HTTPS connection. All web reports and account management activities are likewise performed over a secure HTTPS connection.
- We host our systems on the Google Cloud Platform, and let you enjoy the same level of Security and Confidentiality as with G Suite.
Technical Support, Incident Response
- We monitor our systems permanently. Our team is notified as soon as problems are detected and the issues are immediately investigated.
- Whenever a significant downtime happens we notify it via our Twitter.
- Every user has access to our support platform to log support tickets at https://gmergeplushelp.zendesk.com/hc/en-us/requests/new and on our support platform which is provided by the SaaS application www.zendesk.com accessible by all identified users at the url: https://gmergeplushelp.zendesk.com
- We provide 24x5 support to every end user with an average first response time of 2 hours. Our Enterprise support offer includes Hangout and Phone support.
Data Collection & Confidentiality
- We do not store any data from users emails (email title, body, recipients etc..).
- Although our add-ons require access to Drive documents, we do not store the document content nor monitor the Drive activity. We only need drive access to create a new document when doing document merge and putting it in target folder set by the user.
- Access to user's account and all data associated with that account by GMergePlus employees is limited to an as-needed basis (e.g., to resolve customer issues, support). When such access is required, only personnel with a direct need will access the data, and such access will be limited as much as possible. Breach of this policy by a Tanitapps employee is a serious matter which can lead to contract termination as well as legal action.
- When requested, we will destroy a user's account, removing all data associated with that account.
- Although our add-ons require access to Drive documents, we do not store the document content nor monitor the Drive activity. We only need drive access to create a new document when doing document merge and putting it in target folder set by the user.
- We use a leading cloud based payment gateway: Stripe for online sales and credit card payments. We do not see, store and never have access to user's’ credit card information.
- GMergePlus does not rent, sell, trade or disclose users Personal Information to third parties.