File Search & Auditor for Google Drive™ — Privacy Policy

Last updated: May 18 2026

What is File Search & Auditor for Google Drive™?

File Search & Auditor for Google Drive™ (the "App") is a Google Workspace™ Add-on that runs entirely inside your own Google account. It searches your Google Drive™ and Shared Drives for files matching a search string, and writes the results — including who has access to each file — to a new tab in a Google Sheets™ spreadsheet.

Data Accessed

The App accesses the following data inside your Google account:

• File metadata — name, ID, link, created/modified dates, MIME type, size, description, and parent drive for files matching your search.

• File content — the App reads file contents to support full-text search, so that searches can match text inside files (not just file titles). This is what the drive.readonly scope is used for.

• Sharing permissions — for each file matching your search, the App reads the list of users, groups, domains, and link-sharing settings, so it can populate the "Shared With", "External Sharing", and "Risk Flag" columns in the results sheet.

• Shared Drives — the App lists the Shared Drives you have access to so you can choose which ones to search.

• Google Sheets™ — the App reads and writes the myDrives control sheet and the search-results tabs inside the spreadsheet the add-on is installed in.

Data Usage

The App uses the data described above strictly for the following purposes, in direct response to actions you initiate:

• Search: When you type a search string into the sidebar and click Search, the App queries the Google Drive™ API for files that match. The file metadata and content returned are used to identify matches.

• Audit: For each matching file, the App reads the file's sharing permissions and uses this data to populate the audit columns ("Shared With", "External Sharing", "Risk Flag") in the results sheet.

• Reporting: The App writes the results to a new tab in your Google Sheets™ spreadsheet so you have a persistent, filterable record of the search.

The App does not use Google user data for advertising, profiling, training machine learning or AI models, or any purpose beyond providing the search-and-audit functionality described above. The App does not use Google user data to develop, improve, or train generalised or non-personalised AI or ML models.

Data Sharing

The App does not share any Google user data with any third party.

No file metadata, file content, sharing permission data, or any other Google user data is transmitted to, stored on, or processed by any external server, database, analytics provider, advertising network, or other third-party service. All processing happens entirely within your own Google account using Google Apps Script™.

The App makes API calls only to Google's own services (the Google Drive™ API) using your OAuth token — these are internal Google requests on your behalf, not third-party sharing.

Data Storage & Protection

Storage. The App does not store any Google user data on external servers, databases, or third-party services. The only place the App writes data is the Google Sheets™ spreadsheet the add-on is installed in — that spreadsheet lives entirely within your own Google Drive™, owned by you and subject to your own Google account's access controls.

Protection for Google Workspace™ users. Where you are part of a Google Workspace™ organisation, the App operates strictly within the data protection, Data Loss Prevention (DLP), retention, and sharing policies set by your Workspace administrator. The App acts under your own OAuth token and inherits your existing access boundary — it cannot grant you access to any file or data you could not already access through Google Drive™ directly.

Protection for consumer Gmail users. Where you are using a personal Google account (no Workspace administrator), the App relies on Google's native account security protocols. The App requests only the minimum scopes necessary to operate (see "Permissions" below). All access is read-only with respect to Drive content, meaning the App cannot create, modify, move, or delete any file or folder.

Token handling. The App does not see, store, or transmit your OAuth token. Authorisation is handled entirely by Google Apps Script™'s built-in authorisation flow, with the token managed by Google's own infrastructure.

Data Retention & Deletion

The App retains zero Google user data. Because no data is stored on any external server or database, there is nothing for the App itself to retain or delete.

What you can delete:

• The results spreadsheet — the Google Sheets™ spreadsheet the add-on writes to is owned by you and lives in your own Google Drive™. To delete the results data, simply delete the spreadsheet (or any individual tab within it) using Google Drive™'s native delete function.

• The App's authorisation — to revoke the App's access to your Google account entirely, visit https://myaccount.google.com/permissions, find "File Search & Auditor for Google Drive™" in the list of third-party apps, and click "Remove Access". This immediately and permanently revokes the App's OAuth token.

• The add-on itself — to uninstall, go to Extensions → Add-ons → Manage add-ons in Google Sheets™ and remove the App.

You can perform any of these actions at any time without notice to the developer.

Does the App modify or delete any files?

No. The App uses read-only scopes for Drive access. It cannot create, modify, move, or delete any file or folder in your Drive. The "Shared With" and "Risk Flag" columns are reporting tools — to actually change a file's sharing settings, you click the file's link to open it in Drive and use Drive's native sharing controls.

Any future write-capable features will require additional scopes and will be clearly disclosed in an updated version of this policy before being added.

Permissions the App requires, and why

• drive.readonly (restricted scope) — needed to perform full-text content search across your Drive and Shared Drives, and to read each file's metadata and sharing permissions. The App uses this scope only to perform the searches you initiate and to populate the results sheet. No file content leaves your Google account.

• spreadsheets.currentonly — needed to read and write the myDrives control sheet and the results tabs in the spreadsheet the add-on is installed in. Scoped to the current spreadsheet only.

• script.container.ui — needed to display the custom menu and the search sidebar inside Google Sheets™.

• script.external_request — needed to call the Google Drive™ API v3 endpoints directly via UrlFetchApp. The only external service called is Google's own Drive API.

Who built the App?

File Search & Auditor for Google Drive™ is an independent add-on developed by GreatAICoding. It is not affiliated with, endorsed by, or associated with Google LLC.

Changes to this policy

If this privacy policy changes, the updated version will be posted at this URL with a revised "Last updated" date.

Contact

For questions about this privacy policy, or to report a concern about how the App handles your data, contact:

Email: greataicoding@greataicoding.com

Google Drive™, Google Sheets™, Google Workspace™, and Google Apps Script™ are trademarks of Google LLC. File Search & Auditor for Google Drive™ is not affiliated with or endorsed by Google LLC.