Committed to Your Security

At Chartbuddy, protecting your data and respecting your privacy are fundamental to how we operate. Discover our approach to ensuring a secure experience.

You're in Control of Your Data

Chartbuddy is designed to give you full control. We request only the necessary permissions to function, focusing on the specific Google Slides files you choose to work with.

  • Focused File Access: We primarily use Google's drive.file scope. This means Chartbuddy only gains access to the individual Google Slides presentations that you explicitly select, for example, through the Google Picker interface when linking charts. We never request broad access to your entire Google Drive. Learn more
  • Easy Revocation: You can revoke Chartbuddy's access at any time. Learn more
Google Drive Picker interface showing focused file access

No Sensitive Content on Our Servers

Your presentation content and sensitive chart data are not stored or transported via Chartbuddy's infrastructure. Our architecture prioritizes keeping your core data within your Google environment.

  • Direct Google Interaction: The Chartbuddy extension orchestrates actions directly with Google Slides APIs. Your data flows between your browser and Google's secure infrastructure.
  • Metadata Only: We store essential metadata such as your account information, encrypted Google refresh tokens (for maintaining API connection), and configurations related to your Chartbuddy usage. We do not store raw data points from your charts or the textual/image content from your slides.
Chartbuddy's distinguished infrastructure showing data flow

Built on Secure Foundations

We employ industry-standard security measures to protect your information and ensure safe interactions.

  • Data Encryption: All communication between your browser, our servers, and Google services is encrypted using HTTPS/TLS.
  • Secure Authentication: We utilize Google's secure OAuth 2.0 protocol for authentication. Your Google password is never shared with or stored by Chartbuddy.
  • Token Management: Refresh tokens are stored encrypted at rest, and short-lived access tokens are used for API interactions, adhering to security best practices.
Chartbuddy's encryption and authentication security measures