Privacy Policy

What we collect

When you request an audit, we ask for your name, work email, and company name so we can prepare your report and schedule a review call.

If you connect Google Workspace or Microsoft 365 for the audit, we receive read-only license and usage metadata through OAuth — such as seat counts, last-active signals, and application names. We do not read emails, files, calendar bodies, chat messages, or other content.

How we use your information

We use the information we collect solely to deliver the audit report, communicate with you about your audit, and improve our analysis. We do not sell your data or use it for advertising.

Data storage and security

Data is encrypted in transit using TLS 1.2+ and stored encrypted at rest. We request the narrowest OAuth scopes needed and never store your workspace credentials.

Retention and deletion

We keep audit data for 30 days after the audit ends so you can review the report. After that period, the data is automatically purged. You can also revoke OAuth access and request deletion at any time by emailing us.

Your rights

You can ask us to access, correct, or delete your personal information. To make a request, contact us at the email below.

Changes to this policy

We may update this policy as our service evolves. The latest version will always be available at this URL.

Contact us

Questions about this policy? Email hello@kavrn.io.