This Privacy Policy describes how OpenLM collects, uses, stores, and protects information when you use the OpenLM Google Chat™ application. By using the App, you acknowledge that you have read and understood this policy.

1. Google API Services – Limited Use Disclosure

The OpenLM Google Chat™ App’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, we confirm that:

• Data obtained via Google APIs is used only to provide and improve the features of the OpenLM Google Chat™ App.
• We do not use Google user data to serve advertisements.
• We do not sell Google user data to third parties.
• We do not use Google user data for any purpose that is not disclosed in this Privacy Policy.
• Human access to Google user data is restricted to cases where it is necessary for security purposes, to comply with applicable law, or where the user has explicitly given permission.

2. OAuth Scopes and Permissions

The App requests the following Google OAuth 2.0 scope in order to function:

Scope	Purpose
https://www.googleapis.com/auth/chat.bot	Allows the App to send and receive messages in Google Chat™ spaces on behalf of the bot, deliver private alerts, and respond to slash commands.
https://www.googleapis.com/auth/script.external_request	Enables the App to communicate with OpenLM backend services to fetch license reports, manage account linking, and process proactive alerts.

No additional scopes are requested. Access is limited strictly to what is necessary to operate the App’s stated features.

3. Information We Collect

To provide license management alerts and interactive commands through Google Chat™, we collect the following information:

3.1 User Identifiers

• Google User ID – Used to route notifications and verify account permissions within the App.
• Email Address – Used to identify your account and associate you with your organization’s OpenLM instance.

3.2 Message and Command Data

• Message Content & Commands – We process the text of commands you send to the App (e.g., /openlm_usage, /openlm_denials, /openlm_idle) solely to execute the requested function and return the appropriate response.
• Space/Channel Identifiers – We store the Google Chat™ space or DM identifier associated with your account to enable targeted message delivery.

4. How We Use Your Information

All data collected is used exclusively to facilitate the technical interaction between your OpenLM instance and the Google Chat™ interface. Specifically, we use your information to:

• Authenticate and authorize your access to OpenLM services.
• Route license management alerts, notifications, and command responses to the correct user and space.
• Maintain session continuity so you receive relevant responses across interactions.
• Diagnose technical issues and maintain service reliability.

We do not use your data for advertising, profiling, or any purpose unrelated to the operation of the App.

5. Data Retention

• User Space Mappings – We retain the association between your Google User ID and registered Chat spaces for as long as your account remains active and the App is installed in that space. This data is automatically removed when you remove the App from a space.
• Interaction Logs – The App does not store interaction or activity logs. Any transient logging that occurs during processing is not persisted and is discarded once the operation is complete.

6. Data Sharing and Disclosure

We respect your privacy and do not sell, rent, or trade your personal information. Your data is never shared with third parties for operational, marketing, or analytics purposes. Data may be disclosed only in the following limited circumstances:

• Legal Obligations – We may disclose information if required to do so by law, regulation, or valid legal process (e.g., a court order or government request).
• Business Transfers – In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. You will be notified via email of any such change and any choices you may have.

7. Security

We implement industry-standard security measures to protect your data, including:

• Encryption in transit – All data exchanged between Google Chat™ and the OpenLM API is encrypted using TLS/HTTPS.
• Access controls – Access to stored user data is restricted to authorized systems and personnel required to operate the service.
• OAuth 2.0 Authentication – The App uses service account credentials and scoped OAuth 2.0 tokens to interact with the Google Chat™ API, minimizing exposure of sensitive credentials.

While we take reasonable precautions, no system is completely immune to security risks. We encourage you to report any suspected security issues to us promptly.

8. Changes to This Policy

We reserve the right to update this Privacy Policy to reflect changes in our practices or legal obligations. When we make material changes, we will notify you by email prior to the changes taking effect. The updated policy will also reflect a revised Effective Date at the top of this document. Continued use of the App after notification constitutes your acceptance of the revised policy.

9. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

OpenLM Support Email: support@openlm.com Website: https://www.openlm.com/contact-us/