Privacy Policy

Introduction

At ChromeFlow, we value the privacy and security of your organizational data. This policy outlines how we handle data when you use our SaaS application for Chromebook device automation.

Data we process

ChromeFlow operates as an automation layer for your Google Workspace domain. We process the following data to provide our services:

Device metadata: Serial numbers, device IDs, and current organizational unit paths.
User activity: Authenticated email addresses associated with device login events.
Admin credentials: OAuth 2.0 tokens provided during the authorization process.

No permanent storage

A core principle of our architecture is that we do not store your sensitive directory data permanently. Our application acts as a real-time bridge. While we maintain logs of movement actions for your audit history, the actual device inventory and user details remain within your Google Workspace environment.

Data security

All data transmitted between your environment and ChromeFlow is protected by industry-standard TLS encryption. We utilize scoped API permissions, meaning we only request access to the specific data points required to execute device movements and archival tasks.

Third-party access

We do not sell, trade, or otherwise transfer your data to outside parties. Your data is used exclusively to facilitate the automation rules you define within the ChromeFlow dashboard.