Everwished Bills & FundSaving privacy explanation

This document explains the intended PoC/MVP privacy approach in plain terms. It is not final legal wording.

Sign-in

The app uses Google Sign-in only. It asks Google for the user's email address and unique Google account ID so the app can recognise the signed-in user without asking for another password.

Drive access

The intended Google Drive permission is limited to files the app creates or uses. The PoC/MVP avoids broad access to the user's Google Drive unless that is later explicitly approved.

Where user data is kept

User data should be stored in the user's Google Drive, in files created for this app. The app should not keep a separate app database for user data in the PoC/MVP.

What happens when the tab closes

Session details, access tokens and loaded user data are kept in memory only. If the user closes the tab or app, the app should forget the loaded data and ask the user to sign in again next time.

Remembering a device

This PoC/MVP does not set a remember-device cookie. If a remember-device option is approved later, it should only be used to help skip MFA where appropriate. It must not be used as an app session cookie, and it must not store secrets, access tokens or loaded user data.

What is not stored by this app

Sharing with the service operator

The app is designed to share only its own app-created folder or files with the approved Everwished service operator account. It must not share unrelated Google Drive files.

Known design trade-off

Google Drive's hidden application data area is useful for keeping files out of a user's normal Drive view, but it cannot be shared. For this PoC/MVP, sharing with the service operator is required, so the implementation uses app-created Drive files that can be shared with the approved operator account.