Règles de Confidentialité
Chez Prism., votre vie privée est notre priorité absolue. Cette application est une solution "Privacy-First".
1. Stockage des données
Prism. n'utilise aucun serveur externe pour stocker vos données. Toutes vos informations financières sont conservées exclusivement sur votre propre compte Google (Google Sheets et Drive).
2. Accès et Sécurité
L'application agit uniquement comme une interface. Le développeur n'a aucun accès à vos feuilles de calcul ni à vos soldes bancaires. Vos données ne sont jamais vendues, partagées ou consultées par des tiers.
3. Autorisations
Les autorisations demandées lors de l'installation servent uniquement à permettre à l'application de lire et d'écrire dans le fichier spécifique que vous utilisez pour votre budget.
Google API Services User Data Policy
Prism's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
- Data Accessed: Prism requests access to your Google Sheets (via the spreadsheets scope) and your Google account identity. We do not access sensitive personal data beyond your basic profile.
- Data Usage: We use your Google data solely to read, edit, formulate, and manage your budget spreadsheets. Your data is not used for any other purpose.
- Data Sharing: Prism does not sell or share any of your Google user data with third-party tools or external services.
- Data Storage & Retention: We do not store any of your spreadsheet data on external servers. All financial information remains securely within your Google Drive account. Because your data resides exclusively in your Google account, you retain full control and can delete it at any time.
Data Protection Mechanisms
Prism. implements multiple layers of technical and architectural protection to safeguard the integrity and confidentiality of your data. Because Prism. operates entirely within your own Google account, the security model leverages Google's industry-leading infrastructure while adding application-level guarantees that go beyond standard practice.
Encryption
All user data is stored within Google Drive and Google Sheets. As such, it is automatically protected by Google's encryption standards: AES-256 encryption at rest and TLS encryption in transit for every read and write operation. Prism. does not maintain any separate data store; therefore, no parallel encryption stack or external key management is required or possible.
Access Controls
Authentication is handled exclusively through Google OAuth 2.0. Prism. never sees, stores, or transmits your Google credentials. Each session is bound to your authenticated Google identity, and access tokens are managed by Google's infrastructure.
After the initial installation, the developer is technically removed from your file via an automated removeEditor operation. From that moment onward, the developer has no read or write access to your spreadsheet — this is enforced at the Google Drive permission layer, not merely as a policy commitment.
Data Isolation
Each user's data is stored in a dedicated Google Sheets file within their own Google Drive. There is no shared database, no multi-tenant data store, and no cross-user data path. The application's codebase is technically incapable of enumerating, listing, or discovering files in your Drive: it accesses only the single file ID associated with your account, established at install time.
Architectural Safeguards
- Single auditable access point: all spreadsheet operations route through one centralized function, which can only resolve the user's own file ID.
- No Drive enumeration: the codebase contains no Drive search, list, or folder traversal operations.
- No bound scripts or triggers: the user file is created as pure data with no embedded scripts, no
onEdit, noonOpen, and no time-based triggers. No background process ever accesses user data. - No financial data on developer infrastructure: the only metadata maintained externally for license tracking consists of email, sheet ID, license status, dates, and Stripe session ID. No spreadsheet values, no transactions, no expense categories ever leave the user's Drive.
Data Retention & Deletion
Because all financial data is stored exclusively within your Google Drive, retention is fully under your control. You may delete your Prism. spreadsheet at any time directly from your Drive, which permanently removes all associated financial information. To revoke Prism.'s access to your Google account entirely, visit your Google Account Permissions page and remove Prism.
For deletion of license-tracking metadata held by the developer (email, license status, Stripe session ID), users may submit a request to support.prism.budget@gmail.com. Such requests will be processed within 30 days. Deletion of this metadata does not affect your spreadsheet, which always remains under your sole control.
Incident Response
In the unlikely event of a security incident affecting Prism.'s infrastructure (such as the license-tracking system), affected users will be notified by email within 72 hours of confirmed detection, in accordance with applicable data protection regulations. Because no spreadsheet content is held on developer infrastructure, the scope of any potential incident is structurally limited to the metadata listed above.
Pour toute question, contactez le support : support.prism.budget@gmail.com