App logo Jetti Sheets

Privacy Policy

How Jetti Sheets handles your data and privacy

Effective Date: December 12, 2025 Last Updated: December 30, 2025 Version: 1.1 (Closed Beta) Review Schedule: Annual (or upon material changes)

See Section 14 for version history. Users are notified of material changes via email.

1. Introduction

Jetti Sheets ("Jetti," "we," "us," "our") is a Google Workspace add-on that provides advanced analytics for customer data, including cohort analysis, revenue waterfall analysis, and data quality insights.

BETA NOTICE: This privacy policy applies during the closed beta period. We may update this policy before public release to reflect feature changes and user feedback.

Developer Information:

This Privacy Policy explains how we collect, use, store, and protect your information when you use Jetti.

2. Information We Collect

2.1 Google Account Information

When you install Jetti, we collect:

  • Email address (via Google OAuth) - for license validation and account identification

Purpose: Authentication and license validation

2.2 Source Data You Choose to Analyze

When you run analysis reports, we temporarily process:

  • Customer transaction data from your selected data source (Google Sheets, Drive files, or uploaded CSVs)
  • Column names and data types for intelligent detection
  • Date ranges and metrics you configure for analysis

What we DO:

  • Process your data to generate analytics reports
  • Temporarily cache processed data (see Section 3.2)
  • Store your report configuration preferences

What we DO NOT do:

  • Store your raw customer/transaction data permanently
  • Share your data with third parties
  • Use your data to train AI models
  • Access files you haven't explicitly selected for analysis

2.3 Report Configurations

We store these settings in your Google User Properties (tied to your account):

  • Report names and types (cohort, snowball, data quality)
  • Column mappings (UID, date, metric columns)
  • Filter preferences and display settings
  • Last run timestamps

Storage Location: Google Apps Script User Properties (encrypted by Google)

2.4 Usage Analytics

We may collect anonymized usage data:

  • Which features you use (cohort, snowball, insights, etc.)
  • Report generation frequency
  • Performance metrics (processing time, cache hit rates)
  • Error logs for debugging (no customer data included)

Tools Used: None currently (beta period - usage tracking not implemented)

2.5 Automatically Collected Technical Data

  • IP Address: For security and abuse prevention
  • Browser Type: For compatibility optimization
  • Timestamp: For cache management and diagnostics

3. How We Use Your Data

3.1 Data Processing Architecture

Jetti uses 6 microservices on Google Cloud Run (Region: us-west2):

Service

Purpose

Data Access

Cohort Analysis API

Generate customer retention cohort tables

Reads selected source data

Snowball Analysis API

Revenue/customer waterfall breakdowns

Reads selected source data

Insights API

Interactive drill-down for clicked cells

Reads cached aggregated data

Data Detector API

Smart column type detection

Analyzes column headers/samples

Data Flows API

Data quality health scans

Reads selected source data

License API

License validation & usage tracking

Email, license key, token count

Processing Flow:

  1. You select a data source (Sheet, Drive file, or local CSV upload)
  2. Data is sent to Cloud Run APIs via HTTPS
  3. APIs process data in-memory (no disk writes)
  4. Results are returned to your Google Sheet
  5. Aggregated data is cached in Google Cloud Storage (see Section 3.2)

3.1.1 Large File Upload (GCS Direct Upload)

For files larger than 50MB, we use a direct upload flow:

  1. You select a CSV file from your local machine
  2. We generate a temporary signed upload URL
  3. File uploads directly to GCS (bypasses Apps Script memory limits)
  4. API processes the file in-memory
  5. File is deleted immediately after processing
  6. Results are cached with 24-hour TTL (same as other sources)

Privacy Guarantee: Uploaded files are temporary and auto-deleted after processing

3.2 Temporary Caching (Google Cloud Storage)

To improve performance for insights drill-down, we cache:

  • What: Aggregated customer-level data (no raw transactions)
  • Where: Google Cloud Storage bucket
  • How Long: 24 hours automatic expiration (TTL)
  • Isolation: No cross-tenant access
  • Encryption: AES-256 at rest, TLS 1.3 in transit

You can clear cache anytime:

  • Via Manage tab: Use the Cache Manager to view, select, and bulk-delete cache files
    • View all cached files for your spreadsheets
    • Multi-select checkboxes for bulk deletion
    • See file path, size, and age
    • Server-side deletion with confirmation
  • Via API: Automatic deletion after 24 hours (TTL)
  • Via uninstalling/revoking access: Cache auto-deletes

3.3 No Permanent Data Storage

We DO NOT permanently store:

  • Your customer transaction data
  • Revenue/sales figures
  • Customer names, emails, or identifiers from your source files
  • Any personally identifiable information (PII) from your source data

What we DO store:

  • Account information: Your email, license key, and token usage—required for authentication, license validation, and usage tracking
  • Report configuration: Column mappings and filters stored in Google User Properties to save you time on future reports

4. Google API Permissions (OAuth Scopes)

Jetti requests these permissions when you install it:

Scope

Purpose

drive.file

Access only files you explicitly select via the Native Google Picker

spreadsheets

Read your data and create report sheets

script.external_request

Connect to our analysis APIs

script.container.ui

Display the sidebar interface

script.scriptapp

Generate identity tokens for secure API authentication

userinfo.email

Identify your account for license validation

Privacy-First File Access (Native Google Picker)

We use drive.file scope with Google's Native Picker API:

As of December 2025, Jetti uses Google's Native Picker API - the same file picker used by Google's own apps. This provides the strongest privacy guarantees available:

  • Minimal access: We can ONLY access files you explicitly select using Google's native file picker
  • No browsing: We cannot see, list, or browse your other Drive files
  • You're in control: Each file must be deliberately selected by you
  • Google-hosted UI: The file picker runs on Google's servers, not ours
  • We CANNOT access files you haven't explicitly opened with Jetti

Why this matters:

Approach

Scope

What App Can See

Jetti (Native Picker)

drive.file

Only files you pick

Many other apps

drive.readonly

All your Drive files

Some apps

drive

Full read/write to all files

Friendly permission prompt: When you authorize Jetti, Google shows:

"View and manage files you have opened with this app"

This is much more privacy-friendly than the broader "See and download all your Google Drive files" that some apps request.

How We Use These Permissions

  • You control access: We only access files you explicitly select using Google's native file picker
  • Reports go in your spreadsheet: Analysis results are written as new sheets in your current spreadsheet
  • Processing happens on-demand: We only read and process data when you click "Generate Report"
  • Identity tokens: Used to authenticate your requests to our APIs (not stored)
  • Email address: Used to validate your license and track usage (see Section 5.2)

You can revoke access anytime: https://myaccount.google.com/permissions

5. Current Features & Future Data Use

5.1 AI-Ready Export

Status: Available

Approach: "Bring Your Own AI" (BYOAI)

  • We generate expert AI prompts with your report data embedded
  • You copy the prompt to your clipboard
  • You paste into ChatGPT, Claude, Gemini, or any AI platform you prefer
  • Jetti NEVER sends your data to AI services
  • You control what data leaves your environment

What we provide:

  • 4 expert prompt templates:
    • Quick Rundown (executive summary)
    • Movement Diagnosis (growth/churn patterns)
    • Health Scorecard (business health evaluation)
    • General Cohort (retention & LTV analysis)
  • Context questionnaire (industry, metric type, time period, goals)
  • Data formatting optimized for AI consumption
  • One-click copy to clipboard

Privacy Guarantee:

  • No AI API calls from Jetti - we only generate the prompt text
  • No data sent to third parties - you control the copy/paste action
  • No storage of prompts - generated on-demand, not saved
  • You decide which AI platform to use (ChatGPT, Claude, Gemini, etc.)
  • You can review the prompt before pasting

Privacy Impact: Zero - Jetti acts as a prompt generator only. You have complete control over whether and where to share your data.

5.2 License System & Usage Tracking

Status: Fully implemented (December 2025)

Jetti uses a license-based access system to manage subscriptions and track usage.

What We Collect:

  • Email address (from Google OAuth) - to identify your license
  • License key (you provide) - to validate your subscription
  • Token usage - count of reports generated (not report contents)

How It Works:

  1. You activate Jetti with a license key (from Polar.sh checkout)
  2. Your email is linked to the license in our database
  3. Each report generation deducts tokens from your monthly allocation
  4. Token counts reset at the start of each billing period

Third-Party Service:

  • Polar.sh - Handles billing, subscriptions, and license key generation
  • We share: Your email address (for license lookup) and license key
  • Polar.sh Privacy Policy: https://polar.sh/privacy
  • We do NOT share your spreadsheet data with Polar.sh

What We Store:

Data

Location

Retention

Email address

PostgreSQL (Cloud SQL)

Until license deactivated

License key

PostgreSQL (Cloud SQL)

Until license deactivated

Token usage count

PostgreSQL (Cloud SQL)

Current billing period

License type

PostgreSQL (Cloud SQL)

Until license deactivated

License API Service:

  • URL: https://license-api-*.run.app (Cloud Run)
  • Purpose: Validate licenses, track token usage
  • Authentication: Google Identity tokens (same as other APIs)

Your Rights:

  • View your token usage in the Manage tab
  • Deactivate your license anytime (Manage tab → Portal → Deactivate)
  • Request data deletion via email

6. Data Sharing & Third Parties

6.1 Third-Party Services We Use

  • Google Cloud Platform (GCP): All data processing and caching
  • Polar.sh: License management and billing
    • Receives: Your email address, license key
    • Does NOT receive: Your spreadsheet data
    • Privacy Policy: https://polar.sh/privacy
  • Analytics Tools: None currently

6.2 We Do Not Share Data With

  • Advertisers
  • Data brokers
  • AI model training companies
  • Any third parties for marketing purposes

6.3 Legal Obligations

We may disclose data if required by law:

  • Valid court orders or subpoenas
  • Government investigations (with transparency when legally allowed)
  • Protect our legal rights or prevent fraud

Transparency: We will notify you if legally permitted.

7. Data Security

7.1 Encryption

  • In Transit: TLS 1.3 (HTTPS) for all API calls
  • At Rest: AES-256 encryption (Google Cloud Storage)
  • OAuth Tokens: Encrypted storage in Google User Properties

7.2 Access Controls

  • User Isolation: No cross-tenant access
  • Authentication: Google OAuth 2.0 (no passwords stored)
  • API Security: Cloud Run services validate requests via Google Apps Script

7.3 Infrastructure Security

  • Cloud Provider: Google Cloud Platform (us-west2)
  • GCP Compliance: Enterprise-grade (SOC 2, ISO 27001)
  • Jetti Compliance: Pursuing SOC 2 Type I certification (target Q1 2026)
  • Monitoring: Automated error logging (no customer data in logs)

7.4 Data Breach Notification

In the unlikely event of a data breach:

  1. We will investigate promptly
  2. Notify affected users as soon as reasonably practicable
  3. Provide details on what data was affected and remediation steps

8. Data Retention & Deletion

8.1 Retention Periods

Data Type

Retention

Deletion Method

Cached Data (GCS)

24 hours (automatic)

Auto-deleted by TTL

Report Configurations

Until you delete or revoke access

Manual via Manage tab

License Information

Until license deactivated

Via Manage tab or email request

Error Logs

30 days

Automatic rotation

Token Usage

Current billing period

Resets monthly

8.2 How to Delete Your Data

Option 1: Revoke Jetti Access (Complete Removal)

  1. Go to: https://myaccount.google.com/permissions
  2. Find "Jetti" and click "Remove Access"
  3. All cached data auto-deletes within 24 hours
  4. Report configurations are immediately inaccessible

Option 2: Email Request

Option 3: Delete Specific Report Configs

  1. Open a new Google Sheet
  2. Go to Extensions > Jetti Sheets > Open Sidebar
  3. Use the "Manage Reports" feature to delete saved reports

9. International Data Transfers

Data Processing Location: United States (Google Cloud Region: us-west2)

If you're outside the US:

  • Your data is transferred to US servers for processing
  • Data is ephemeral (24-hour cache retention)
  • You can opt-out by not using Jetti

10. Your Privacy Rights

All users have the following rights:

  • Access: Request a copy of your data (report configs, cached data list)
  • Deletion: Delete all data anytime (see Section 8.2)
  • Portability: Export report configurations
  • Opt-Out: Stop using Jetti and revoke access anytime
  • Correction: Update incorrect data by re-running reports
  • No Sale of Data: We do not sell your personal information

To exercise your rights: Email support@jettisheets.com

11. Cookies & Tracking

Cookies Used by Jetti:

  • Session Cookies: Maintain sidebar state (session-only, deleted when closed)
  • Local Storage: Save UI preferences (dark mode, collapsed sections, etc.)

Third-Party Cookies:

  • None (beta period - no third-party analytics)

You can disable cookies in your browser, but Jetti may not function properly.

12. Children's Privacy

Jetti is not intended for users under 16 years old.

We do not knowingly collect data from children. If you believe a child has provided data to Jetti:

Parents/Guardians: If your child used Jetti, please contact us for immediate data deletion.

13. Changes to This Privacy Policy

We may update this policy to reflect:

  • New features
  • Legal or regulatory developments
  • Security improvements

How we notify you:

  1. Material Changes: Email notification to your Google account email
  2. Minor Changes: Update "Last Updated" date at top of policy
  3. Changelog: See Section 14 for version history

Your continued use after changes = acceptance of new policy

14. Privacy Policy Changelog

Version

Date

Changes

1.0

December 12, 2025

Initial privacy policy for closed beta

1.1

December 30, 2025

Updated for beta launch: license system, file access details, simplified user rights

Review schedule: Annual or upon material changes

15. Contact Us

Privacy Questions or Requests:

Mailing Address: Jetti, LLC Los Angeles, CA, United States

16. Legal & Compliance

Governing Terms:

  • Google Workspace Marketplace Developer Terms
  • This Privacy Policy and our Terms of Service

Certifications & Audits:

  • Infrastructure: Google Cloud Platform (SOC 2, ISO 27001)
  • Jetti: Pursuing SOC 2 Type I certification (target Q1 2026)

Privacy Approach: We build with privacy best practices in mind, including data minimization, user control, encryption, and transparency.

17. Additional Resources

By using Jetti, you agree to this Privacy Policy.

If you do not agree, please do not install or use Jetti, and revoke access if already installed.

END OF PRIVACY POLICY

This policy is effective as of December 12, 2025 and applies to all users of the Jetti Sheets Google Workspace add-on.