Privacy Policy
Privacy Policy
Last Updated: June 2, 2025
Keygraph Inc. (“we,” “us,” or “our”) wants you to be familiar with how we collect, use, and disclose information. This Privacy Policy describes our practices in connection with information that we collect through:
Website(s) operated by us from which you are accessing this Privacy Policy;
Software application(s) made available by us for use on or through computers and mobile devices; and
HTML-formatted email messages that we send to you that link to this Privacy Policy.
Collectively, we refer to the website(s), app(s), social media pages, and emails as the “Services.”
1. Personal Information
“Personal Information” is information that identifies you as an individual or relates to an identifiable individual. We collect Personal Information through or in connection with the Services, such as:
Name
Postal address
Telephone number
Email address
IP address (we may also derive your approximate location from your IP address)
Payment information
2. Google Workspace Data and API Use
As part of providing our Services to Google Workspace domain administrators, we request access to certain Google APIs under user authorization. Specifically, we request the following data:
User profile data (names, emails) via the Admin SDK Directory API
Organizational unit and group membership data
Audit log data via the Admin Reports API
Delegated role assignments
Data transfer requests (e.g., for reassignment of Drive file ownership)
How We Use This Data:
Enable organization administrators to manage users, groups, and organizational policies.
Perform administrative operations such as user suspension, password resets, or group provisioning.
Provide audit logs and visibility into account and resource usage.
Facilitate ownership transfers during user offboarding workflows.
What We Don’t Do:
We do not access the content of any user emails, Drive files, or messages.
We request only the minimum necessary scopes and limit access to authorized admins.
Security & Compliance:
All Google user data is stored securely and encrypted in transit and at rest.
Data is never shared with third parties.
Data is deleted upon user or domain request, or after the purpose for which it was collected is fulfilled.
We comply with Google API Services User Data Policy, including Limited Use requirements.
3. Collection of Personal Information
We and our service providers collect Personal Information in a variety of ways, including:
Through the Services
When you sign up for a newsletter, create an account, contact customer service, or make a purchase.
From Other Sources
We may receive your Personal Information from other sources, such as publicly available databases.
If you disclose any Personal Information relating to others, you represent you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.
4. Use of Personal Information
We and our service providers use Personal Information for purposes such as:
Providing functionality of the Services and fulfilling your requests (account access, transactions, promotions, customer service).
Sending you marketing-related emails and facilitating social sharing.
Analyzing Personal Information for business reporting and providing personalized services.
Allowing you to participate in sweepstakes, contests, or other promotions.
Aggregating and/or anonymizing Personal Information for analytics or other business purposes.
Accomplishing our business purposes (audits, fraud prevention, security, product development, maintenance, trend analysis, campaign effectiveness, and legitimate business activities).
5. Disclosure of Personal Information
We disclose Personal Information:
To our service providers, to facilitate services they provide to us (e.g., website hosting, analytics, payment processing, IT, customer service, auditing).
If you choose to disclose Personal Information through the Services (message boards, chat, social sharing, etc.).
Through your social sharing activity, subject to the privacy policy of the relevant social media provider.
6. Other Uses and Disclosures
We may also use and disclose Personal Information as necessary or appropriate:
To comply with applicable law, respond to warrants, and fulfill legal obligations;
To enforce our terms and conditions;
To protect our rights, privacy, safety, or property, and/or that of others;
In connection with a proposed or actual reorganization, merger, sale, joint venture, or other disposition of all or part of our business or assets.
7. Information Collected Automatically
We and our service providers may automatically collect information, including:
Your Browser or Device
Device information such as MAC address, computer type, screen resolution, OS, device model, browser type/version, and language.
Your Use of Our App(s)
Usage data, such as the date and time the app accesses our servers and files downloaded to the app.
Cookies
Cookies allow collection of browser type, time spent on Services, pages visited, language preferences, and traffic data. We use this for security, navigation, analytics, and personalization.
Note: Most browsers allow you to decline cookies. If you do not accept cookies, some features may not work as intended.
Pixel Tags and Similar Technologies
Pixel tags: Track actions of users and measure marketing campaign success.
Analytics: We use services like Google Analytics. Learn more and opt out here.
Invisible reCAPTCHA: We use Google’s invisible reCAPTCHA to protect against spam and automated abuse. See Google’s Privacy Policy and Terms.
Physical Location
We may collect the approximate location of your device to provide personalized location-based services. You may be able to allow or deny location use.
8. Uses and Disclosures of Information Collected Automatically
If required by law, we treat automatically collected information as Personal Information. In some cases, we may combine this data with Personal Information; if we do, we treat the combined data as Personal Information.
9. Security
We use reasonable organizational, technical, and administrative measures to protect Personal Information.
Google OAuth credentials: Access tokens are encrypted and stored with restricted access. Only authenticated, authorized users may access administrative APIs.
No data accessed through Google APIs is used for advertising, analytics, or user profiling beyond core functionality.
No data transmission or storage can be guaranteed 100% secure. If you believe your interaction with us is no longer secure, please contact us immediately (see “Contact Us” below).
10. Third-Party Services
This Privacy Policy does not address, and we are not responsible for, the privacy or information practices of any third parties, including those operating sites or services to which we link.
We are not responsible for the policies or practices of other organizations, including social media, app providers, device manufacturers, or payment services.
11. Use of the Services by Minors
The Services are not directed to individuals under the age of sixteen (16), and we do not knowingly collect Personal Information from individuals under 16.
12. Jurisdiction and Cross-Border Transfer
We are located in the United States. Your Personal Information may be stored and processed in any country where we have facilities or engage service providers. By using the Services, you understand your information may be transferred to countries outside your country of residence, including the U.S., which may have different data protection rules.
13. Sensitive Information
Unless we request it, please do not send us or disclose any sensitive Personal Information (e.g., Social Security numbers, racial/ethnic origin, political opinions, religion, health, biometrics, or criminal background) on or through the Services or otherwise.
14. Third-Party Payment Service
The Services may allow payments via a third-party payment service. Your Personal Information will be collected by such third party and will be subject to their privacy policy. We have no control over, and are not responsible for, any third party’s collection, use, or disclosure of your Personal Information.
15. Updates to this Privacy Policy
The “Last Updated” legend at the top of this Privacy Policy indicates when it was last revised. Any changes will become effective when we post the revised Privacy Policy on the Services.
16. Contact Us
If you have any questions about this Privacy Policy, please contact us at legal@keygraph.io.
Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us.
Last Updated: June 2, 2025
Keygraph Inc. (“we,” “us,” or “our”) wants you to be familiar with how we collect, use, and disclose information. This Privacy Policy describes our practices in connection with information that we collect through:
Website(s) operated by us from which you are accessing this Privacy Policy;
Software application(s) made available by us for use on or through computers and mobile devices; and
HTML-formatted email messages that we send to you that link to this Privacy Policy.
Collectively, we refer to the website(s), app(s), social media pages, and emails as the “Services.”
1. Personal Information
“Personal Information” is information that identifies you as an individual or relates to an identifiable individual. We collect Personal Information through or in connection with the Services, such as:
Name
Postal address
Telephone number
Email address
IP address (we may also derive your approximate location from your IP address)
Payment information
2. Google Workspace Data and API Use
As part of providing our Services to Google Workspace domain administrators, we request access to certain Google APIs under user authorization. Specifically, we request the following data:
User profile data (names, emails) via the Admin SDK Directory API
Organizational unit and group membership data
Audit log data via the Admin Reports API
Delegated role assignments
Data transfer requests (e.g., for reassignment of Drive file ownership)
How We Use This Data:
Enable organization administrators to manage users, groups, and organizational policies.
Perform administrative operations such as user suspension, password resets, or group provisioning.
Provide audit logs and visibility into account and resource usage.
Facilitate ownership transfers during user offboarding workflows.
What We Don’t Do:
We do not access the content of any user emails, Drive files, or messages.
We request only the minimum necessary scopes and limit access to authorized admins.
Security & Compliance:
All Google user data is stored securely and encrypted in transit and at rest.
Data is never shared with third parties.
Data is deleted upon user or domain request, or after the purpose for which it was collected is fulfilled.
We comply with Google API Services User Data Policy, including Limited Use requirements.
3. Collection of Personal Information
We and our service providers collect Personal Information in a variety of ways, including:
Through the Services
When you sign up for a newsletter, create an account, contact customer service, or make a purchase.
From Other Sources
We may receive your Personal Information from other sources, such as publicly available databases.
If you disclose any Personal Information relating to others, you represent you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.
4. Use of Personal Information
We and our service providers use Personal Information for purposes such as:
Providing functionality of the Services and fulfilling your requests (account access, transactions, promotions, customer service).
Sending you marketing-related emails and facilitating social sharing.
Analyzing Personal Information for business reporting and providing personalized services.
Allowing you to participate in sweepstakes, contests, or other promotions.
Aggregating and/or anonymizing Personal Information for analytics or other business purposes.
Accomplishing our business purposes (audits, fraud prevention, security, product development, maintenance, trend analysis, campaign effectiveness, and legitimate business activities).
5. Disclosure of Personal Information
We disclose Personal Information:
To our service providers, to facilitate services they provide to us (e.g., website hosting, analytics, payment processing, IT, customer service, auditing).
If you choose to disclose Personal Information through the Services (message boards, chat, social sharing, etc.).
Through your social sharing activity, subject to the privacy policy of the relevant social media provider.
6. Other Uses and Disclosures
We may also use and disclose Personal Information as necessary or appropriate:
To comply with applicable law, respond to warrants, and fulfill legal obligations;
To enforce our terms and conditions;
To protect our rights, privacy, safety, or property, and/or that of others;
In connection with a proposed or actual reorganization, merger, sale, joint venture, or other disposition of all or part of our business or assets.
7. Information Collected Automatically
We and our service providers may automatically collect information, including:
Your Browser or Device
Device information such as MAC address, computer type, screen resolution, OS, device model, browser type/version, and language.
Your Use of Our App(s)
Usage data, such as the date and time the app accesses our servers and files downloaded to the app.
Cookies
Cookies allow collection of browser type, time spent on Services, pages visited, language preferences, and traffic data. We use this for security, navigation, analytics, and personalization.
Note: Most browsers allow you to decline cookies. If you do not accept cookies, some features may not work as intended.
Pixel Tags and Similar Technologies
Pixel tags: Track actions of users and measure marketing campaign success.
Analytics: We use services like Google Analytics. Learn more and opt out here.
Invisible reCAPTCHA: We use Google’s invisible reCAPTCHA to protect against spam and automated abuse. See Google’s Privacy Policy and Terms.
Physical Location
We may collect the approximate location of your device to provide personalized location-based services. You may be able to allow or deny location use.
8. Uses and Disclosures of Information Collected Automatically
If required by law, we treat automatically collected information as Personal Information. In some cases, we may combine this data with Personal Information; if we do, we treat the combined data as Personal Information.
9. Security
We use reasonable organizational, technical, and administrative measures to protect Personal Information.
Google OAuth credentials: Access tokens are encrypted and stored with restricted access. Only authenticated, authorized users may access administrative APIs.
No data accessed through Google APIs is used for advertising, analytics, or user profiling beyond core functionality.
No data transmission or storage can be guaranteed 100% secure. If you believe your interaction with us is no longer secure, please contact us immediately (see “Contact Us” below).
10. Third-Party Services
This Privacy Policy does not address, and we are not responsible for, the privacy or information practices of any third parties, including those operating sites or services to which we link.
We are not responsible for the policies or practices of other organizations, including social media, app providers, device manufacturers, or payment services.
11. Use of the Services by Minors
The Services are not directed to individuals under the age of sixteen (16), and we do not knowingly collect Personal Information from individuals under 16.
12. Jurisdiction and Cross-Border Transfer
We are located in the United States. Your Personal Information may be stored and processed in any country where we have facilities or engage service providers. By using the Services, you understand your information may be transferred to countries outside your country of residence, including the U.S., which may have different data protection rules.
13. Sensitive Information
Unless we request it, please do not send us or disclose any sensitive Personal Information (e.g., Social Security numbers, racial/ethnic origin, political opinions, religion, health, biometrics, or criminal background) on or through the Services or otherwise.
14. Third-Party Payment Service
The Services may allow payments via a third-party payment service. Your Personal Information will be collected by such third party and will be subject to their privacy policy. We have no control over, and are not responsible for, any third party’s collection, use, or disclosure of your Personal Information.
15. Updates to this Privacy Policy
The “Last Updated” legend at the top of this Privacy Policy indicates when it was last revised. Any changes will become effective when we post the revised Privacy Policy on the Services.
16. Contact Us
If you have any questions about this Privacy Policy, please contact us at legal@keygraph.io.
Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us.
Get Started Today with
Keygraph
Keygraph brings IAM, MDM, and Compliance together in one platform.
Request a demo
Get Started
Keygraph.io
