GuardSphere Privacy Policy

1. Introduction

This Privacy Policy explains how GuardSphere Technologies Inc. collects, uses, stores, protects, shares, retains, and deletes information when users interact with GuardSphere websites, dashboards, browser extensions, device agents, Google Workspace integrations, managed devices, and related services.

GuardSphere is designed for authorized device governance. Our services are used by account owners, administrators, schools, families, institutions, and organizations to manage digital safety, productivity, compliance, device accountability, and policy enforcement on devices they are authorized to manage.

2. Information We Collect

GuardSphere may collect information necessary to provide managed browsing protection, policy enforcement, device accountability, administrator visibility, Google Workspace integration, workforce intelligence, reporting, security, and support.

3. Google Workspace Integration Data

GuardSphere integrates with Google Workspace only when an authorized school, institution, business, or organization administrator chooses to connect a Google Workspace account through Google OAuth. GuardSphere requests access only to the Google Workspace data needed to provide the selected governance, roster synchronization, device visibility, app visibility, reporting, and administrative features.

Depending on the permissions approved by the Google Workspace administrator, GuardSphere may access limited Google Workspace information such as administrator profile information, organization user and group directory information, enrolled device information, ChromeOS device information, installed application information, and related metadata required to deliver GuardSphere services.

GuardSphere does not sell Google user data. GuardSphere does not use Google Workspace data for advertising, ad targeting, unrelated marketing profiles, or unrelated user profiling.

4. How We Use Information

GuardSphere uses collected information to provide, secure, maintain, improve, and support the GuardSphere service. This includes:

• • Enforcing web filtering, app control, device schedules, and governance policies.
• • Blocking unsafe, restricted, or policy-disallowed websites and applications.
• • Connecting activity to the correct authorized managed user, device, group, organization, or policy.
• • Providing administrator dashboards, reports, compliance views, workforce intelligence, and device accountability.
• • Synchronizing approved Google Workspace users, groups, devices, applications, and related administrative metadata.
• • Maintaining security, preventing misuse, troubleshooting issues, and supporting legal, operational, and compliance requirements.

5. Chrome Extension, ChromeOS Agent, and Device Agent Data Use

The GuardSphere Chrome extension, ChromeOS agent, Android agent, Windows agent, and related device components use permissions only to provide managed browsing protection, filtering, device monitoring, user attribution, policy synchronization, app visibility, enforcement decisions, protection status reporting, and authorized administrator visibility.

GuardSphere does not use extension, device agent, browsing, or app activity data for unrelated advertising purposes and does not sell this data.

6. Data Protection Mechanisms

GuardSphere protects personal information, managed device data, Google Workspace data, and other sensitive operational data using administrative, technical, and organizational safeguards designed to prevent unauthorized access, disclosure, alteration, loss, or misuse.

• • Encryption of data in transit using HTTPS/TLS.
• • Restricted access to production systems based on role-based access controls.
• • Access limited to authorized personnel who require access for support, security, operations, compliance, or service delivery.
• • Secure handling and storage of OAuth tokens, integration credentials, and sensitive configuration values.
• • Logging and monitoring of security-relevant system activity.
• • Separation of customer organization data so that one organization cannot access another organization's data.
• • Use of OAuth authorization flows so administrators can grant or revoke Google Workspace access without sharing Google passwords with GuardSphere.
• • Periodic review of access permissions, operational controls, and security practices.

Where GuardSphere uses trusted service providers to operate the service, those providers are required to protect the data and process it only for purposes necessary to provide GuardSphere services.

7. Data Sharing

GuardSphere does not sell personal information. GuardSphere may share information only in limited situations, including:

• • With authorized account owners, school administrators, family administrators, institution administrators, or organization administrators who manage the relevant account, device, user, group, or policy.
• • With service providers that help operate, host, secure, monitor, bill, or support GuardSphere.
• • When required to comply with legal obligations, enforce our agreements, protect rights, prevent fraud, or respond to lawful requests.
• • In connection with a business transaction such as a merger, acquisition, financing, reorganization, or sale of assets, subject to appropriate confidentiality and data protection obligations.

8. Children and Student Data

GuardSphere may be used by schools, families, institutions, and organizations to help protect student or child browsing activity on managed devices. GuardSphere processes this information only to provide digital safety, filtering, monitoring, reporting, compliance, and device governance features requested by the authorized school, family, institution, or organization.

Where GuardSphere is used by a school or organization, that school or organization is responsible for obtaining any required consents, notices, or authorizations from parents, guardians, students, employees, or other managed users as required by applicable law and internal policy.

9. Data Retention

GuardSphere retains information only for as long as reasonably necessary to provide the service, maintain security, support customers, comply with legal or contractual obligations, resolve disputes, prevent fraud, support audit requirements, and operate the business.

Operational records, reports, device metadata, policy logs, app inventory records, Google Workspace synchronization records, and enforcement records may be retained while the customer account or organization workspace remains active. Some limited backup, audit, billing, security, legal, and compliance records may be retained for a reasonable period after account closure, disconnection, or deletion where required for legitimate operational, legal, fraud-prevention, or business-record purposes.

GuardSphere does not retain Google Workspace OAuth access indefinitely when the Google Workspace integration is disconnected. When a customer disconnects Google Workspace from GuardSphere, GuardSphere stops using the Google OAuth connection for that organization and disables further synchronization from Google Workspace unless the customer reconnects the integration.

10. Data Deletion

Customers may request deletion of personal information, managed device data, Google Workspace data, and organization data associated with their GuardSphere account by contacting GuardSphere support at support@guardsphere.app.

When a customer deletes an organization account, disconnects the Google Workspace integration, removes a managed device, or submits a verified deletion request, GuardSphere will delete or de-identify data that is no longer required to provide the service, subject to legal, security, backup, audit, billing, and compliance retention requirements.

Deletion from active production systems will be completed within a reasonable period after a verified deletion request. Data stored in backups may remain temporarily until backups expire or are overwritten according to GuardSphere's backup retention cycle, but such data will not be used for active service delivery unless restored for security, legal, or disaster-recovery purposes.

Google Workspace administrators may also revoke GuardSphere's access at any time from the Google Admin Console or Google Account security settings. Once access is revoked, GuardSphere can no longer retrieve new Google Workspace data through that OAuth connection.

11. Google API Limited Use Disclosure

GuardSphere's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. GuardSphere uses Google Workspace data only to provide and improve user-facing GuardSphere features that customers have requested, including Workspace connection status, roster synchronization, device synchronization, app visibility, governance reporting, policy administration, and administrator controls.

12. Customer and User Choices

Authorized administrators may manage users, groups, devices, policies, connected integrations, and reporting features from the GuardSphere dashboard. Customers may disconnect Google Workspace, remove managed devices, update policies, or contact support for assistance with access, correction, export, or deletion requests.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, integrations, legal obligations, or security practices. When we make material changes, we will update the effective date above and may provide additional notice where appropriate.

14. Contact Us

For privacy questions, security concerns, access requests, deletion requests, or support requests, contact us at support@guardsphere.app.

Website: www.guardsphere.app