Privacy Policy for trackdown Access to Google APIs

The following Privacy Policy notes are valid for trackdown v1.3.0 [currently only available on GitHub]

• [IMPORTANT] We currently reached the maximum number of users for the API credentails. Installing the development trackdown from GitHub will require to create your own API credentials. Please, see instructions at https://claudiozandonella.github.io/trackdown/articles/oauth-client-configuration.html

The trackdown package works with Google APIs from R.

The trackdown package is governed by policies recorded here. The trackdown package uses internal resources owned by the “Trackdown R Package” project on Google Cloud Platform. That is the name you will see in a consent screen.

Your use of Google APIs with the trackdown package is subject to each API’s respective terms of service. See https://developers.google.com/terms/.

Privacy Google account and user data

Accessing User Data

The trackdown package accesses Google resources from your local machine. Your machine communicates directly with the Google APIs.

The Trackdown R Package project never receives your data or the permission to access your data. The owners of the project can only see anonymous, aggregated information about usage of tokens obtained through its OAuth client, such as which APIs and endpoints are being used.

The trackdown package includes functions that you can execute in order to read or modify your own data. This can only happen after you provide a token, which requires that you authenticate yourself as a specific Google user and authorize these actions.

The trackdown package can help you get a token by guiding you through the OAuth flow in the browser. There you must consent to allow the Trackdown R Package project to operate on your behalf. The OAuth consent screen will describe the scope of what is being authorized, e.g., it will name the target API(s) and whether you are authorizing “read only” or “read and write” access.

There are two ways to use these packages without authorizing the Trackdown R Package project: bring your own service account token or configure the package to use an OAuth client of your choice.

Scopes

Overview of the scopes requested by the Trackdown R Package project and their rationale:

• userinfo.email (read only): The Trackdown R Package project request this scope so that cached tokens can be labelled with the associated Google user, allowing you to more easily access Google APIs with more than one identity. The Trackdown R Package project do NOT have access to and do NOT store your Google password.

• Drive (read/write): The trackdown package allows you to upload, modify, and download files to your Drive and therefore the default scopes include read/write access.

Sharing User Data

The trackdown package may store your credentials on your local machine, for later reuse by you. Use caution when using this package on a shared machine.

By default, an OAuth token is cached in a local file, such as ~/.R/gargle/gargle-oauth. See the documentation for gargle::gargle_options() and gargle::credentials_user_oauth2() for information on how to control the location of the token cache or suppress token caching, globally or at the individual token level.

Policies for Authors of Packages or Other Applications

Do not use an API key or client ID from the Trackdown R Package project in an external package or tool. Per the Google User Data Policy https://developers.google.com/terms/api-services-user-data-policy, your application must accurately represent itself when authenticating to Google API services.

If you use these packages inside another package or application that executes its own logic — as opposed to code in the Trackdown R Package project or by the user — you must communicate this clearly to the user. Do not use credentials from the Trackdown R Package project; instead, use credentials associated with your project or your user.