Privacy Policy

This Privacy Policy explains how Business Asset Monitor collects, uses, and protects your personal information when you use our services.

Last updated: April 20, 2026

Information We Collect

When you use Business Asset Monitor, we collect various types of information to provide and improve our services, which includes:

  1. Account Information: When you create an account, we collect personal details such as your name, email address, organization details, and timezone.
  2. Google Account Information: To enable core features, we collect Google account data and OAuth tokens required to access Google Drive and Google Calendar services. We gather file metadata from your Google Drive, such as file names, sizes, and modification dates. We also collect calendar data, including event titles, descriptions, dates, and reminder settings when you create events through Business Asset Monitor.
  3. Credential Management Information: We store encrypted credentials and related metadata such as categories and reminder settings that you opt to store in our system.
  4. Subscription and Payment Information: For subscription management, we collect billing details, payment methods, and transaction history to process payments.
  5. Usage and Technical Data: We gather data on how you interact with our platform, which helps us optimize the experience. We also collect technical information like your IP address, browser type, and device details to monitor security and system performance.

How We Use Your Information

We use the information we collect for several purposes:

  • To provide the core features of Business Asset Monitor, such as asset uploads to Google Drive and calendar event creation.
  • To manage encrypted credentials and store them securely using industry-standard encryption techniques.
  • To process your subscription payments and manage billing cycles.
  • To personalize your dashboard experience, send notifications, and offer customer support.
  • To detect suspicious activity and ensure compliance with legal requirements.
  • To improve the performance of our services and prevent misuse.

Google Services Integration

Business Asset Monitor integrates with Google Drive and Google Calendar via Google’s OAuth 2.0 API. This allows us to provide core features like file uploads and calendar event creation.

  • Storage: All files uploaded through Business Asset Monitor are stored directly in your Google Drive, not on our servers. Similarly, calendar events are created directly in your Google Calendar.
  • Access Permissions: We request only the necessary permissions to perform these tasks. You can revoke access to Business Asset Monitor via your Google account settings at any time.
  • Security: We use secure OAuth tokens to interact with your Google services, and these tokens are never stored permanently by Business Asset Monitor.

Sharing and Disclosure

We will not sell your personal data. However, we may share your data in the following cases:

  • Service Providers: We may share your information with trusted third-party service providers, such as cloud infrastructure providers, payment processors, and analytics services, who help us operate our platform.
  • Legal Compliance: We may disclose your data to comply with legal obligations, respond to lawful requests, or protect the rights and safety of Business Asset Monitor, our users, or the public.

Your data stored on Google Drive and Google Calendar remains in your control. Business Asset Monitor does not store these files on our servers.

Data Retention & Control

You have control over the data we collect:

  • Google Drive Assets: Your files are stored in Google Drive, and you can manage them through your Google account. Business Asset Monitor does not retain copies of these files.
  • Credentials and Subscription Data: These are retained until you delete them or close your account. You may update or export your data anytime.
  • Account Deletion: If you choose to delete your Business Asset Monitor account, we will delete your profile and subscription data within a grace period (typically 30 days).

Security Practices

We prioritize the security of your data:

  • Encryption: All stored credentials are encrypted before being saved, ensuring protection even in the event of a breach.
  • OAuth Tokens: We use secure OAuth 2.0 tokens for accessing Google services. These tokens are encrypted and can be revoked by you at any time.
  • Data in Transit: We use TLS 1.2+ encryption to secure your data as it moves between your device, our servers, and Google services.
  • Security Measures: We implement role-based access controls, conduct audits, and use continuous monitoring to safeguard your sensitive data. Regular penetration tests help identify and patch vulnerabilities.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page, with the updated date at the top. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your data.

If you have any questions about this Privacy Policy, please contact us at 208-759-0777.