Google API Services Disclosure
Google API Services — OAuth Disclosure
RIGID FITNESS (operated by ePhoenix LLC) operates an internal automation tool (“B2B Outreach Bot”) that accesses our Google account data via the Google API. The bot is granted access to the brand-owned Google account ephoenixuae@gmail.com and operates on behalf of the business.
Scopes accessed
When access is granted, the tool obtains:
- Google Sheets (
auth/spreadsheets) — read prospects from, and write send-status to, a single spreadsheet (“B2B Ops”) owned by the business. - Gmail send (
auth/gmail.send) — dispatch outreach emails from the brand mailboxcontact@rigidfitness.fitto recipients listed in the spreadsheet. - Gmail read-only (
auth/gmail.readonly) — read the Send-Mail-As alias configuration (custom-domain aliascontact@rigidfitness.fitlayered on the consumer Gmail inbox) to fetch the alias signature and verify alias-verification status before sending. Empirically required: without this scope, custom-domain aliases are omitted from the Gmail API’s sendAs.list response on consumer accounts. No inbox scanning, no message-body reads. - Gmail modify (
auth/gmail.modify) — apply a single internal Gmail label (“B2B”) to outgoing messages so the mailbox owner can filter outreach traffic from personal correspondence; also used to list and create that label. - Gmail settings basic (
auth/gmail.settings.basic) — read the send-as alias verification status before dispatching.
Limited Use compliance
The B2B Outreach Bot’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
In practice this means:
- We use the Google user data only to operate the outreach workflow described above.
- We do not transfer Google user data to third parties (no analytics, advertising, AI training, or resale).
- We do not allow humans other than the business operator to read Google user data, except as needed for security or legal compliance.
- We do not use Google user data for advertising purposes.
Data protection mechanisms
Google user data accessed by the B2B Outreach Bot is protected by the following controls:
Encryption in transit
All communication with Google APIs occurs over TLS 1.2+ HTTPS (enforced by the Google API endpoints themselves). All communication between the Railway hosting platform and Google APIs is encrypted in transit by default; no plaintext API traffic is possible.
Encryption at rest
OAuth refresh tokens and the Google API client secret are stored exclusively as environment variables on Railway, which encrypts environment variables at rest using AES-256 (per Railway’s published security documentation). No tokens, client secrets, or Google user data are committed to source control; the project’s .gitignore excludes token.json, client_secret.json, and any .env files. No Google user data (Gmail message bodies, spreadsheet contents) is persisted to disk at any point.
Access controls
The Google Cloud project that owns the OAuth client is restricted to a single Owner-role account (the publisher’s GCP administrator). The Railway environment that holds the refresh tokens is restricted to the same single operator. The OAuth refresh tokens themselves authorize access only to the two specific brand mailboxes that completed the consent flow (ephoenixuae@gmail.com and meadeastmart@gmail.com); no other Google account data is reachable. There is no multi-user login, no admin panel, no team access, and no API exposed by the application itself.
Token storage security
Refresh tokens are written only to Railway environment variables (encrypted at rest by the platform) and to the OAuth bootstrap operator’s local machine during initial consent. Local token.json files are git-ignored and are deleted from the operator’s machine after the token is pushed to Railway. Tokens are never logged, never echoed to stdout in production, never transmitted to any system other than Google’s OAuth endpoints, and never embedded in source code or deployment artifacts. The OAuth client secret is rotated only via the Google Cloud Console; it is not stored in any third-party secrets manager.
Data retention and deletion
No Google user data is persisted by the application. Sheets data and Gmail metadata are processed only in memory during a single scheduled execution (typically under two minutes) and are discarded when the process exits. The only durable record of activity is the row-level send-timestamp written back to the user-owned Google Sheet itself, which the user controls and can delete at any time. To revoke the application’s access entirely, the operator visits https://myaccount.google.com/permissions and removes “B2B Outreach Bot”; access terminates immediately and any cached in-process tokens become unusable on the next API call.
Third-party data sharing
None. Google user data accessed by the application is not transferred, sold, or shared with any third party. The application has no analytics integration, no advertising integration, no AI/ML training pipeline, no CRM sync, no data broker, no marketing platform, and no logging or monitoring vendor that receives Google user data. Application logs on Railway record only operational metadata (row counts, send status booleans, latency, error codes) and never include Gmail message bodies, recipient lists from outside the user-owned spreadsheet, or any spreadsheet cell contents beyond the row index being processed.
Contact for Google data concerns
For questions about how this application handles Google account data, contact: contact@rigidfitness.fit