Privacy Policy

Last updated: May 14, 2026

This privacy policy describes how Differing Reader (the "add-on", "we", "our") handles your information when you use it. By using the add-on, you agree to the practices described here.

What Differing Reader does

Differing Reader is a Google Workspace™ Editor Add-on for Google Docs™. It computes a textual diff between two Google Docs™ documents you specify — the document you have open and a second document you select through the Google Picker.

Data we process

When you click Compare in the add-on sidebar, the following data is processed:

• The textual content of the Google Docs™ document you currently have open, accessed under the documents.currentonly OAuth scope, which grants access only to the document the add-on is invoked from.
• The textual content of the second Google Docs™ document you explicitly select through the Google Picker, accessed under the drive.file OAuth scope, which grants per-file access only to files you pick.

We treat Google™ user data accessed through these OAuth scopes as sensitive data and apply the protection mechanisms described in the next section. Both documents' text is sent over HTTPS to our backend service, where a text diff is computed. The diff is returned to the add-on and shown in the sidebar.

How we protect your data

We apply the following technical and organizational measures to protect document content and other sensitive data while it is being processed:

• Encryption in transit. All communication between the add-on and our backend is encrypted using HTTPS with TLS 1.2 or higher. Communication between the add-on and Google's APIs is encrypted by Google™. No document content is ever transmitted over an unencrypted channel.
• No data at rest. Document content is never written to disk, databases, caches, or any other persistent storage on our backend. It exists only in process memory for the duration of a single comparison request (typically under a few seconds) and is released when the request completes. Because no document content is stored, there is no at-rest copy that could be exposed in the event of a storage breach.
• Authentication and access control. The backend's /compare endpoint is protected by a bearer-token credential held by the add-on; requests without a valid token are rejected. Administrative access to the hosting account is protected by a strong, unique password and two-factor authentication. Only the add-on's developer has administrative access to the backend.
• Network and infrastructure security. The backend runs on Heroku (a Salesforce product), a managed platform that provides operating-system patching, network isolation, and platform-level intrusion protection. Inbound traffic is terminated at Heroku's TLS load balancer.
• Logging hygiene. Our backend does not log document content, document titles, or user identifiers. Request bodies are explicitly excluded from application logs. Standard platform access logs (timestamp, response status, latency) are retained only for the period set by Heroku's defaults and contain no document data.
• Data minimization. We request only the OAuth scopes required to operate the add-on, we only read the two documents you explicitly designate per comparison, and we send to the backend only the plain text of those documents — no metadata, no formatting, no comments, no revision history.
• Dependency and vulnerability management. Backend dependencies are pinned and updated when security advisories are published. Suspected vulnerabilities can be reported to the contact address below and will be triaged promptly.
• Incident response. If we become aware of a security incident that could affect user data, we will investigate, take corrective action, and notify affected users by the email address associated with their Google™ account where required by applicable law.

What we do not do

• We do not store your document content. Text is held in memory only for the duration of a single comparison and discarded once the response is returned.
• We do not log your document content or titles. Request bodies are excluded from server logs by configuration.
• We do not share your document content with any third party for advertising, analytics, or any other purpose.
• We do not use your document content to train machine-learning models, our own or anyone else's.
• We do not access any Google™ data beyond the two documents you point the add-on at.
• We do not sell, rent, or transfer Google™ user data.

Third-party services

Differing Reader depends on the following third-party services for its operation:

• Google Docs™ API — used to read the text of the two documents under your OAuth authorization. Subject to Google's Privacy Policy.
• Heroku — hosts the diff backend. Heroku may have access to data passing through its infrastructure as part of standard cloud-hosting operations. Subject to Salesforce's Privacy Policy (Heroku is a Salesforce product).

Data retention

None. Document content is held in memory only for the duration of a single request and discarded immediately afterward. We do not maintain any database of user content.

Your rights

You can revoke Differing Reader's access to your Google™ account at any time by visiting https://myaccount.google.com/permissions and removing the Differing Reader add-on. After revocation, the add-on cannot read any of your documents.

Because we do not store your data, there is no stored data for us to delete on request.

Children's privacy

Differing Reader is not directed at children under 13 and we do not knowingly process data from them.

Changes to this policy

If this policy changes in any meaningful way, the updated version will be posted at this URL with a new "Last updated" date.

Contact

Questions about this policy or how your data is handled: admin@lininglink.com