GOV - Annual Leave App - Privacy Policy

Privacy Policy for Glass Onion Vintage - Annual Leave App

 

Effective Date: 22 September 2025

1. Introduction

Welcome to the Glass Onion Vintage Annual Leave application (the "App"), operated by Glass Onion vintage ("we," "us," or "our"). This App is an internal tool designed to help our employees and authorized personnel manage their annual leave.

This Privacy Policy explains what information we collect, how we use it, and why, specifically in relation to your use of Google Sign-In to access the App. This policy is intended to be transparent and to comply with the requirements of the Google API Services User Data Policy, including the Limited Use requirements.

2. Information We Collect

To provide secure access, we use Google's authentication service. When you choose to sign in to our App using your Google account, we request your permission to access certain information. The specific scopes we request are:

  • .../auth/userinfo.email: To access your primary email address.

  • .../auth/userinfo.profile: To access basic profile information like your name and profile picture.

  • openid: A standard protocol scope to verify your identity.

The only piece of personal data we actively use from this request is your verified email address. We may also receive your name and profile picture, which might be displayed within the app during your session to personalize your experience (e.g., "Welcome, Jane Doe").

3. How We Use Your Information

The information we receive from Google is used for a single, limited purpose:

  • Authentication and Authorization: Your verified email address is used solely to check your identity against a pre-existing, internally-managed access list of authorized users.

    • If your email address is found on our internal access list, you will be granted access to the App.

    • If your email address is not on our internal access list, access will be denied.

We want to be explicitly clear: We do not use your information for any other purpose. We do not track you, send marketing communications, or analyze your data for any reason beyond this simple access check.

4. Data Storage and Security

  • No Permanent Storage of Google Data: Your Google user information is used 'in-session' to verify your identity and manage your access. To maintain your logged-in state during your session, an authentication token derived from your login is briefly stored in your personal, secure user properties within the Google Apps Script environment. This data is session-based, is not stored in any long-term database, and is inaccessible to other users. When your session ends, this temporary data is cleared.

  • Failed Login Attempts: If you attempt to log in and your email address is not on our authorized list, we do not record, log, or store your email address or any other information related to the failed attempt.

  • Internal Access List: The internal access list itself is securely stored within our company's systems and is managed independently of the App's authentication process.

5. Data Sharing

We do not share, sell, rent, or otherwise disclose any personal information obtained through the Google authentication process with any third parties. Access to the internal authorization list is strictly limited to authorized personnel within [Your Company Name].

6. User Control

As an internal application for authorized users, the primary data relationship is between you as an employee and us as your employer. You can manage and revoke the App's permissions to access your Google account data at any time by visiting your Google Account security settings page: https://myaccount.google.com/permissions. Please note that revoking permissions will prevent you from being able to log in to the App.

7. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. We encourage you to review this Privacy Policy periodically for any changes.

8. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Glass Onion Vintage 

Unit 2, Dodworth Business Park South, Barnsley, S75 3SP

privacy@glass-onion.com