PRIVACY POLICY

Mailverse.IO, Website or Site is operated by Xertify Inc., includes Google Sign-in, Google Gmail AddOn we use the Project Number 127676465083 ., is part of an authentication and authorization framework that gives you, as a developer, the ability to connect directly with Google users when requesting access to Google user data. The following policies and Mailverse.IO's Terms of Service apply to his use of Mailverse.IO in requesting access to Google user data. Please check back from time to time as these policies may be updated from time to time.

Accurately state your identity and intentions If you choose to share Mailverse.IO. User Data, you must provide Mailverse.IO. users and Google with clear and accurate information about your use of Mailverse.IO.. These include, but are not limited to requirements for accurate representation. • Who is requesting user data from Mailverse.IO? All authorization requests must accurately reflect the identity of the application attempting to access user data. If you have obtained authorized client credentials to access Mailverse.IO, keep those credentials confidential. • What data are you requesting? You must provide clear and accurate information describing the type of data requested. If Google users access or use types of user data that were not originally disclosed in our privacy policy (or in-product disclosures) when they originally granted access, we will update our privacy policy and notify users of any changes. Consent must be obtained in advance. You can access this data. • Why are you requesting Google's user data? Be honest and transparent with users when explaining why your application is requesting user data. If your application requests data for one of her reasons, and that data is also used for secondary purposes, you must inform her Google user of both use cases. In general, users should be able to easily understand the value of providing the data requested by the application and the consequences of sharing that data with the application.

Be transparent about the data you access with clear and explicit privacy disclosures You should publish a privacy policy that fully documents how your application interacts with user data. When you publish your application, you must specify the privacy policy URL in the OAuth client configuration. Privacy policies and in-product privacy notices must be accurate, comprehensive, and easily accessible. Your privacy policy and in-product privacy notice must detail how your application accesses, uses, stores, or shares her Google user data. Use of Google user data should be limited to practices expressly disclosed in our published privacy policy, but additional in-product notices should be used to ensure that your application processes user data You should consider making sure the user understands how. If we change how the Application uses Google User Data, we will notify users and comply with the updated Privacy Policy before using Google User Data in a new way or for any purpose different from its original purpose. You must ask for consent. Disclosures regarding data use must be made prominently and in a timely manner. Your privacy policy and in-product data usage notice should be prominently displayed in your application interface so that users can easily find this information. Disclosures regarding data use should be as timely and contextual as possible.

Request relevant permissions

Permission requests should be meaningful to the user and limited to critical information needed to implement the application. Do not request access to information you do not need. Request access only to the minimum technically feasible level of access necessary to implement existing functionality or services in your application, and restrict access to the minimum necessary data. Do not attempt to "future-proof" access to user data by requesting access to information that may be useful for services or features not yet implemented. Request permissions in context whenever possible. Whenever possible, request access to user data in context (via incremental authentication) so that you can understand why the user needs the data.

Deceptive or unauthorized use of Mailverse.IO is prohibited

Engaging in any activity that may mislead users about the use of Mailverse.IO. is strictly prohibited. This includes but is not limited to the following requirements: Don't misrepresent what data is collected or how Google user data is handled. Be open to users so that they can make informed decisions about granting authorization. You must disclose all user data you access, use, store, delete or share, and all actions you take on your behalf. Access, aggregation, or analysis of Google user data is not permitted when the data is shared with third parties who view, sell, or monitor it. All in all, it shouldn't come as a surprise to Google users. Google may ban him from accessing Mailverse.IO. for any hidden features, services or promotions that are inconsistent with the application's marketing objectives. Don't mislead Google about your application's operating environment. It must accurately represent the environment in which the authentication page will be displayed. For example, if your application runs on iOS, don't claim in the user-agent he header that he is an Android application. Or, don't state that your application's authentication page is rendered in a desktop browser when the authentication page is in an embedded web view instead. rendered. Do not use undocumented APIs without explicit permission. Do not reverse engineer Undocumented Mailverse.IO. or attempt to derive or use underlying source code from Undocumented Mailverse.IO. To access data from Mailverse.IO, please follow the instructions in the official API service documentation provided by the Google developer site. Do not make false or misleading statements about the entity that purportedly approved or controlled your application. You must accurately identify the company, organization, or other agency that manages your application. Providing incorrect client credentials to Google or a Google user is grounds for suspension.

Child-directed apps

The Children's Online Privacy Protection Act (COPPA) regulates websites, apps, and services directed to children under the age of 13, and general-user apps, websites, or Applies to services. Covered Apps may use some Google services, and developers are responsible for their use of these services in accordance with their legal obligations. Read her FTC guidance on COPPA (from her website on the FTC, which includes information on the difference between mixed-user apps and apps aimed primarily at children) and consult your attorney. Apps directed to children: If your application is primarily directed to children, do not use Google Login or other Google API services that access data associated with Google accounts. This restriction includes Google Play games services and other Google API services that use her OAuth technology for authentication and authorization. Mixed-user apps: Mixed-user apps do not require users to be signed into a Google account, but may offer optional features such as Google Sign-in and Google Play game services. In such cases, the user should be able to fully access the application without signing into her Google account.

Maintain a secure operating environment

You must take reasonable and reasonable steps to protect any application or system that uses Mailverse.IO from unauthorized or unlawful access, use, destruction, loss, alteration or disclosure.

Additional Requirements for Specific API Scopes

For more information on the verification requirements for gaining (or maintaining) access to restricted areas, see the OAuth Application Review FAQ.

For Gmail Restricted Scopes:

Enforcement of the Gmail requirements in this section began on ………………. Applications that accessed restricted Gmail scopes before ………………. must receive their first review letter by ………………. to access restricted Keep Gmail scopes. All other apps must first be verified and receive a letter before being granted access to restricted areas of Gmail.

Restricted Scopes:

Gmail - A Gmail API area that allows applications to read, create, or modify message bodies (including attachments), metadata, or headers. Or control mailbox access, mail forwarding, or administrator settings.

Product Permitted Application Types

Gmail

Applications that automatically backup email

Applications that enhance the email experience for the purpose of increasing productivity (e.g. customer relationship management applications, deferred email sending, or mail merge)

Applications that use information from email to provide reporting or monitoring services for your benefit (e.g., applications that automate travel routes, track flight or package delivery status, etc.)

Product Permitted Application Types

Gmail

Native and web email clients that allow users to compose, send, read and process emails from one user interface Application to automatically backup emails Applications that enhance the email experience for the purpose of increasing productivity (e.g. customer relationship management applications, deferred email sending, or mail merge) Applications that use information from email to provide reporting or monitoring services for your benefit (e.g., applications that automate travel routes, track flight or package delivery status, etc.)

Limited Use: Use of data obtained through restricted areas must meet the following requirements: 1. Restrict use of data to provide or enhance user-facing features that are prominent in the requesting application's user interface. All other uses of the data are prohibited. 2. Transfer data to others only as necessary to provide or enhance user-centric functionality that is prominent in the requesting application's user interface. We may also transfer data upon notice to you where necessary to comply with applicable law or as part of a merger, acquisition, or sale of assets. Any other transfer or sale of User Data is prohibited. 3. Do not use or transmit data to serve advertising, including retargeting, personalized or interest-based advertising. When 4. Prevent anyone other than

First obtain the user's explicit consent to display certain messages, files, or other data, subject to limited exceptions approved by Google under additional terms applicable to the Nest Device Access Program Did. a. Necessary for security reasons (e.g. bug or abuse investigations). b. When required to comply with applicable law; Also c. Its use is limited to internal operations and the data (including derivatives) is aggregated and anonymized. These prohibitions apply to raw data obtained from a limited scope and to data aggregated, anonymized or derived therefrom. You must ensure that your employees, agents, contractors and successors comply with this Mailverse.IO: User Data Policy.

Secure Data Handling: Applications that access restricted areas must prove that they follow certain security practices. Depending on the APIs and user entitlements or number of users you access, your application must pass an annual security assessment and receive an assessment letter from a third party designated by Google. Local client applications that only allow user-configured transfers of restricted data from the device can be exempt from this requirement.

Enforcement

Access to Mailverse.IO is subject to the Mailverse.IO Terms of Service. If it is determined that you have failed to comply with the Mailverse.IO Terms of Service, this Mailverse.IO: User Data Policy, or any other Mailverse.IO product policy applicable to the Mailverse.IO services you are using, Google may contact Mailverse.IO. may revoke or suspend the access of any User. and other Mailverse.IO products and services. Access to Mailverse.IO. may also be revoked if the application enables end users or other parties to violate the Google API Terms of Service and/or Google policies.