Data Practices
Google API Data Handling
Last updated: July 2026
How We Handle Your Google Data
Intuist lets you connect Google services — Google Drive, Google Calendar, Gmail, Google Sheets, and Google Meet — to your account and your AI agents. Each integration is connected separately, by you, and requests only the Google API scopes needed for that feature. We process your Google data solely to provide the features you enable. This page explains our data handling practices in detail.
Google API Services User Data Policy — Limited Use Disclosure
Intuist's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
In particular: we only use Google user data to provide and improve the user-facing features you enable; we do not transfer Google user data to third parties except as necessary to provide those features, to comply with applicable law, or as part of a merger or acquisition with prior notice to you; we do not use Google user data for advertising; and we do not allow humans to read your Google user data unless you give us explicit permission, it is necessary for security purposes or to comply with applicable law, or the data has been aggregated and anonymized. We do not use any data obtained through Google Workspace APIs to develop, improve, or train generalized artificial intelligence or machine learning models.
What We Access
Google Drive
File names, types, sizes, and folder structure to display your Drive contents, and the content of only the files you explicitly select for AI agent knowledge bases. With your instruction, agents can also upload and organize documents they generate for you.
Google Calendar
Your calendar events, so the CRM can show your upcoming and recent meetings and your AI assistant can create or update events you ask for.
Gmail
Messages in the mailbox you connect, so your AI agent can triage incoming mail, label processed messages, and send emails you compose or approve.
Google Sheets
Spreadsheets you select, so your workflows can read and append rows.
Google Meet
Read-only access to your own finished meetings and their transcripts, so you can attach a meeting summary to a customer record.
Authentication Tokens
OAuth tokens that grant limited, revocable access to the Google services you connect. Stored securely and encrypted at rest.
Each integration is opt-in and requests only its own scopes. We only access files you explicitly select — we never scan or index your entire Drive.
How We Process Your Data
AI Agent Training
Selected files are processed to create knowledge bases for your AI agents, enabling them to answer questions about your content.
Text Extraction
Documents are parsed to extract text content for indexing and retrieval by your agents.
Embeddings Generation
Text content is converted into vector embeddings for semantic search. Original file content is not stored after processing.
Real-Time Sync
When enabled, we periodically check for updates to your selected files to keep agent knowledge current.
Processing happens on secure, isolated infrastructure. Your data is never used to train our models or shared across accounts.
Data Security & Storage
Encryption
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). OAuth tokens are additionally encrypted with per-tenant keys.
Isolation
Each account's data is logically isolated. No cross-account data access is possible.
Minimal Storage
We store processed embeddings and metadata only. Original file content is not retained after processing.
Access Logging
All access to your Google Drive data is logged and auditable for security and compliance purposes.
Data Retention & Deletion
Processed Data
Vector embeddings and metadata are retained while the associated agent is active.
On Agent Deletion
When you delete an agent, all associated Google Drive data (embeddings, metadata, cached content) is permanently removed.
On Account Deletion
All Google Drive data, tokens, and processed content are permanently deleted within 30 days.
Token Revocation
Revoking Google Drive access immediately invalidates our access tokens and triggers deletion of all cached Drive data.
Your Data Rights
View Connected Files
See exactly which files are connected to each agent at any time.
Disconnect Files
Remove individual files from agent training, which deletes associated processed data.
Revoke Access
Revoke Google Drive integration entirely from your account settings or from Google's security settings.
Export Data
Request an export of all data we hold related to your Google Drive integration.
Scope of Access
Limited Scopes
Each integration requests only the minimum Google API scopes needed for its feature — for example, knowledge-base training uses read-only Drive access, and Meet transcript access is read-only.
Write Access Only Where You Enable It
Write scopes (creating calendar events, sending emails, updating sheets, uploading Drive files) are requested only by the specific integrations that need them, and are only exercised on your instruction.
No Unrequested Changes
Your AI agents never modify, share, or delete your Google data except as part of an action you configured or asked for.
CASA Certified
Our Google integration has passed the Cloud Application Security Assessment (CASA) by TAC Security, a Google-approved assessor.
CASA Security Certification
Our Google Drive integration has been independently assessed and certified under the Cloud Application Security Assessment (CASA) program. This certification verifies that our application meets Google's security requirements for handling user data.
View CASA Certificate (PDF)How to Disconnect Google Drive
You can revoke Intuist's access to your Google Drive at any time:
- 1.Go to your Intuist account settings and disconnect Google Drive
- 2.Or visit Google Account Permissions and remove Intuist
- 3.All cached data and processed content will be deleted within 24 hours
For questions about your Google Drive data, contact us at privacy@intuist.ai