Google Application Privacy Policy

1. Data Collection and Storage

At Envira Gallery, your privacy is very important to us.

The Envira Gallery Google Photos Addon is installed and hosted on your own WordPress website. We do not collect or store any of your Google Photos data on our servers. All data retrieved from Google’s APIs is stored encrypted in your own WordPress site’s database and is never transmitted to Envira Gallery or any third party.

You can permanently and instantly delete all Google Photos connection data at any time via the “Delete All Google Photos Data” button in the Envira Gallery settings panel, or by uninstalling the plugin.

2. Types of Data Processed

When you use the Google Photos Addon to connect your Google account, the following data is returned from Google and processed by the plugin:

• Your Google account email address.
• An OAuth access token and refresh token for your Google account.
• The Google Photos media items (photos and videos) that you explicitly select through the Google Photos Picker interface.

3. Purpose of Processed Data

The purpose of processing the data listed in section 2 is as follows:

• Your email address is displayed in the Envira Gallery settings panel so you can identify which Google account is connected.
• The OAuth access token and refresh token are used to authenticate requests to the Google Photos Picker API on your behalf. These tokens are stored encrypted in your WordPress database.
• Selected Google Photos media items are used to populate your Envira Gallery galleries. Only photos and videos you explicitly select through the Picker are accessed — the plugin does not access your entire Google Photos library.

4. Permission Model: Grant of Least Access

The Google Photos Addon requests only the minimum permissions required to function:

• photospicker.mediaitems.readonly: Allows read-only access to Google Photos media items that you explicitly select through the official Google Photos Picker interface. The plugin cannot access, modify, delete, or upload any photos or videos in your Google Photos library beyond what you select.
• userinfo.email: Allows read-only access to your Google account email address, used solely to identify the connected account in the settings panel.

The plugin is read-only and cannot publish, edit, or delete any data in your Google account.

5. How the OAuth Authentication Works

When you click “Continue with Google” in the Envira Gallery settings:

1. You are redirected to Google’s sign-in page.
2. After you approve access, Google sends an authorization code to a secure Envira Gallery authentication server (hosted on Google Cloud).
3. The authentication server exchanges the code for OAuth tokens and immediately redirects them back to your WordPress site.
4. The tokens are stored encrypted in your WordPress database. The Envira Gallery authentication server does not retain your tokens.

6. Removal of Google Photos Data

You can permanently and instantly remove all Google Photos connection data at any time:

• Via the “Remove connection and stored data” link next to each connected account in Envira Gallery → Settings → Google Photos.
• Via the “Delete all Google Photos data” button in the same settings panel.
• By uninstalling the Envira Gallery Google Photos Addon.

To request data removal assistance, contact [email protected].

7. Third Party APIs

This addon uses the Google Photos Picker API. Data retrieved using this API is stored only in the database of the WordPress site where the plugin is installed. Envira Gallery does not receive or store this data.

For information about how Google collects and uses data, see Google’s Privacy Policy.

8. Changes to this Policy

We may revise this Privacy Policy in the future. By continuing to use the plugin after changes become effective, you agree to be bound by the revised policy.

If you have questions, contact us at [email protected].