UA
Open Auth Bridge
TermsPrivacy

Privacy Policy

Last updated: May 2026

Summary: We act only as a delivery bridge for your Google and Microsoft tokens. We do not store, sell, or analyze your personal data.

1. Information We Collect

When you authenticate through Open Auth Bridge, the system temporarily handles the following data in memory:

  • OAuth Credentials: Access token, refresh token, and expiration timestamps provided by Google or Microsoft.
  • Basic Profile Info: Your email address, used solely to confirm successful authentication on the success screen and payload.
  • Routing Metadata: The state parameter provided by the initiating application to ensure tokens are routed to the correct destination webhook.

2. How We Use Your Information

Your data is used exclusively to complete the standard OAuth 2.0 flow — to deliver tokens to the initiating application and to refresh expired tokens when requested. We do not use your data for tracking, analytics, advertising, or profiling.

3. Data Storage & Retention

We do not maintain a database of your tokens. Tokens are held in-memory exclusively during the callback processing and webhook delivery phase. Once the HTTP response is sent, tokens are immediately discarded from server memory.

4. Data Sharing

We do not sell, trade, or share your information with any third parties. Your data is strictly transferred between the OAuth provider (Google/Microsoft) and the application that explicitly initiated the authorization request via the configured webhook.

5. Third-Party API Policies

Our use and transfer of information received from external APIs adheres to strict provider guidelines:

  • Google: Open Auth Bridge adheres to the Google API Services User Data Policy, including the Limited Use requirements.
  • Microsoft: Interactions follow the guidelines established by the Microsoft Identity Platform.

6. Revoking Access

Because we do not store your tokens, you cannot delete your account with us (as you do not have one). You retain full control and can revoke access at any time directly through your provider:

  • Google Account Permissions
  • Microsoft Account Privacy

7. Contact

If you have any questions about this Privacy Policy, please contact the service administrator at arshman.me.

Open Auth Bridge © 2026 · arshman.me