Frequently Asked Questions

shape-light-2shape-light-dot
shape-light-2shape-light-dot

What data do we collect for each client?

We store the file structure of your drive, including permission settings, user, and group metadata. We never access the content of your files. All credentials are securely stored in AWS, adhering to industry standards.

Where is my data stored?

All data is stored within AWS. Credentials are encrypted and kept separate for each client. We use AWS databases with strict access controls—no external access is allowed. Each customer’s data is stored in a separate database with its own secure connection, applying best security practices to prevent cross-client access.

How do you ensure one client cannot access another’s data?

Tokens and login credentials are isolated between clients (tenants). This, combined with the security measures mentioned in the previous section, ensures there is no unauthorized cross-client data sharing.

What permissions do you request and why?

  • Drive Access: This allows us to access your drive files and perform actions such as permissions changes, file deletions, etc. We NEVER access file content, share files with others, or use them for any purpose beyond what you authorize.
  • User Profile & Email: Basic user information required for identification.
  • Drive Activity: This lets us view file activity and changes over time, requiring access to Contacts to identify users in activity logs.
  • Contacts & Other Contacts: We need to view your contacts to properly identify users in shared files and activity logs.
  • Directory Users, Groups, Domain, Org Units: Access to your organization’s structure is necessary to properly identify users in shared files and activity logs.
  • Workspace Reports & Audit: Allows us to view Google Workspace audit reports for your organization.

Which authentication methods do you use?

We offer social login via Google or email login (via a link we send you).

Will my data be shared with third parties?

We do not share your data with third parties. While we use analytics and tracking, all your data, including your organization’s information, is kept private and anonymized.

Can I control or limit access to my data later?

Yes, you can modify the permission scopes anytime in your workspace or Overshare app settings. You also have the ability to revoke access as needed.

Do you offer a way to delete my account and associated data?

Yes, you can request account deletion by email. We process the request within 72 hours.

Do you comply with GDPR?

Yes, we comply with GDPR, as well as with CCPA, PDPA, and LGPD regulations.