Ablebits.com

Privacy Policy

Effective date: June 5, 2025

This document is an integral part of the Terms of Use (https://www.ablebits.com/docs/ablebits-terms-of-use/).

This Privacy Policy applies from June 5, 2025. The previous version of this Privacy Policy, available at https://www.ablebits.com/docs/ablebits-privacy-policy-archive-2025-03-25/, applies until then.

1. Introduction

This Privacy Policy outlines the Office Data Apps sp. z o.o. practices regarding the collection, storage, sharing, disclosure, and protection of personal data gathered through our website, blog, documentation, cloud services, software products, and interactions with our support service. Our goal is to provide transparency about the types of data we collect, how we process and protect it, and the rights and choices available to you.

By accepting this Privacy Policy, you consent to the collection, storage, sharing, disclosure, and protection of your personal information as described in this Privacy Policy. If you do not agree with this Privacy Policy, do not use our services and products.

2. Definitions

  • Ablebits, we, us, our: Office Data Apps sp. z o.o.;
  • Services: Our hosted online platforms that store user content and require authentication to access user content:
    • Shared Email Templates for Microsoft Outlook (or SET for Outlook);
    • Shared Email Templates for Gmail (or SET for Gmail);
    • Text Toolkit for Microsoft Excel (or Text Toolkit);
  • Products: Licensed desktop software products, which are generic software applications provided by us, installed and purchased by users through license agreements, including, but not limited to, the following products:
    • Ultimate Suite for Microsoft Excel (or Ultimate Suite);
    • AutoBCC for Microsoft Outlook (or AutoBCC);
    • Link Checker for Microsoft Word (or Link Checker);
  • Perpetual License, License: A type of software license that allows users to use the purchased Products indefinitely;
  • Subscription: A type of license granting users access to the Services for a specific duration, typically renewable periodically;
  • Website: Our website ablebits.com;
  • Blog: The blog section on the Website, where articles and related content are posted;
  • Documentation: Sections of the Website providing detailed user guides, technical information, and instructions for the Products and Services;
  • Support Service: Assistance provided by Ablebits to users, including troubleshooting, issue resolution, and help with purchasing or using the Products or Services, delivered via email, live chat, phone, online messaging and call services, and customer support platforms;
  • Customer: An individual, informal group of individuals, company, or other legal entity who authorizes their users to install and use the Products or Services;
  • Company Account: A centralized account created by an individual to manage access to the Service on behalf of the Customer. The Company Account may be used by a single person, an informal team, or a formal organization, is managed by one or several company administrators, and supports multiple users, team structures, Subscriptions, and account-wide settings;
  • Company Administrator: An individual authorized to create and manage a Company Account on behalf of the Customer. A Company Administrator may add or remove users, create and manage teams, assign roles and permissions, configure account-wide settings, purchase and manage Subscriptions, and control access to the Service and associated resources;
  • User, you, your: Any individual who visits the Website, individual who submits comments or other content to the Blog or Documentation, individual who installs or uses the Products, individual who utilizes the Services, or individual who contacts our Support Service;
  • User Account: A personal account created by a Company Administrator that allows you to access and use the Services;
  • Personal Data: Personal information (as this term is defined under applicable data protection laws) relating to an identified or identifiable individual, including, but not limited to, name, email address, IP address, and User Account credentials;
  • User Content: Any information or materials you create, upload, submit, store, or otherwise make available via the Services;
  • Public User Content: Any information or materials you upload, submit, or otherwise make publicly visible via the Blog or Documentation;
  • Support Service Information: Information provided by you during interactions with our Support Service, including, but not limited to, log files, screenshots, emails, descriptions of issues, details of your hardware and software environment, and other files or documents you provide to us for support or troubleshooting purposes;
  • Usage Data: Automatically collected data generated by your interactions with the Website or Services, including requested pages, IP addresses, operation systems, browser or client application information, referring webpages or domains, timestamps, and service feature usage;
  • Cookies: Small text files placed on your device to collect information and improve your experience while you use the Website or Services;
  • Third Parties: Any external individuals, organizations, service providers, or vendors that are not part of Ablebits and are not under our direct control. This may include business partners, analytics providers, advertising networks, or others with whom we interact in connection with the Services.

3. Our role in data processing

Ablebits, acting as a service provider / data processor (as those terms are defined under applicable data protection laws), processes your Personal Data exclusively on behalf of and in accordance with the instructions of the Customer who is the Data Controller.

Ablebits processes your Personal Data solely for the purpose of delivering the Website, Blog, Documentation, Products, Services, and Support Service, in accordance with the Terms of Use, applicable End-User License Agreements, this Privacy Policy, and any relevant ordering documents entered into between the Customer and Ablebits. The Customer acknowledges and agrees that the Terms of Use, together with the use of features and functionality within the Products and Services, constitute the complete and final instructions to Ablebits regarding the processing of your Personal Data.

4. Principles we adhere to when processing your personal data

When processing your Personal Data, we adhere to the following principles:

  • We do not collect more data than is necessary.
  • We do not use Personal Data for purposes other than those specified in this Privacy Policy.
  • We do not store Personal Data if it is no longer needed.
  • We do not share and disclose Personal Data except as specified in this Privacy Policy.

5. What personal data we collect

5.1. Personal information provided by you

  • User Account information, such as your username, email address, non-reversible hashed password, full name (optional), and authentication credentials provided by third-party authentication services;
  • Information related to the purchase and use of the Products and Services, such as License or Subscription details, purchase history, and activation data;
  • Contact information, such as your full name and email address. We do not collect other contact information, such as postal addresses, phone numbers, job title, or other details you may provide incidentally, for example in your email signatures, when contacting us;
  • User Content uploaded, submitted, or stored through our Services;
  • Public User Content provided through comments on the Blog or within the Documentation;
  • Support Service Information provided during interactions with our Support Service.

5.2. Information collected automatically

  • Usage Data describing how you interact with our Website and Services, including which features you access and how you navigate or use them;
  • Cookies collecting data about your browsing activities and preferences in order to support the Website's functionality, personalize your experience, and analyze usage patterns (for further details, please see our Cookies Policy available at https://www.ablebits.com/docs/ablebits-cookies-policy/);
  • Analytics. We utilize Google Analytics to collect and analyze information about how visitors use our Website, Blog, and Documentation. For further details on how Google handles data, please visit https://policies.google.com/technologies/partner-sites. You can opt out of data collection by Google Analytics in connection with our Website by visiting https://tools.google.com/dlpage/gaoptout.

5.3. Information from other sources

If your access to the Products or Services is provided through an organization, such as your employer, that organization may provide us with your Personal Data, including your name, email address, job title, and other details necessary to set up and manage your account.

We may also obtain information about you from other sources, such as third-party service providers. For example, if you purchase a Subscription or License through an e-commerce platform, we may receive related Personal Data from them, depending on the privacy settings you have configured through that e-commerce platform.

6. What personal data we do not collect

We explicitly do not ask for, and will not knowingly collect, any special categories of Personal Data, which include racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, data concerning sex life or sexual orientation, and data relating to criminal convictions or offenses.

Since we do not sell our Products and Services directly, we do not collect any billing and payment information, such as bank account details, credit card information, or check data.

7. How we process your personal data

We process your Personal Data based on one or more legal bases, depending on the nature of our relationship with you and the specific purpose of the processing.

Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawing your consent does not affect the lawfulness of the processing carried out before the withdrawal. To exercise the right to withdraw your consent, please contact us using the details provided in the "Contact us" section.

7.1. Website

  • Operating and maintaining our Website
    • We process your Personal Data (your IP address and the user agent string of your web browser), Usage Data, and necessary Cookies.
    • Legal basis: Your consent, as obtained through our Cookie settings. The processing is necessary for our legitimate interests to operate and maintain our Website and ensure technical compatibility and performance across browsers and devices.
  • Analyzing the Website traffic
    • We process Cookies and Analytics.
    • Legal basis: Your consent, as obtained through our Cookie settings.

7.2. Blog and documentation

  • Operating and maintaining our Blog and Documentation
    • We process your Personal Data (your name and email address if provided by you, your IP address, the user agent string of your web browser), Usage Data, Public User Content, and necessary Cookies.
    • Legal basis: Your consent, as obtained through our Cookie settings. The processing is necessary for our legitimate interests to operate and maintain our Blog and Documentation, moderate and manage comments, respond to inquiries, ensure technical compatibility and performance across browsers and devices, and detect and prevent spam or inappropriate content.
  • Analyzing the Blog and Documentation traffic
    • We process Cookies and Analytics.
    • Legal basis: Your consent, as obtained through our Cookie settings.

7.3. Services

  • Providing and managing our Services
    • We process your Personal Data (your name, email address, IP address, and your Subscription details), User Content, Usage Data, Service-specific Cookies, and Support Service Information.
    • Legal basis: The processing is necessary for the performance of our contract with the Customer. It is also necessary for our legitimate interests to provide, run, and improve our Services and protect the safety and security of our Services.

7.4. Products

  • Providing and maintaining our Products
    • We process your Personal Data (your name and email address, if provided by you when contacting our Support Service, and your License details) and Support Service Information.
    • Legal basis: The processing is necessary for the performance of our contract with the Customer. It is also necessary for our legitimate interests to provide, maintain, and improve our Products.

7.5. Support service

  • Providing our Support Service
    • We process your Personal Data (your name and email address, if provided by you when contacting us, and your License or Subscription details), Public User Content, Usage Data, and Support Service Information.
    • Legal basis: The processing is necessary for the performance of our contract with the Customer. It is also necessary for our legitimate interests to communicate with you about your account, Licenses, Subscriptions, or requests (where we do not have a contractual relationship or legal obligation to do so).

7.6. Newsletters

  • Contacting you about updates in our Products and Services
    • We process your Personal Data (your name and email address).
    • Legal basis: Where required by law, we rely on your consent to send you newsletters. In other cases, particularly where you are an existing User, we may rely on our legitimate interests in keeping you informed about updates on our Products and Services. You can opt out of receiving such communications at any time by following the unsubscribe instructions provided in our newsletters or by updating your communication preferences through your User Account on our Services.

8. Sharing and disclosure of your personal data

We do not share, sell, rent, or otherwise disclose your Personal Data for purposes other than those outlined in this Privacy Policy.

8.1. Disclosing your personal data to third parties

We may disclose your Personal Data to the following categories of Third Parties, where relevant:

  • Service providers and vendors, including payment processors, hosting providers, analytics platforms, and customer support platforms, solely for the purpose of supporting the operation and delivery of our Website, Services, and Products (please see the list of Third Parties here: https://www.ablebits.com/docs/ablebits-subprocessors/);
  • Corporate affiliates or acquiring entities, in the case of a merger, acquisition, restructuring, or sale of all or part of our business;
  • Legal authorities, where necessary to comply with applicable laws, legal obligations, court orders, or legitimate governmental requests, in accordance with applicable data protection legislation;
  • Law enforcement authorities (and other enforcement entities, if applicable), only when disclosure is strictly necessary for compliance with a legal obligation, or to protect our legitimate interests, or those of third parties.

8.2. Sharing your personal data with other users of the services

When you use the Services, certain data you provide may be shared with other Users. For example, if you are a member of a team, you may grant other team members access to your User Content that contains Personal Data (such as your name, contact details, or other identifiable information), thereby allowing your team members to view, edit, copy, or download that content. You are responsible for ensuring you share Personal Data that you are comfortable making accessible to other Users.

Your Personal Data, such as your name, email address, profile picture, and other account details, are visible to Company Administrators. Additionally, if you are a member of a team, your name and contact details are visible to other team members.

Please note that while we require all Users to comply with our Terms of Use (https://www.ablebits.com/docs/ablebits-terms-of-use/), we are not responsible for the privacy practices of other Users who access information about you through the Services.

9. User comments on the blog and within the documentation

When you submit comments to our Blog or Documentation pages, these comments become visible to other Users. Your comments may contain Personal Data, such as your name, profile picture, and the content of the comment itself. We treat this information as follows:

  • Public visibility of comments: When you post comments on our Blog or Documentation pages, your comments are publicly visible to all visitors of our Website. Your name, username, profile picture, and any additional information you provide will also appear publicly alongside your comments.
  • Moderation and reviewing comments: We reserve the right to review, moderate, edit, or remove comments posted by Users to ensure compliance with our Terms of Use (https://www.ablebits.com/docs/ablebits-terms-of-use/). We may remove comments that we determine, at our sole discretion, to be inappropriate, offensive, misleading, unlawful, or otherwise violating applicable terms or policies. However, we have no obligation to review all comments prior to their publication.
  • Retention and removal of comments: We retain your comments for as long as necessary to fulfill the purposes for which they were posted or to comply with our legal obligations. You can request the deletion or modification of your comments at any time by using the details provided in the "Contact us" section.
  • Your responsibility: You are solely responsible for the content you post in comments. You must ensure that your comments do not infringe any intellectual property rights, privacy rights, or other legal rights of third parties, and that they do not contain unlawful, defamatory, or otherwise inappropriate content. Please avoid including Personal Data that you do not wish to make public, as your comments are visible to anyone accessing the Blog or Documentation. We are not responsible for any Personal Data or sensitive information you choose to disclose through your comments.

10. User content in the services

While interacting with our Services, you may create, upload, submit, or store various types of User Content. We treat such content with care and in alignment with the following:

  • Ownership and responsibility for User Content: You remain the sole owner of any User Content you submit or make available through the Services. While we may need to process, store, or display your User Content to provide the Services effectively, the specific rights and licenses you grant to us are governed by our Terms of Use (https://www.ablebits.com/docs/ablebits-terms-of-use/).You are solely responsible for the content you upload, use, or share through the Services. You must ensure that your User Content:
    • does not violate any applicable laws or regulations;
    • does not infringe on the rights of third parties, including intellectual property and privacy rights;
    • is not misleading, harmful, or offensive;
    • complies with our Terms of Use (https://www.ablebits.com/docs/ablebits-terms-of-use/) and applicable guidelines.

    If your User Content includes Personal Data (such as names, email addresses, or other identifiable information), you are solely responsible for ensuring that you have a lawful basis for including that data.

  • Security and confidentiality of User Content: We implement appropriate technical and organizational measures to protect your User Content from unauthorized access, disclosure, alteration, or destruction, in compliance with the contractual obligations agreed upon with you or the organization granting you access. For further details on our technical and organizational measures (TOMs), please visit https://www.ablebits.com/docs/ablebits-data-processing-addendum/#annex-two.
  • Data retention and deletion policy: We retain your User Content for the duration of your active User Account or as necessary to provide the Services, unless a longer retention period is required by law. You may delete your User Content at any time through the Services interface or by requesting deletion through Company Administrators.
  • Backup and recovery procedures: We maintain regular backups of User Content to support full system recovery in the event of system failures or data loss. These backups are stored securely and are subject to our data protection and retention policies.

11. Personal data security and protection

11.1. Security safeguards and technical measures

We take the protection of your Personal Data seriously. We have implemented appropriate technical and organizational measures (TOMs) to safeguard Personal Data and User Content, in accordance with applicable laws such as the GDPR.

These measures include, but are not limited to:

  • Encryption of data in transit and at rest;
  • Role-based access control and two-factor authentication;
  • Regular security updates and vulnerability assessments;
  • Intrusion detection and audit logging;
  • Secure development and deployment processes.

More information about our safeguards and security practices is available at https://www.ablebits.com/docs/ablebits-data-processing-addendum/#annex-two.

We may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Services. If we learn of a security system's breach, we may attempt to notify you electronically by posting a notice on the Services or by sending an email to you.

11.2. Your responsibility for personal data security

The security of your Personal Data also depends on your efforts to protect your User Account. If you create or receive a password to access certain parts of our Services, you are responsible for keeping it confidential and secure. Please do not share your password with anyone and avoid reusing passwords from other sites. If you believe your User Account has been compromised, please notify us immediately using the details provided in the "Contact us" section.

12. Data retention and deletion

We retain your Personal Data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or to comply with applicable legal obligations. Data retention periods depend on the type of information, the nature of our relationship with you, and regulatory requirements.

At any time, you may request the removal of your Personal Data by using this form: https://www.ablebits.com/support/data-protection-form.php. Your request will be processed in accordance with applicable laws and may be subject to identity verification and certain legal or operational limitations.

Following the removal of your data, we may retain a minimal, non-identifiable record solely for documenting the request and confirming that it was fulfilled, in compliance with our legal obligations and data retention policies.

13. Your rights and choices

Under applicable privacy laws, you have specific rights regarding your Personal Data. We are committed to supporting the exercise of those rights.

You may have the right to:

  • Confirm whether we process your Personal Data and request access to the data we hold about you.
  • Request correction or deletion of your Personal Data if it is inaccurate, incomplete, or no longer necessary.
  • Request restriction of or object to the processing of your Personal Data under certain circumstances.
  • Withdraw your consent to our processing of your Personal Data at any time. To exercise the right to withdraw your consent, please contact us using the details provided in the "Contact us" section. Please note that withdrawing consent does not affect the lawfulness of processing conducted prior to withdrawal. In some cases, refusal to provide or withdrawal of consent may limit our ability to deliver certain Services or fulfill obligations to you.
  • Opt out of marketing communications by following the unsubscribe instructions provided in our newsletters or by updating your communication preferences through your User Account on our Services.
  • Exercise additional rights under applicable laws, such as the GDPR or CCPA, including the right to data portability, restriction of processing, and objection to certain data uses.

To exercise any of the above rights, please contact us using the details provided in the "Contact us" section. We may need to verify your identity before processing your request.

If you use the Services on behalf of an organization (for example your employer), that organization may be responsible for managing and responding to individual rights requests.

14. Supplemental notice for California residents

This Supplemental Notice applies solely to residents of California and provides additional details regarding our collection and disclosure of Personal Information under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).

14.1. Categories of personal information collected

In the past 12 months, we have collected the following categories of Personal Information from California residents:

  • Identifiers: username, full name, email address, and IP address;
  • Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)): full name;
  • Internet or network activity information: the Website and Services usage history, interaction with the Website and Services;
  • Commercial information: records of the Products and Services purchased, obtained, or considered, or other purchasing histories;
  • Geolocation data: IP address (it can only identify a general location, such as town, city, or state, but cannot identify your precise location);
  • Sensitive Personal Information: complete account access credentials that include a username, email address, non-reversible hashed password, and authentication credentials provided by third-party authentication services.

14.2. Purposes of collection

We collect Personal Information for the purposes described in the "How we process your personal data" section of our Privacy Policy, including:

  • To develop, operate, and maintain our Website, Services, and Products;
  • To operate and maintain our Blog and Documentation;
  • To analyze the Website, Blog, and Documentation traffic;
  • To provide our Support Service;
  • To contact you about updates on our Products and Services;
  • To provide you with License or Subscription activation information;
  • For any other purpose with your consent.

14.3. Rights under the CCPA

California residents have the following rights:

  • Right to know: You have the right to request details about the categories and specific pieces of Personal Information we collect.
  • Right to delete: You have the right to request the deletion of your Personal Information, subject to certain exceptions.
  • Right to correct: You have the right to request the correction of inaccurate Personal Information that we maintain.
  • Right to opt-out: You have the right to opt out of the sale or sharing of your Personal Information. We do not sell or share your Personal Information for monetary benefit. However, some data-sharing practices, such as those used for personalized advertising or service improvement, may fall within the broad definition of a "sale" under the CCPA. You can opt out of such practices at any time by visiting our "Do not sell my info" page (https://www.ablebits.com/docs/do-not-sell-my-info/) or by contacting us directly.
  • Right to non-discrimination: We will not discriminate against you for exercising your privacy rights.
  • Right to limit: You have the right to limit the use and disclosure of your sensitive Personal Information.

To exercise these rights, please contact us using the details provided in the "Contact us" section. Upon receiving your request, we may ask for additional information to verify your identity. We aim to respond to your request within forty-five (45) calendar days, and we will notify you if additional time is required.

You may designate an authorized agent to make a request on your behalf by providing written authorization.

15. Supplemental notice for Nevada residents

As defined by Nevada Revised Statutes Chapter 603A, we do not sell Personal Data of Nevada residents. However, if you are a Nevada resident and wish to submit a request to opt out of potential future sales, please contact us using the details provided in the "Contact us" section of our Privacy Policy. Please clearly indicate "Nevada Opt-Out Request" in your communication. We aim to respond to such requests within sixty (60) calendar days.

16. Supervisory authority

You have the right to lodge a complaint with the applicable supervisory authority in the country you live in, the country you work in, or the country where you believe your rights under applicable data protection laws have been violated. We encourage you to contact us first so we can address your concerns directly.

Helpful links:

17. Third-party websites and services

Our Website and Services may include links to external websites or integrate with third-party platforms for additional functionality, for example embedded videos, third-party analytics, or the Support Service platform widgets. These third-party websites and services operate independently of us and are governed by their own privacy policies. We are not responsible for the privacy practices or content of any third-party website or service. We encourage you to review their privacy policies directly.

18. International transfers of your personal data

Our Website, Blog, Documentation, and Support Service platform are hosted in the United States of America. If you access them from the European Union or other regions with data protection laws, please note that your Personal Data may be transferred to the United States and processed in the EEA and the United States.

Our Services are hosted in the United States, Germany, and Australia. This means that, depending on the configuration selected by your Company Administrator during the Company Account setup, your Personal Data may be transferred outside your country, state, or province of residence.

We may transfer your Personal Data to the following recipients:

Recipient Countries Purpose of transfer Transferred data types
Website United States Storage IP address, Cookies
Blog United States Storage Public User Content
Documentation United States Storage Public User Content
Support Service platform United States Customer service and technical support Support Service Information
Google Analytics for Website, Blog, and Documentation United States User analytics IP address, device information, browsing history
Ablebits Services United States, Germany, Australia Storage and security Personal Data, User Content

Depending on your location, appropriate safeguards are applied to such transfers in line with the requirements of applicable data protection laws. These safeguards may include:

  • Transfers to countries that the relevant authorities have recognized as providing adequate protection (for example adequacy decisions by the European Commission);
  • Transfers to recipients participating in certified frameworks (such as the EU-US Data Privacy Framework) or those implementing binding corporate rules;
  • Obtaining your express consent.

If you have further questions about international data transfers that we make, please contact us using the details provided in the "Contact us" section.

19. Children's privacy

Our Website, Services, and Products are not intended for persons under the age of 18, and we do not knowingly collect information from children under the age of 18. If a parent or guardian becomes aware that their minor child (as defined by the applicable privacy rules or regulations pertaining to the minor child) has provided us with Personal Data without their consent, they should contact us using the details provided in the "Contact us" section. We will delete such Personal Data from our files within commercially reasonable time, but no later than required under the applicable law relating to the child's state and/or country of residence.

20. Changes to this Privacy Policy

We reserve the right to modify or update this Privacy Policy at any time, at our sole discretion. When we make material changes to this Privacy Policy, we will:

  • post the updated version on our Website;
  • update the "Effective date" at the top of this document;
  • where appropriate, provide additional notice via email or through the Services.

Any such changes will become effective on the date indicated in the updated Privacy Policy, unless a later date is specified. We encourage you to review this Privacy Policy periodically to stay informed of any changes.

If you do not agree to the updated Privacy Policy, you must stop using the Website, Services, and Products before the changes become effective. Your continued use of the Website, Services, or Products after the effective date of the updated terms constitutes your acceptance of the changes.

A "material change" means a change that significantly affects your rights, obligations, or use of the Website, Services, or Products. "Minor updates," such as clarifications or typographic corrections, are not considered material and may not trigger additional notice.

21. Contact us

If you have any questions, concerns, complaints, or suggestions regarding this Privacy Policy, or if you would like to make a request concerning your Personal Data under applicable laws, please contact our Privacy Team.

By form: https://www.ablebits.com/support/data-protection-form.php

By email: privacy@ablebits.com

By mail:
Office Data Apps sp. z o.o.
Attn: Privacy Team
Brukowa 3
05-092 Lomianki
Poland

Annex 1. Shared Email Templates for Microsoft Outlook

Required permissions for the Microsoft 365 app

Introduction

This Annex is intended to help you understand how and why we request your permission for certain features in Shared Email Templates for Microsoft Outlook ("Service"), the service that allows you to create, store, and share email and calendar templates ("Template") across devices and teams.

What are permissions?

To access protected resources such as email or calendar data in your mailbox, our Service requires the authorization of the resource owner. As the resource owner, you can choose to grant or deny access and may update your permissions whenever you wish.

The permission mechanism, based on the Microsoft identity platform, offers a flexible and secure way for our Service to access your data while ensuring you retain full control at all times.

Which app permissions do we request?

  • Have full access to all files user can access
    We use this permission to attach files from your OneDrive when inserting a Template into the currently composed message if this Template contains links to the files to be attached.Your OneDrive files are transferred to your Outlook directly without being processed on our side.
  • Have full access to all files you have access to
    We use this permission to attach files from your OneDrive when inserting a Template into the currently composed message if this Template contains links to the files to be attached.Your OneDrive files are transferred to your Outlook directly without being processed on our side.
  • Maintain access to data you have given it access to
    This permission allows the Service to send scheduled mail merge campaign messages even if you are logged out from your account and have switched off all the devices.
  • Read all users' basic profiles
    We use this permission to read properties of "Microsoft work or school accounts," such as first and last names and email addresses, so that a Microsoft 365 Global Administrator can create Shared Email Templates User Accounts for their users by importing those users from Azure Active Directory.
  • Read directory data
    We use this permission to read Azure Active Directory group information when a Company Administrator imports users from an Azure Active Directory group.
  • Read items in all site collections
    We use this permission to attach files from your SharePoint when inserting a Template into the currently composed message if this Template contains links to the files to be attached.Your SharePoint files are transferred to your Outlook directly without being processed on our side.
  • Read mail you can access
    We use this permission to read the content of the currently composed message from your personal or shared mailbox.
  • Read user and shared mail
    We use this permission to read the content of the currently composed message from your personal or shared mailbox.
  • Read user mail
    We use this permission to read the content of the currently composed message into which a Template is going to be inserted.
  • Read your mail
    We use this permission to read the content of the currently composed message into which a Template is going to be inserted.
  • Send mail as you
    This permission allows the Service to send mail merge campaign messages from your mailbox.
  • Send mail on behalf of others or yourself
    This permission allows the Service to send mail merge campaign messages on behalf of the specified mailbox.
  • Sign in and read user profile
    We use this permission to read your name, email address, picture, and other properties of your "Microsoft personal account" or your "Microsoft work or school account" when inserting a Template into the currently composed message.
  • Sign you in and read your profile
    We use this permission to read your name, email address, picture, and other properties of your "Microsoft personal account" or your "Microsoft work or school account" when inserting a Template into the currently composed message.

Required Microsoft Graph API permissions

Sign in/Sign up with Microsoft

Graph Permission Permission Type Justification Azure AD App ID
openid delegated Required by Azure AD authorization flow. To sign users in and ensure their consent to using the Shared Email Templates app. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
c1e89043-a87e-4168-9620-996b6174f9ce
profile delegated To read basic user information. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
c1e89043-a87e-4168-9620-996b6174f9ce
offline_access delegated To refresh access token, when the active one is expired. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
c1e89043-a87e-4168-9620-996b6174f9ce
User.Read delegated To read the profile of signed-in users. Also allows the Shared Email Templates app to read basic company information of signed-in users. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
c1e89043-a87e-4168-9620-996b6174f9ce
User.ReadBasic.All delegated To read a basic set of profile properties of other users in the organization on behalf of the signed-in user. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
c1e89043-a87e-4168-9620-996b6174f9ce

General Shared Email Templates functionality

Graph Permission Permission Type Justification Azure AD App ID
openid delegated Required by Azure AD authorization flow. To sign users in and ensure their consent to using the Shared Email Templates app. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
c1e89043-a87e-4168-9620-996b6174f9ce
or
680093f8-3534-48f1-8dae-3a13343cc03c
profile delegated To read basic user information. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
c1e89043-a87e-4168-9620-996b6174f9ce
or
680093f8-3534-48f1-8dae-3a13343cc03c
User.Read delegated To read the profile of signed-in users. Also allows the Shared Email Templates app to read basic company information of signed-in users. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
c1e89043-a87e-4168-9620-996b6174f9ce
or
680093f8-3534-48f1-8dae-3a13343cc03c
Files.ReadWrite.All delegated To read and upload files to the signed-in user's OneDrive or SharePoint folders. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
c1e89043-a87e-4168-9620-996b6174f9ce
or
680093f8-3534-48f1-8dae-3a13343cc03c
Sites.Read.All delegated To read site and folder items in all site collections on behalf of the signed-in user. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
c1e89043-a87e-4168-9620-996b6174f9ce
or
680093f8-3534-48f1-8dae-3a13343cc03c
Mail.Read delegated To read email in user mailboxes. Required for Outlook Draft functionality. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
c1e89043-a87e-4168-9620-996b6174f9ce
or
680093f8-3534-48f1-8dae-3a13343cc03c
Mail.Read.Shared delegated To read mail that the user can access, including shared mail. Required for Outlook Draft functionality. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
c1e89043-a87e-4168-9620-996b6174f9ce
or
680093f8-3534-48f1-8dae-3a13343cc03c
Directory.Read.All delegated Required by Azure AD authorization flow. To read data in groups of the user's organization. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
c1e89043-a87e-4168-9620-996b6174f9ce

Mail Merge functionality

Graph Permission Permission Type Justification Azure AD App ID
openid delegated Required by Azure AD authorization flow. To sign users in and ensure their consent to using the Shared Email Templates app. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
6e8e4d5c-1979-4b55-a2e8-a7531167af15
profile delegated To read basic user information. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
6e8e4d5c-1979-4b55-a2e8-a7531167af15
offline_access delegated To refresh access token, when the active one is expired. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
6e8e4d5c-1979-4b55-a2e8-a7531167af15
User.Read delegated To read the profile of signed-in users. Also allows the Shared Email Templates app to read basic company information of signed-in users. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
6e8e4d5c-1979-4b55-a2e8-a7531167af15
Files.ReadWrite.All delegated To read and upload files to the signed-in user's OneDrive or SharePoint folders. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
6e8e4d5c-1979-4b55-a2e8-a7531167af15
Mail.Send delegated Allows the Shared Email Templates app to send mail as the signed-in user. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
6e8e4d5c-1979-4b55-a2e8-a7531167af15
Mail.Send.Shared delegated Allows the Shared Email Templates app to send mail as the signed-in user, including sending on behalf of others. e6f666d5-61ff-4582-8732-cedd9e55cef3
or
6e8e4d5c-1979-4b55-a2e8-a7531167af15

Annex 2. Shared Email Templates for Gmail

Permissions to access your Google Account

Introduction

This Annex is intended to help you understand how and why we request your permission for certain features in Shared Email Templates for Gmail ("Service"), the service that allows you to create, store, and share email templates ("Template") across devices and teams.

What are permissions?

To access protected resources such as your Gmail or Google Sheets, our Service requires the authorization of the resource owner. As the resource owner, you can choose to grant or deny access and may update your permissions whenever you wish.

The permission mechanism, based on Google's OAuth 2.0 protocol, offers a secure way for our Service to access your data while ensuring you retain full control at all times.

Which Google permissions do we request?

  • See and download all your Google Drive files
    We use this permission to attach files from your Google Drive when inserting a Template into the currently composed message if this Template contains links to the files to be attached.Your Google Drive files are transferred to your Gmail directly without being processed on our side.
  • View customer related information; View groups on your domain; See info about users on your domain
    We use these permissions to read properties of "Google Accounts", such as first and last names and email addresses, so that a Google Workspace domain administrator can create Shared Email Templates User Accounts for their users by importing those users from Google Workspace Directory.
  • See all your Google Sheets spreadsheets
    We use this permission to provide you with the option to use datasets from your spreadsheets.
  • Associate you with your personal info on Google; See your personal info, including any personal info you've made publicly available; See your primary Google Account email address
    We use these permissions to read your name, email address, and your Google Account picture:

    • to link your Google Account with the Service;
    • when inserting a Template into the currently composed message.

Data access using Google APIs

Sign in/Sign up with Google

Scope Description Justification Google Cloud Project ID /
Number
/auth/userinfo.profile See your personal info, including any personal info you've made publicly available. Required for the "Sign in with Google" feature. Utilizes the user's name to populate the Shared Email Templates account. Shared-email-templates / 1055638364189
/auth/userinfo.email See your primary Google Account email address. Required to obtain the user's email for creating or accessing an existing Shared Email Templates account. Shared-email-templates / 1055638364189
openid Associate you with your personal info on Google. Required to obtain an OpenID Connect token, essential for verifying the user's identity. This ensures that the user is who they claim to be. Shared-email-templates / 1055638364189

General Shared Email Templates functionality

Scope Description Justification Google Cloud Project ID /
Number
/auth/userinfo.profile See your personal info, including any personal info you've made publicly available. Required for the "Sign in with Google" feature. Utilizes the user's name to populate the Shared Email Templates account. Shared-email-templates / 1055638364189
/auth/userinfo.email See your primary Google Account email address. To obtain the user's email for creating or accessing an existing Shared Email Templates account. Shared-email-templates / 1055638364189
openid Associate you with your personal info on Google. To obtain an OpenID Connect token, essential for verifying the user's identity. This ensures that the user is who they claim to be. Shared-email-templates / 1055638364189
/auth/drive.readonly View and download all your Drive files. To enable attaching files from Google Drive. Users select which files Shared Email Templates can read and attach. Shared-email-templates / 1055638364189
/auth/spreadsheets.readonly See all your Google Sheets spreadsheets. To access data from user-selected Google spreadsheets and ranges. This data is then inserted as values into the email body using the Dataset functionality. Shared-email-templates / 1055638364189
/auth/admin.directory.user.readonly Scope for only retrieving users or user aliases. To allow the Shared Email Templates account owner and Google Workspace administrator to create Shared Email Templates users based on the Google Workspace directory user list. Shared-email-templates / 1055638364189
/auth/admin.directory.customer.readonly Scope for only retrieving customers. To obtain the domain name, which allows the Google Workspace administrator to retrieve the list of users in the domain. Shared-email-templates / 1055638364189
/auth/admin.directory.group.readonly Scope for only retrieving group, group alias, and member information. To retrieve Google Workspace directory groups, allowing to create Shared Email Templates users based on these groups. Shared-email-templates / 1055638364189

See also

Please contact us here

Our working hours:
Central European Time (CET) 08:00 - 23:00
Central European Time (CET) 08:00 - 23:00
Eastern Time (ET) 2:00 AM – 5:00 PM
Central Time (CT) 1:00 AM – 4:00 PM
Pacific Time (PT) 11:00 PM (previous day) – 2:00 PM
Australian Eastern Daylight Time (AEDT) 6:00 PM – 9:00 AM (next day)
If you want to attach files (e.g. screenshots or log files), it will be possible right after you send this form and we automatically create a support ticket for you.