Google Data Use / Limited Use Statement
This page explains how Lucrum CRM uses Google user data when a user connects Google Workspace.
Last updated: May 9, 2026. Google access is optional and feature-specific.
1. Summary
Lucrum CRM uses Google user data only to provide user-visible CRM features that the user or their organization enables. Google data is not sold, not used for advertising, and not used to train generalized AI or machine learning models.
2. Google data by feature
| Feature | Likely Google scopes | Use |
|---|---|---|
| Google sign-in / identity | openid, email, profile | Identify the user and connected Google account. |
| Email / Gmail | gmail.readonly, gmail.send, and/or gmail.modify where explicit message actions are enabled. | Display Gmail messages in the Email module, send/reply when requested, and perform explicit state changes selected by the user. |
| Contacts | contacts.readonly for read/review workflows. | Show contacts for user review, matching, linking, or CRM record creation after user selection. |
| Calendar | calendar.events.readonly and related narrow read-only scopes where needed. | Display calendar events in CRM context. |
Lucrum CRM requests scopes incrementally where practical. Google sign-in does not automatically grant Gmail, Contacts, or Calendar access.
3. Limited Use commitments
- Google user data is used only to provide and improve user-facing features that are prominent in Lucrum CRM.
- Google user data is not sold.
- Google user data is not used for advertising, retargeting, or ad measurement.
- Google user data is not transferred to data brokers or information resellers.
- Google user data is not used to determine credit-worthiness or lending eligibility.
- Google user data is not used to train generalized AI or machine learning models.
- Access is limited to the minimum data needed for enabled features.
4. Storage and security model
Google refresh tokens are stored only in the central Google integration broker/token vault, not in individual customer CRM containers. Tokens are encrypted at rest and protected with access controls and audit logging. Google access tokens are treated as short-lived secrets and are not placed in browser URLs, localStorage, frontend state, customer CRM containers, or logs.
5. Human access
Lucrum Industries personnel do not casually access users' Gmail, Contacts, or Calendar data. Human access is limited to support requested by the customer/user, security investigation, abuse prevention, legal compliance, or other narrow operational necessity.
6. Disconnect and deletion
Users can disconnect Google access from Lucrum CRM and can also revoke the app from their Google Account permissions page. See Disconnect and deletion instructions for details.