Gmail Integration - How It Works

This page explains in detail how NiceTMY uses your Gmail account and what permissions we request.

Overview

When you connect your Gmail account to NiceTMY, we request access to send emails on your behalf from your Gmail account. This allows us to automatically send personalized follow-up emails when you enter contact information at networking events.

What We Access

OAuth Permissions Requested

When you authorize NiceTMY to access your Gmail account, we request the following permissions:

gmail.send - This permission allows us to send emails from your Gmail account
userinfo.email - This permission allows us to identify which Gmail account is connected to your NiceTMY account

How We Use These Permissions

Email Sending: We use the gmail.send scope to send personalized follow-up emails from your Gmail account when you enter contact information at networking events. Emails are sent only when you explicitly enable this feature in your settings.
Account Management: We use your email address to associate your Gmail account with your NiceTMY account for service functionality.

What We DON'T Access

Important: We do NOT read, access, or store any emails from your Gmail inbox. We only send emails that you explicitly authorize through our service.

We do NOT have access to:

Your inbox or any emails in it
Your sent emails
Your drafts
Your contacts
Any other Gmail data

How It Works

Step 1: Authorization

Navigate to Settings → Email Configuration
Click "Link Email Account" button
You'll be redirected to Google OAuth consent screen
Review the permissions requested
Grant permission for "Send email on your behalf"

Step 2: Token Storage

OAuth tokens (access tokens and refresh tokens) are stored securely in our database with encryption
Tokens are automatically refreshed when they expire
Tokens are never shared with third parties

Step 3: Email Sending

When you enter a contact's email address in the main app interface
If email follow-up is enabled in your settings, the app automatically:
- Retrieves stored OAuth token
- Refreshes token if expired
- Calls Gmail API users.messages.send endpoint
- Sends personalized email from your Gmail account

Step 4: Email Content

Subject and body are customizable by you in settings
Supports template variables: {name}, {event_name}, {location}, etc.
Email is sent from your own Gmail account (not a service account)

Your Control

You have full control over your Google account connection:

Revoke Access

You can disconnect your Gmail account at any time through your account settings
Or revoke access in your Google Account settings

Disable Email Sending

You can disable the email follow-up feature in your settings without disconnecting your account
This stops all automated email sending while keeping the connection active

Token Deletion

When you disconnect, all stored OAuth tokens are immediately deleted from our database
No data remains after disconnection

Privacy & Security

Data Storage

OAuth tokens are stored securely in our database with encryption
Tokens are automatically refreshed when they expire
Tokens are deleted immediately when you disconnect your Gmail account
Tokens are never shared with third parties

Limited Use Requirements Compliance

Our use of information received from Google APIs adheres to Google API Services User Data Policy, including the Limited Use requirements:

We only use Google user data to provide or improve user-facing features of our application
We do not transfer Google user data to others unless required for legal purposes
We do not use Google user data for serving advertisements
We do not allow humans to read Google user data unless required for security purposes or with your explicit consent

Security Measures

We implement industry-standard security measures to protect your data:

Encryption: OAuth tokens are encrypted both in transit and at rest
Access Controls: Strict access controls limit who can view or modify token data
Automatic Token Refresh: Tokens are automatically refreshed before expiration
Immediate Deletion: Tokens are deleted immediately upon disconnection

Frequently Asked Questions

Q: Can NiceTMY read my emails?

A: No. We only have permission to send emails. We cannot read, access, or view any emails in your inbox.

Q: Will NiceTMY send emails without my permission?

A: No. Emails are only sent when you explicitly enable the email follow-up feature in your settings and enter contact information.

Q: Can I stop emails from being sent?

A: Yes. You can disable the email follow-up feature in your settings at any time, or disconnect your Gmail account entirely.

Q: What happens if I disconnect my Gmail account?

A: All stored OAuth tokens are immediately deleted from our database. No data remains after disconnection.

Q: Is my Gmail password stored?

A: No. We use OAuth 2.0, which means we never see or store your password. We only store encrypted access tokens.

Q: Can NiceTMY access my other Google services?

A: No. We only request access to Gmail for sending emails. We do not have access to Google Drive, Google Calendar, or any other Google services.

Contact

If you have questions or concerns about how we use your Gmail account, please contact us:

Email: [email protected]
Privacy Policy: View Privacy Policy