Privacy Policy
Last updated: February 15, 2026
In short: RIFACTS does not collect, store, or transmit any personal data to external servers. All processing happens within your Google Workspace session.
1. What RIFACTS Does
RIFACTS is a Google Docs sidebar add-on that helps investigative journalists fact-check claims by comparing them against evidence stored in Google Drive. It uses the Gemini 2.0 Flash API to analyse the evidence and return scored results.
2. Data We Access
When you use RIFACTS, the add-on accesses the following data through Google's OAuth APIs:
- Google Docs — Text you have highlighted in the active document (the claim to verify)
- Google Drive — Files within the folder you select as evidence (documents, PDFs, spreadsheets, images)
- Google Sheets — Spreadsheet content when a Sheet file is part of your evidence folder
- YouTube — Video metadata and captions for YouTube links found within your evidence files
3. How Data Is Processed
Your highlighted claim and the content of your selected evidence files are sent to the Google Gemini 2.0 Flash API for analysis. This is a direct API call from Google Apps Script to Google's AI infrastructure.
- No data is sent to any third-party servers outside of Google
- No data is logged, cached, or stored by RIFACTS beyond the active session
- Results are displayed in the sidebar and are not saved unless you copy them
4. Data Storage
RIFACTS has no backend server and no database. It runs entirely within Google Apps Script. Your data never leaves the Google ecosystem.
The only stored value is your Gemini API key, which is saved in Google Apps Script's built-in Properties Service (private to your Google account).
5. Data Sharing
RIFACTS does not share, sell, or transmit your data to any third parties. The only external call is to the Google Gemini API, which is governed by Google's AI Terms of Service.
6. Permissions Explained
RIFACTS requests the following OAuth scopes, each for a specific purpose:
- auth/documents — Read the text you highlight in Google Docs
- auth/drive — Browse folders and read evidence files (including PDF OCR)
- auth/spreadsheets — Extract data from Google Sheets used as evidence
- auth/youtube.readonly — Fetch video metadata
- auth/youtube.force-ssl — Access video captions/transcripts
- auth/script.container.ui — Display the sidebar in Google Docs
- auth/script.external_request — Make API calls to Google Gemini
7. Your Rights
You can revoke RIFACTS' access at any time by visiting your Google Account Permissions page. Since no data is stored, there is nothing to delete.
8. Changes to This Policy
If we update this privacy policy, the change will be reflected on this page with an updated date. Significant changes will be noted in the project's GitHub repository.
9. Contact
For questions about this privacy policy, please open an issue on the GitHub repository.