Privacy Policy

Last updated: May 9, 2026

1. Introduction and Scope

Greader is a productivity and reporting tool that integrates directly with the Telegram Bot (@GreaderHuyBot) to help users seamlessly monitor and retrieve important email notifications. Our application requires access to certain Google APIs to provide these reporting functions. This Privacy Policy details the types of information we collect, how we handle the data retrieved from your Google Account, and the robust measures we take to ensure your privacy.

2. Information We Collect

When you authenticate with Greader via OAuth 2.0, we strictly adhere to the principle of least privilege. We only request the minimum permissions required to provide our service:

Read-only access to your Gmail (`https://www.googleapis.com/auth/gmail.readonly`): We strictly require this scope to read specific incoming emails necessary for your requested productivity and reporting workflows.
Basic account information: We collect your email address solely to uniquely identify your account and securely link it to your Telegram profile.

3. How We Use Your Information

Your data is used exclusively to facilitate your requested reporting pipelines via Telegram. Specifically, we use it to:

Fetch and display specific email subjects or contents to you directly in Telegram when you explicitly trigger a `/read` or `/search` command.
Maintain a secure linkage between your Telegram Identity (Chat ID) and your authorized Google Account.

We explicitly do NOT: send emails on your behalf, modify your emails, delete your emails, or read your personal email history outside the direct scope of your specific, manually triggered command requests. We do not use your data for advertising, profiling, or machine learning model training.

4. Data Storage and Retention

Authentication tokens (OAuth credentials) are securely stored in our managed Firebase database using industry-standard AES-256 encryption. These tokens are mapped securely to your Telegram Chat ID and are never exposed to the client-side.

Crucially, we do not store the contents of your emails. Email data is processed entirely in memory in real-time when you trigger a bot command, and it is immediately discarded from our servers once the response is sent to your Telegram client.

5. Third-Party Sharing

We value your privacy immensely. We do not share, sell, rent, or transfer your personal information, email data, or authentication tokens to any third parties, advertisers, data brokers, or external services under any circumstances.

6. Compliance with Google API Services User Data Policy

Greader's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

7. Your Rights and Access Revocation

You retain complete control and ownership over your data. You can revoke Greader's access and permanently delete your data from our servers at any time through either of the following methods:

By sending the /revoke [your_email] command to @GreaderHuyBot on Telegram. This triggers an immediate, hard deletion of your OAuth token and associated email address from our Firestore and Cloud Storage databases.
By visiting your Google Account's Security settings (myaccount.google.com/permissions) and manually removing Greader's access.

8. Changes to this Privacy Policy

We may update our Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify users of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

9. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy, our data handling practices, or if you wish to exercise your data privacy rights, please contact the developer directly at:

Email: menghuy157@gmail.com