Privacy Policy

This Online Privacy Policy describes the privacy practices for Tanitapps Product GMerge Plus and its website www.formworkflowplus.com

1. Why do we keep some of your information ?

Tanitapps products are web based; because of this they may require the use of first and last names, billing contact information, and a G Suite account as a login. Therefore, at a minimum, we may require such necessary information in order to establish your account with us.

2. Do we access, use, store, or share Google users data during Tanitapps applications usage?

Personal Information: We collect personal information from users including (at minimum) first and last names, and a G Suite email address to be used as a login. When a user registers online for a trial version of our products, Tanitapps will take steps to verify the email address supplied to us to ensure it is accurate. Upgrading to the full version of our products requires Tanitapps to collect billing and payment information via our payment processing partner Stripe . Your email address may be used to send you periodic product newsletters, offers and usage tips from Tanitapps. You can opt out of promotional emails at any time, but will still receive communications such as receipts, confirmation emails and customer service updates that are considered necessary to provide the service to you. We use the information collected to deliver services, update our records, communicate with you about products and services, and generally maintain your accounts with us. We will retain your information for as long as your account is active, as needed to provide you services, to comply with our legal obligations, resolve disputes, and enforce our agreements. If you wish to cancel your account or request that we no longer use your information to provide you services contact us at contact@formworkflowplus.com We do not share, sell, trade, or rent your personal information to third parties except as described in this privacy policy. Information gathered at Tanitapps is done so on a voluntary basis.

Business Information:

Information that is collected by our products is considered confidential. We will not view Business Information except as necessary to appropriately support the service or as required by law. (Business Information includes app data, documents, files, configuration settings and any other business information stored on Tanitapps products). We will not view Business Information, except as necessary to appropriately support the service, for the purpose of anticipating, diagnosing, supporting or resolving any problems that might limit or disrupt the quality of our customers’ service experience or as required by law.

Session Records:

To maintain our quality of service and to assist in the analysis of product performance, we may also gather data on connection information. The gathered information is used only to ensure the highest quality experience possible when using Tanitapps products.

Security Information:

Tanitapps also collects certain standard information about your computer for security and identification purposes. This information may include: IP addresses, domain names, access times, cookies and other unique identifying information of machines that have our software downloaded and installed on them. This information is used for the operation of the service, to identify and protect our customers and to control unauthorized use or abuse of our services. All information is encrypted during transmission and is stored securely within our servers.

Web Analytics:

We continuously improve our websites and utilize different web analytic tools to help us do so. We are interested in how visitors use our websites, what they like and dislike, and where they have problems. We also use web analytic tools on our mobile applications to help gather non-personally identifiable data about download and application usage. In our use of web analytics we do collect GeoLocation data, but it is only on an aggregate basis and not tied to any individual. The web beacons used in connection with our web analytics services do not share any personally identifiable information about our website and application visitors with third parties. Our tools may gather data such as what browser a person uses, what operating systems are used, what is downloaded, and what content, products and services are reviewed when visiting or registering for services at one of our websites or mobile applications. This information is used solely to assist Tanitapps in maintaining a more effective and useful website for our customers. We track aggregate traffic patterns throughout our site but we do not correlate this information with personally identifiable data about individual users. We track domain names and browser types. Such information will not be passed to third parties without your prior consent unless where required by applicable law.

3. With whom does Tanitapps share the information?

Ensuring your privacy is important to us. We do not sell, trade or rent your personal information to third parties.
Tanitapps products and services by necessity require us to provide some of your information to third parties.
We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the EU General Data Protection Regulation 2018 (GDPR) and the new Standard Contractual Clauses (SCCs).
We currently use the following third parties: Google, Hubspot and Stripe.

4. How does Tanitapps protect my information from loss, misuse or alteration?

Tanitapps has implemented commercially reasonable precautions designed to protect the web sites and applications it hosts and the information it collects from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Nevertheless, we remind you that no security measure is perfect. Tanitapps applications are accessed via G Suite user accounts. Tanitapps is not liable for loss of passwords due to user carelessness. If you lose control over your Google account, you may lose control over your personally identifiable information. If you believe your Google Account has been compromised, we recommend that you immediately change your password or activate Google 2 step authentication.

5. Tanitapps Data Retention Policy, Data Controller and Data Protection Officer

Tanitapps is compliant with the EU General Data Protection Regulation 2018 (GDPR) and the new Standard Contractual Clauses (SCCs). Tanitapps currently retains all user and business data while you are user of Tanitapps online services. We keep your data for a period of 12 months after you stop using any of the 3 following:

• Tanitapps online SaaS applications Form Workflow Plus
• Subscription to our Email Newsletter
• Subscription to our blog.Tanitapps.io

You can request an immediate deletion of all your data by contacting our Data Protection Officer by email.

Data Controller: Tanitapps Inc, 3790 Colorado Ave. Unit A, Boulder, CO 80303, USA

Data Protection Officer: Jeremy Rochot, Director Tanitapps Inc, email contact@formworkflowplus.com

On 4 June 2021 the EC published new Standard Contractual Clauses (SCCs) to help safeguard personal data. These new SCCs replaced the SCCs previously adopted by the EC in 2010 and can be used to facilitate lawful transfers of data under certain conditions. By imposing various contractual obligations, SCCs allow personal data subject to the GDPR to flow to recipients outside the European Economic Area (EEA).

Google has updated its data processing terms for Google Cloud Platform, and Google Workspace (including Workspace for Education) and Cloud Identity, to incorporate the new SCCs.

For all Google Cloud customers, this new approach:

• offers clear and transparent support for their compliance with applicable European data protection laws;
• simplifies the entities involved in contracting by no longer requiring any customer to deal with an additional Google entity only for SCC purposes;
• aligns more closely with potential flows of data within the services.

Stripe updated its data processing on november 17, 2022 (https://stripe.com/fr/legal/dpa).

Hubspot also updated its data processing (https://www.hubspot.com/data-privacy/privacy-shield).

6. Data Breaches

We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.

7. Business information usage by Form Workflow Plus

7.1 A requester completes a Google Form to start a workflow request.
The Google Form data are collected in your Google Sheet - response tab.
Files attached to the Form are stored in the Google Drive of the Sheet owner.

7.2: Form Workflow Plus interacts with Google Sheets

Form Workflow Plus has full access to the Spreadsheet collecting the responses using the Google Spreadsheet API: Spreadsheetapp API This access is necessary for 2 reasons:

1. To Read and Write in the Sheet during the workflow process and to manage the approval steps in the sheet


2. To Read and Write in the Sheet during the workflow process and to manage the approval steps in the sheet

7.3 Form Workflow Plus interacts with Google Forms

Form Workflow Plus has full access to the Form linked to the Google Spreadsheet using Google Forms Api: Google Forms API This access is necessary for 2 reasons:

1. To display autocomplete of your contacts emails when adding a reviewer inside “Setup” tab in “Setup steps/reviewer(s)” conditions


2. To create sample Form when you click “Create Form” in sidebar when onboarding

7.4 Form Workflow Plus interacts with Contacts API

Form Workflow Plus has full access to your contacts using Google Groups/Contacts API: ContactsApp API This access is necessary for 1 reason:

1. To read from responses to start the workflow process

7.5 Form Workflow Plus interacts with Class Ui

Form Workflow Plus has full access to Class Ui API: Class Ui API This access is necessary for 2 reasons:

1. To create add-on menu


2. To display Modals

7.6 Form Workflow Plus interacts with ScriptApp API

Form Workflow Plus has full access to ScriptApp API: ScriptApp API This access is necessary for 1 reason:

1. To create, delete Triggers to collect form responses and start a workflow

7.7 Form Workflow Plus will send emails in the name of the Owner and Reviewers, and collect their Approval / Decline decision in the spreadsheet

Form Workflow Plus will use Mailapp API to send to people involved in the approval workflow the following emails:

• Sending Approval request to reviewers


• Sending pending Approval reminders to reviewers


• Informing each Requester of the Reviewers decisions at every step, including final approval step.

Each action on an approval step will result in a notification sent by the api.

7.8 Information stored on our Form Workflow Plus application and our https://app.formworkflowplus.com

We only store the following information:

• Information related to your subscription


• Users invited in your team, if applicable


• ID and name of the Google Forms and Google Sheets where the Add-on has been activated


• Form responses

The Google Add-On program is designed by Google to give safely access to your data to the exact program you decided to launch. At no time do we have access to the content of your data, only the add-on does.

7.9 Revoking access

Form Workflow Plus Access to API’s listed in 2: and 3: will be revoked as soon as the workflow owner or G Suite administrator uninstalls the Add-on.

7.10 Deleting business data on Form Workflow Plus

All business data stored by Form Workflow Plus will be definitely deleted 2 months after the customer uninstalls the Add-on.

---