Privacy Policy

Last updated: February 15, 2024

Adapted from https://www.tidyverse.org/google_privacy_policy/

Privacy policy for packages that access Google APIs

metricminer is an R package wrapper for Google data as well as other web services. This includes obtaining data from the APIs from these Google products:

All of these packages are governed by common policies recorded here. These packages use internal resources owned by the “metricminer” project on Google Cloud Platform. That is the name you will see in a consent screen.

Your use of Google APIs with these packages is subject to each API’s respective terms of service. See https://developers.google.com/terms/.

Privacy

Google account and user data

Accessing user data

These packages access Google resources from your local machine. Your machine communicates directly with the Google APIs.

The metricminer project never receives your data or the permission to access your data. The owners of the project can only see anonymous, aggregated information about usage of tokens obtained through its OAuth client, such as which APIs and endpoints are being used.

Each package includes functions that you can execute in order to read or modify your own data. This can only happen after you provide a token, which requires that you authenticate yourself as a specific Google user and authorize these actions.

These packages can help you get a token by guiding you through the OAuth flow in the browser. There you must consent to allow the metricminer to operate on your behalf. The OAuth consent screen will describe the scope of what is being authorized, e.g., it will name the target API(s) and whether you are authorizing “read only” or “read and write” access.

Scopes

Overview of the scopes as they are seen on the OAuth screen, requested by various metricminer and the rationale of why you may need them. For more details on each function and what it does you can see our documentation here.

  • See and download all your Google Drive files. This is used for you’d like to find and retrieve Slido data or Google Forms that are stored in your Google Drive. We need this scope in order to actually be able to read the data in those files for you. Functions that use this scope.
  • See information about your Google Drive files. This is used for you’d like to retrieve Slido data or Google Forms that are stored in your Google Drive. We need this scope in order to actually be able to find those files for you.Functions that use this scope.
  • See, edit, create, and delete only the specific Google Drive files you use with this app. This is used for if you’d like store metrics you collect with metricminer to your GoogleDrive folder. We need this scope so that you can write your metrics to your Google Drive in a GoogleSheet. Function that uses this scope.
  • View your YouTube account This is used for collecting metrics from Youtube videos or Youtube channels with those respective functions. We need this scope so we can retrieve your YouTube metrics with those functions.
  • See and download your Google Analytics data. This is used for collecting data from Google Analytics. We need this scope if you’d like to collect your metrics from Google Analytics. Functions that use this scope
  • See all responses to your Google Forms forms. - This is used for when you’d like to retrieve Google Form response data that are stored in your Google Drive. We need this scope if you’d like to collect your form responses. Functions that use this scope
  • See all your Google Forms forms. This is used for you’d like to retrieve Google Form data that are stored in your Google Drive. We need this scope if you’d like to collect metadata about your forms. Functions that use this scope

Sharing user data

metricminer only communicates with Google APIs. No user data is shared with the owners of the metricminer, RStudio, or any other servers.

Storing user data

These packages may store your credentials on your local machine, for later reuse by you. Use caution when using these packages on a shared machine.

By default, an OAuth token is stored in your local environment and if when you are authorizing a package you set cache = TRUE your credentials will be stored in a location like, such as ~/User//Library/Caches/org.R-project.R/R/metricminer/cached-secrets. But this exact location will be specific to your computer. You can retrieve the exact file path of your cached secrets by running this in R metricminer::cached_secrets_folder().

To delete your token on your computer that was collected by metricminer you can run metricminer::delete_creds() and any instances of your credentials and tokens will be deleted from your computer.

Retention or deletion of data

Upon using a metricminer function that collects your data, it will be brought into the R session space. Whether this is written to a file, whether on Google drive or elsewhere is not automatic and up to the user. Data will be local to your computer unless you put it somewhere else.

Data protection policy

We do not collect any data about you and we do not have any access to data that you retrieve by using this package. Security procedures are in place to protect the confidentiality of any that we might come across, and we use best practices, such as encryption and mandatory usage of 2FA, as a matter of course.

Policies for authors of packages or other applications

Do not use an API key or client ID from the metricminer in an external package or tool. Per the Google User Data Policy https://developers.google.com/terms/api-services-user-data-policy, your application must accurately represent itself when authenticating to Google API services.

If you use these packages inside another package or application that executes its own logic — as opposed to code in the metricminer or by the user — you must communicate this clearly to the user. Do not use credentials from the metricminer; instead, use credentials associated with your project or your user.

Contact Us

If you have any questions about this, you can contact us.