Privacy Policy

On Google's sign-in consent screen and on assignments created in Classroom, our app is identified as Gradebook. That's the name registered with Google's OAuth platform. The website and product brand remain Sheet2Classroom. Both names refer to the same service operated by the same team — no third party is involved.

When you sign in with Google, Sheet2Classroom (Gradebook) requests access to:

• Your Google profile email and name — to identify you.
• Google Classroom courses where you are a teacher — to let you pick one (read-only).
• Student rosters for courses you teach — to match names in your sheet to students in the class (read-only). Used only in the preview and push.
• Student profile info (name, email when available) — to match sheet rows to Classroom submissions. Personal @gmail.com accounts may hide their email; we fall back to name matching.
• Classroom coursework (create + write grades) — for the push step.
• A single Google Sheet you identify by pasting its URL — read-only, and only the sheet you pasted. We never access any other file in your Drive.

We read your spreadsheet only when you explicitly paste its URL and confirm a push. We never read sheets you haven't selected.

The only data Sheet2Classroom writes back to Google services is: (1) a new Classroom assignment you named, and (2) the grades you explicitly confirmed in the preview. No background jobs. No automation.

• An encrypted session cookie containing your OAuth access token — so you don't have to sign in repeatedly. Tokens are never persisted to a database; they live only in your signed session cookie.
• Push history (last 100 pushes): timestamp, course name, assignment title, count of grades pushed/skipped/failed, and a link to the assignment. No grade values. Stored in Upstash Redis and shown at /app/history. Tied to your email; not shared.
• Grade backups (30-day TTL): when you explicitly update an existing assignment, we snapshot the previous draft and assigned grades of every student on that assignment before overwriting them, so you can restore later. The snapshot includes student userIds, names, and grade values — nothing more. Auto-deleted after 30 days.
• Beta waitlist entries: if you submit the waitlist form on the landing page, we store your email, optional name, submission timestamp, and submitting IP address in Upstash Redis. The IP is used only for rate-limiting and spam review; it's never shared. We remove your entry when you're approved as a tester (or on request).
• Aggregate product metrics: global event counters (sign-in count, push count, restore count, etc.) incremented each time someone uses the product. These are bare integers — no user identifier is attached. Used internally to understand usage volume.
• Operational logs (no spreadsheet contents, no grade values). Logs may include your email, the course ID, the assignment ID, and error messages. Retained for 30 days.

We use the minimum client-side storage required for the product to work. No third-party cookies. No advertising pixels. No cross-site trackers.

• Session cookie (strictly necessary): an encrypted cookie set by NextAuth when you sign in with Google, so you stay signed in across page loads. Cleared on sign-out.
• localStorage — column mapping: when you map spreadsheet columns (email, roll, name, grade) for a given sheet, we remember your choice on your device so you don't have to re-pick them next time. Stored locally in your browser; never sent to us. Delete by clearing your browser's site data.
• localStorage — waitlist submission state: after you submit the beta waitlist form, we remember on your device that you already submitted so we can show "You're on the list" on subsequent visits instead of the form. Local-only, never sent to us.

We use two analytics tools — one cookieless, one that sets cookies:

• Vercel Web Analytics — aggregate page-view traffic. Cookieless by design: uses an anonymized daily hash of your IP + user-agent to count unique visitors; the hash is discarded at the end of each day. No cookie, no cross-site tracker, no profile.
• Microsoft Clarity (opt-in only — off by default). When enabled, Clarity captures session replays, heatmaps, and anonymized click/scroll analytics to help us see where the wizard confuses teachers. It sets cookies (_clck, _clsk, plus a few from *.clarity.ms) that persist up to one year. Form inputs and sensitive fields are automatically masked in replays. Clarity's data sharing is governed by the Microsoft Privacy Statement. Clarity never loads until you click Accept analytics on the consent banner shown on your first visit, and you can revoke consent at any time using the button below.

We do not use Google Analytics, Facebook Pixel, Hotjar, Mixpanel, or any other third-party analytics or advertising product.

• Sell your data.
• Share your data with third parties beyond Google (who we call on your behalf).
• Train machine-learning models on your grades or spreadsheet contents.
• Store spreadsheet contents on our servers after the push completes.

The Chrome extension is a separate artifact from the webapp. It exists to push grades into Classroom assignments the webapp can't update (assignments created directly in the Classroom UI, which Google's API refuses to modify for third-party OAuth clients). Install page and steps: sheet2classroom.app/extension.

What the extension accesses

• classroom.google.com only. The host permission is scoped to https://classroom.google.com/*; the extension injects no code into any other origin and makes no requests to any other host.
• Only the tab you're actively viewing. The activeTabpermission grants the extension access to a tab only while you're interacting with the extension's popup on that tab.
• Your already-authenticated Classroom session. The extension sends grade-save requests as your own browser — using the session cookie Classroom itself set when you signed in. It does not use OAuth, does not request Google API scopes, and does not know your account identity outside of what Classroom's own page exposes.

What the extension stores

• Your last pasted grade range, in chrome.storage.local. A single string, scoped to the installation, never synced to Google or any other device. Used only so the popup can show your last input when you reopen it mid-session. Delete by uninstalling the extension or clearing extension data from chrome://extensions.
• Nothing else. No grade values after the run completes, no student identifiers, no course data.

What the extension transmits

The only network requests the extension makes are to classroom.google.com, to read the student roster from the page you're viewing and to POST grade values via Classroom's own internal save endpoint. No request is sent to any Sheet2Classroom server, no analytics endpoint, no third-party service.

Auditability

The extension's source is shipped unminified inside the Chrome Web Store listing (and in the sideload zip during the review period). Anyone can unzip it and read every line of code that runs in their browser. Same code, identical to what the webapp describes above.

Sheet2Classroom's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

You can revoke Sheet2Classroom's access to your Google account at any time from Google Account → Security → Third-party apps. Revocation is instant; next sign-in will re-prompt for consent.

Questions? Email support@sheet2classroom.app.