Privacy Policy

This Privacy Policy explains how Check Point Harmony Email accesses, uses and protects your data when you connect it to your Google Workspace environment. If you have any questions, please contact us at sara@charlesyadigital.com .

Last updated: February 2026

1. Who we are

Check Point Harmony Email is an email and file security application designed for Google Workspace environments. The application is owned and operated by Charlesya Digital (contact: sara@charlesyadigital.com).

2. Data we access from Google

When you authorize Check Point Harmony Email, we receive an OAuth access token that allows us to call Google APIs on your behalf. Depending on your configuration, the application may access the following categories of data:

2.1 Gmail data

  • Message headers (sender, recipients, subject, dates, routing information).
  • Message body content, including text and HTML content.
  • Attachments (for example PDFs, documents, images or archives).
  • Labels and folder structure.
  • Spam and trash folders when required for remediation.
  • Gmail settings such as filters, forwarding rules and aliases.

2.2 Google Drive data

  • File metadata (names, IDs, paths, owners, permissions, sharing configuration).
  • File content, where required for security scanning.
  • Drive activity and audit information related to file sharing and modifications.

2.3 Account and configuration data

  • Basic profile information for administrators and users (for example, name and email address).
  • Configuration settings you define inside Check Point Harmony Email, such as policies and rules.

3. How we use your data

Check Point Harmony Email uses the data described above solely for the following purposes:

  • Detecting and blocking phishing, malware, spam and other email-borne threats.
  • Identifying suspicious or risky Google Drive files and sharing configurations.
  • Providing alerting, reporting and investigation tools for your security team.
  • Applying your configured policies to messages and files (for example, remediation actions).
  • Maintaining operational logs required to run and secure the service.

We do not use your Gmail or Google Drive data for advertising, for building unrelated user profiles, or for selling to third parties.

4. Google API Services User Data Policy

Our use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy , including the Limited Use requirements.

5. Data retention

We retain data only for as long as necessary to provide the Check Point Harmony Email service, support security investigations, and meet legal or regulatory requirements.

  • Message and file content are typically processed in real time and not stored long-term, except where explicitly required for quarantine, investigation or logging purposes.
  • Security logs and audit trails may be retained for a longer period to help you investigate incidents and meet compliance obligations.

If you require specific retention periods or data handling arrangements, please contact us to discuss configuration options.

6. Data sharing and third parties

We do not sell or rent your data. We may share limited information with third-party service providers that help us operate Check Point Harmony Email (for example, hosting, monitoring or logging providers), but only:

  • To the extent necessary for them to perform their services.
  • Under appropriate contractual safeguards and confidentiality obligations.

We may also disclose information if required by law, regulation, subpoena or court order, or to protect the rights, property or safety of our users or others.

7. Security measures

We implement technical and organizational measures designed to protect your data against unauthorized access, loss or misuse. These measures may include:

  • Encryption in transit using TLS for communication with Google APIs and our services.
  • Access controls and authentication for administrative access to production systems.
  • Logging and monitoring of security-relevant events.
  • Separation of environments and least-privilege access for staff and services.

8. Your choices and administrator control

Access to Check Point Harmony Email is granted by your organization’s Google Workspace administrator. Administrators can:

  • Grant or revoke the OAuth scopes used by the application.
  • Configure which users, groups or organizational units are in scope.
  • Modify product settings and policies.
  • Disconnect the application from your Google Workspace tenant at any time.

9. Children’s privacy

Check Point Harmony Email is intended for use by organizations and is not directed to children. We do not knowingly collect personal information from children under 16 years of age.

10. Changes to this Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date at the top of this page. Your continued use of Check Point Harmony Email after any changes indicates your acknowledgment of the updated Policy.

11. Contact

If you have any questions about this Privacy Policy or our data practices, you can contact us at:

Email: sara@charlesyadigital.com