Privacy Policy for Form Editor for Google Forms
Effective Date: October 10, 2025
Last Updated: October 10, 2025
I. Introduction and Scope of This Policy
Purpose and Agreement
This Privacy Policy (“Policy”) describes how Nice Express (“we,” “us,” or “our”) collects, uses, shares, and protects information in connection with your use of our mobile application, Form Editor for Google Forms (the “Service”). This Policy is a legally binding agreement between you (“user” or “you”) and us. By downloading, accessing, or using the Service, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy. If you do not agree with the practices described in this Policy, you must not use the Service. The primary function of the Service is to provide an artificial intelligence-powered tool for the generation and management of Google Forms by integrating with your Google Account. This Policy is designed to provide you with complete transparency regarding our data handling practices and our unwavering commitment to protecting your privacy.
Key Definitions
To ensure clarity and avoid ambiguity, the following terms will have the meanings ascribed to them below:
Personal Data: Any information that relates to an identified or identifiable individual. This can include, but is not limited to, your name, email address, device identifiers, and any data you provide or that is generated through your use of the Service.
Usage Data: Information collected automatically through the operation of the Service, such as your IP address, device type, operating system, app features used, crash logs, and the dates and times of your access.
Google User Data: Any data accessed from your Google Account via Google’s Application Programming Interfaces (APIs), including but not limited to your basic profile information and the contents of your Google Drive and Google Forms.
Service Provider: A third-party company or individual employed by us to facilitate the Service, provide the Service on our behalf, perform Service-related services, or assist us in analyzing how our Service is used.
Accessibility
This Privacy Policy is available at all times for your review. It is accessible via a direct link within the Service’s settings or “About” menu and is also published on our official website. We are committed to ensuring this Policy is easily accessible, as required by the platform policies of the Apple App Store and the Google Play Store.
II. Our Commitment to Platform Compliance and User Trust
This Service is built upon a foundation of trust and a commitment to adhering to the highest standards of data privacy and security. The app’s functionality involves integration with third-party platforms that have established rigorous rules to protect user data. Acknowledging and respecting these rules is not merely a legal obligation but a core principle of our operation. To that end, we explicitly state our commitment to full compliance with the governing policies of our key platform partners. This section serves as a direct affirmation to our users, as well as to platform reviewers, that our data practices have been designed with these stringent requirements at the forefront. This proactive approach to compliance is intended to streamline platform verification processes and, more importantly, to provide our users with the highest level of confidence in how their data is handled. Our data collection, usage, storage, and sharing practices are designed to be in strict accordance with the following key policies:
The Google API Services User Data Policy: We unreservedly adhere to this policy, with particular attention to the Limited Use requirements applicable to the sensitive and restricted scopes our Service utilizes. This governs all Google User Data we access and is the cornerstone of our data handling for the Service’s core features.
The Google Play Developer Program Policies: Our Service is designed and maintained to comply with all requirements set forth by the Google Play Store for applications distributed on its platform, including those related to user data, permissions, and security.
The Google AdMob & AdSense Program Policies: Our use of Google AdMob for advertising purposes is conducted in strict compliance with all applicable publisher and behavioral policies to ensure a safe and positive ad experience.
The Apple Developer Program License Agreement and App Store Review Guidelines: We are committed to upholding all Apple guidelines, especially those pertaining to user privacy, data collection and storage, and in-app purchases. This includes full compliance with Apple’s requirements for privacy disclosures and the AppTrackingTransparency framework.
III. The Information We Collect
To provide a transparent and easily understandable overview of our data practices, the following table summarizes the categories of data we collect, the primary purpose for that collection, and how that data is handled with respect to user linkage and tracking. This table is designed to align with the data disclosure formats required by the Apple App Store’s “App Privacy Details” and the Google Play Store’s “Data safety” section, ensuring consistency between what we declare on the app stores and what we detail in this Policy. This consistency is a critical component of building user trust and satisfying platform review requirements.
Below, we provide a more detailed explanation of each category of information.
A. Information Accessed via Google APIs (With Your Explicit Consent)
To provide its core functionality, the Service requires access to certain data within your Google Account. This access is only granted after you provide explicit, in-context consent through Google’s standard OAuth 2.0 authentication screen, which clearly lists the permissions the Service is requesting. We adhere strictly to the principle of data minimization, requesting only the permissions necessary to deliver the features of the Service.
Google Account Data: Upon your first login using Google Sign-In, we collect basic profile information associated with your Google Account, such as your name, email address, and profile picture. This information is used solely to create and manage your account within our Service.
Google Drive Scope (/auth/drive): The Service requests permission to access your Google Drive. This permission is used for the specific and limited purpose of allowing you to browse, select, and interact with your files and folders from within our app’s interface. The primary use is to access the content of documents you select to serve as the basis for AI-powered form generation. We do not perform broad, unsolicited scans of your entire Google Drive, and our access is limited to the files and actions you explicitly initiate within the Service.
Google Forms Scope (/auth/forms.body): The Service requests permission to create and edit Google Forms on your behalf. This permission is essential for the Service’s core function: to generate new Google Forms based on your AI prompts or existing documents and to modify existing forms as you direct through the app’s features. All form creation and modification actions are user-initiated.
B. Information Collected for Advertising (via Google AdMob)
To support the free version of our Service, we display advertisements. We have integrated the Google Mobile Ads Software Development Kit (SDK) into our app, which is a third-party service provided by Google. As a result, Google automatically collects certain information for advertising, analytics, and fraud prevention purposes. It is a requirement of both Apple and Google that we are transparent about this third-party data collection.
Data Types Collected by AdMob: The information collected by the Google Mobile Ads SDK includes, but is not limited to:
IP Address: Used to estimate the general location of your device (coarse location) and for ad delivery.
User Product Interactions: Information about how you interact with the app and the ads displayed, such as app launches, taps, and video views.
Diagnostic Information: Performance-related data, including crash logs, app launch time, hang rate, and energy usage.
Device and Account Identifiers: This includes the Android Advertising ID (Ad ID) on Android devices and Apple’s Identifier for Advertisers (IDFA) on iOS devices, as well as an app-set ID. These identifiers are used to serve personalized ads and measure ad performance.
Purpose of AdMob Data Collection: This data is collected and used by Google to deliver, measure, and improve advertising, and to protect against invalid activity. This may include serving personalized ads based on your interests. For more information on how Google uses this data, please review Google’s policy on “How Google uses information from sites or apps that use our services”.
C. Information for Paid Memberships (via Apple Pay)
For users who choose to subscribe to our paid membership, we use Apple’s in-app purchase system, including Apple Pay, to process payments. This system is designed to protect your sensitive financial information.
Division of Responsibility: When you make a purchase, your payment information (such as your credit card number or bank account details) is provided directly to Apple. We do not collect, access, process, or store this sensitive financial data on our servers. Apple handles the transaction securely and in accordance with its own privacy policies.
Transaction Data We Receive: After a successful transaction, Apple provides us with non-financial information necessary to manage your subscription. This includes a unique transaction identifier, the subscription tier you purchased, the purchase date, and the subscription’s expiration date. We use this information to verify your purchase, unlock premium features, and manage your membership status. This membership data is stored on Firebase.
D. Information You Voluntarily Provide
We collect information that you actively and voluntarily provide to us in the course of using the Service.
AI Prompts and Inputs: We collect the text, documents, or other inputs you provide to the AI for the purpose of generating Google Forms. This data is processed to execute your request and deliver the Service’s core functionality.
Support Communications: If you contact us for customer support or to provide feedback, we will collect the information you include in your communications, such as your name, email address, and the content of your message, in order to respond to your inquiry.
E. Information Collected Automatically (Usage and Diagnostics)
To maintain and improve the performance, stability, and user experience of our Service, we automatically collect certain technical and usage information using third-party services, specifically Firebase. We may also use Google Analytics in the future. This includes:
Device and Connection Information: We collect information about the device you use to access the Service, including the device model, operating system version, and unique device identifiers.
Usage Data: We collect information about your interactions with the Service, such as which features you use, the frequency and duration of your sessions, and other performance data. This information is often collected in an aggregated and anonymized form to help us understand user trends and improve our product without identifying individual users.
Crash Data: If the app crashes, we may collect diagnostic reports that include information about the state of the app and your device at the time of the crash. This helps us identify and fix bugs.
IV. How and Why We Use Your Information (Purpose Limitation)
We are committed to the principle of “purpose limitation,” which means we only use the information we collect for specific, explicit, and legitimate purposes. We will not process your data in a manner that is incompatible with these purposes. Each use case described below is directly tied to a specific category of data collected.
A. To Provide, Maintain, and Operate the Service
This is the primary and fundamental purpose for our data collection. All Google User Data accessed from your Google Drive and Google Forms is used exclusively to power the core, user-facing features of the Service, namely the AI-driven creation, editing, and management of Google Forms. This use is in direct compliance with Google’s “Limited Use” policy, which mandates that data from sensitive scopes must be used to provide or improve prominent features that are visible in the application’s user interface.
B. To Display Advertising
Information collected by the integrated Google AdMob SDK is used to display advertisements within the free version of the Service, including the “App Open Ads” format that may appear when the app is launched or brought to the foreground. The core architecture of our Service is built upon a strict separation between the sensitive data required for its primary function and the data used for advertising. The integrity of this separation is critical for both user trust and platform compliance. Google’s API policy is unequivocal: data obtained via sensitive scopes such as /auth/drive and /auth/forms.body cannot be used for serving advertisements. Similarly, Apple’s guidelines require absolute transparency about what data is used for “tracking” across other companies’ apps and websites. Using the content of your Google Drive or Forms to target ads would be a severe violation of these foundational rules. Therefore, we make the following explicit declaration of our “Data Firewall”: The information we access from your Google Drive and Google Forms is never, under any circumstances, used to serve, target, measure, or personalize advertisements. A strict technical and organizational separation is maintained between data processed for the core functionality of our Service and data collected for advertising purposes. This is not merely a policy statement but a reflection of our system’s design, ensuring that your personal and potentially sensitive content is completely isolated from our advertising data streams.
C. To Manage Your Account and Process Payments
We use your Google Account information to create and secure your user account. For subscribers, we use the transaction information received from Apple to manage your membership, grant you access to premium features, and handle any billing-related inquiries you may have.
D. To Communicate With You
We may use your contact information (primarily your email address) to communicate with you for essential Service-related purposes. This includes responding to your support requests, sending you important updates about the Service (e.g., changes to our terms or features), and providing security notices.
E. To Improve Our Service
We use aggregated and anonymized Usage and Diagnostic Data to analyze trends, understand how users interact with our Service, identify areas for improvement, troubleshoot issues, and enhance the overall user experience. This analytical processing helps us make informed decisions about future product development and ensures the stability and reliability of the Service.
V. How We Share and Disclose Your Information
We do not sell your Personal Data. We only share your information with third parties in the specific circumstances outlined below, and we take steps to ensure that any third party with whom we share your data provides a level of protection equivalent to that described in this Policy.
A. With Service Providers
We may engage third-party companies and individuals to perform services on our behalf. These services may include data analytics (such as Firebase) and customer support services. We also use Firebase to store and manage membership data. These Service Providers are granted access to your information only to the extent necessary to perform these tasks on our behalf and are contractually obligated not to disclose or use it for any other purpose.
B. With Google
For Google API Functionality: The very nature of the Service requires a constant exchange of information with Google’s servers. When you create or edit a Google Form or interact with a file in your Google Drive through our app, the relevant data is transmitted to Google’s APIs to execute that action.
For Google AdMob: As described previously, we share advertising-related information with Google through the AdMob SDK. Google uses this information to serve advertisements and provide us with reporting on ad performance. This data sharing is governed by Google’s advertising policies.
C. With Apple
For in-app purchases, we share necessary transaction details with Apple to initiate, validate, and process your subscription payments. This process is managed by Apple’s secure payment infrastructure.
D. For Legal Reasons and to Protect Our Rights
We may disclose your information if we believe in good faith that such disclosure is necessary to:
Comply with a legal obligation, such as a subpoena, court order, or other lawful request by public authorities.
Enforce our Terms of Service or other agreements.
Protect and defend the rights, property, or safety of our company, our users, or the public.
Detect, prevent, or otherwise address fraud, security, or technical issues.
E. In Case of a Business Transfer
If we are involved in a merger, acquisition, divestiture, restructuring, or sale of all or a portion of our assets, your Personal Data may be transferred as part of that transaction. We will provide you with notice before your Personal Data is transferred and becomes subject to a different privacy policy, in accordance with applicable platform requirements.
VI. Google API Services: Specific Disclosures and Limited Use
This section provides specific, prominent disclosures required to comply with Google’s policies for applications that use sensitive or restricted API scopes. Our adherence to these rules is a prerequisite for the Service’s access to Google User Data and is subject to verification by Google. We hereby affirm that our use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. In accordance with this policy, we make the following commitments regarding any Google User Data accessed through restricted scopes (/auth/drive and /auth/forms.body):
Purpose Limitation: We will only use restricted scope data to provide or improve the prominent, user-facing features of the Service as described in this Policy (i.e., AI-powered Google Form generation and management). The data will not be used for any hidden features or purposes not clearly disclosed to you.
Prohibition on Data Transfer: We will not transfer Google User Data to any other party, except when it is:
Necessary to provide or improve the core user-facing features of the Service.
Necessary for security purposes, such as investigating abuse.
Necessary to comply with applicable laws or a binding legal order.
Part of a merger, acquisition, or sale of our assets, but only after obtaining your explicit prior consent.
Prohibition on Advertising Use: We will never use or transfer any Google User Data for serving advertisements. This includes, but is not limited to, personalized advertising, retargeting, or interest-based advertising. This is a strict and absolute prohibition.
Prohibition on Human Access: We will not allow any human to read your Google User Data. The only exceptions to this rule are if:
We have obtained your affirmative, explicit consent to view specific data (for example, to resolve a support issue you have reported).
It is necessary for security purposes (such as investigating a bug or abuse).
It is necessary to comply with applicable law.
The data is aggregated and anonymized and used for internal operations in accordance with applicable privacy laws.
Prohibition on AI Model Training: We explicitly state that we do not use any user data obtained through Google Workspace APIs (including data from Google Drive and Google Forms) to develop, improve, or train any generalized artificial intelligence and/or machine learning models. The AI processing within our Service is limited to executing the specific form-generation tasks you request.
VII. Data Security, Integrity, and Retention
Security Measures
We take the security of your data very seriously and implement appropriate technical and organizational measures to protect it against unauthorized access, alteration, disclosure, or destruction. These measures include:
Encryption in Transit: All data transmitted between your device and our servers, as well as between our servers and third-party services like the Google APIs, is encrypted using industry-standard Transport Layer Security (TLS) protocol. This is a key security practice we declare in our platform data safety disclosures.
Access Controls: We limit access to Personal Data to our employees, contractors, and agents who have a legitimate business need to know that information. They are subject to strict confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
Data Retention
We retain your Personal Data only for as long as is necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Google User Data: We do not permanently store the content of your Google Drive files or Google Forms on our servers. Data is accessed via the APIs in real-time to perform user-initiated tasks. Any data that is temporarily cached to improve performance is retained only for the duration necessary to complete that task and is then securely deleted.
Account Information: We retain your account information (name, email) for as long as your account remains active. If you choose to delete your account, this information will be deleted in accordance with our data deletion procedures.
Usage and Transaction Data: Aggregated and anonymized usage data may be retained for longer periods for statistical purposes. Transaction data related to your subscription is retained for the period required by financial and tax regulations.
VIII. Your Privacy Rights and Choices
We believe in providing you with meaningful control over your Personal Data. Depending on your location and applicable law, you may have the following rights regarding your information.
A. Accessing and Managing Your Data
Google Account Permissions: You can review, manage, or revoke the permissions you have granted to our Service at any time through the “Third-party apps with account access” section of your Google Account security settings page. Revoking permission will limit or disable the functionality of the Service.
In-App Account Information: You may be able to access and update certain account information directly within the Service’s settings.
B. Data Deletion
You have the right to request the deletion of your account and the Personal Data associated with it. You can make this request by contacting us through the channels provided in the “How to Contact Us” section below. Upon receiving and verifying your request, we will delete your data, subject to any legal or regulatory retention requirements.
C. Controlling Advertising and Tracking
You have choices when it comes to the use of your information for advertising purposes.
For iOS Users: Our Service will comply with Apple’s AppTrackingTransparency (ATT) framework. We will present you with a prompt requesting your permission to “track” you across other companies’ apps and websites before we collect and share your device’s Identifier for Advertisers (IDFA) with our advertising partners like Google AdMob. “Tracking” in this context refers to linking your user or device data with data from other sources for targeted advertising or ad measurement. You can grant or deny this permission, and your choice will be respected at all times.
For All Users: You can limit ad tracking on your mobile device through its operating system settings. On Android, you can go to Settings > Privacy > Ads and choose to “Delete advertising ID” or “Reset advertising ID.” On iOS, you can go to Settings > Privacy & Security > Tracking to control which apps are allowed to track you. These actions will limit, but not entirely eliminate, the collection of data for personalized advertising.
D. Regional Privacy Rights (e.g., GDPR, CCPA/CPRA)
If you are a resident of the European Economic Area (EEA), the United Kingdom, California, or another jurisdiction with applicable data protection laws, you may have additional rights, which can include:
The right to access: The right to be informed of and request access to the Personal Data we process about you.
The right to rectification: The right to request that we amend or update your Personal Data where it is inaccurate or incomplete.
The right to erasure (the right to be forgotten): The right to request that we delete your Personal Data.
The right to restrict processing: The right to request that we temporarily or permanently stop processing all or some of your Personal Data.
The right to object: The right to object to us processing your Personal Data.
The right to data portability: The right to request a copy of your Personal Data in an electronic format and the right to transmit that data for use in another party’s service. To exercise any of these rights, please contact us using the details provided below.
IX. Children’s Privacy
The Service is intended for a general audience and does not have a specific age restriction; however, it is not directed at children under the age of 13 (or any higher age threshold required by applicable law in your jurisdiction). We do not knowingly collect Personal Data from children. If we become aware that we have inadvertently collected Personal Data from a child without verification of parental consent, we will take steps to delete that information from our servers as quickly as possible. Furthermore, we are aware of and committed to complying with platform-specific policies regarding children, such as Google Play’s Families Policy. If an ad request is identified as being for a child, certain identifiers, such as the advertising ID, will not be transmitted to our advertising partners. If you are a parent or guardian and you believe that your child has provided us with Personal Data, please contact us immediately so that we can take necessary action.
X. International Data Transfers
Our Service is operated globally. If you are using the Service from outside the United States, please be aware that your information, including Personal Data, may be transferred to, stored, and processed in the United States and other countries where our servers or service providers are located. The data protection laws of these countries may differ from those of your country of residence. By using the Service, you consent to the transfer of your information to our facilities and to the third parties with whom we share it as described in this Privacy Policy.
XI. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the “Last Updated” date at the top of this Policy. If we make a material change, we will provide you with notice through the Service or by other means, such as email, to provide you with the opportunity to review the changes before they become effective. Critically, if we ever change the way our application accesses, uses, stores, or shares Google User Data, we will notify you and prompt you to consent to an updated Privacy Policy before we implement such changes. This is a strict requirement of the Google API Services User Data Policy, and we are committed to upholding it to ensure your continued, informed consent. Your continued use of the Service after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy.
XII. How to Contact Us
If you have any questions, comments, or concerns about this Privacy Policy or our data practices, or if you wish to exercise any of your privacy rights, please do not hesitate to contact us. You can reach our privacy team at:
Nice Express
Attn: Privacy Officer
Email: info@formsgen.com
We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy.