Advanced Recycling Bin for SharePoint

Privacy Policy

Last updated: 23 April 2026

1. What we do not collect

The Service is designed to minimise what we touch in your Microsoft 365 tenant. Specifically, we do not:

  • store the file contents, text, images, or binary data of any SharePoint item;
  • maintain a persistent index or catalogue of items in your recycling bin;
  • record the names, paths, authors, or metadata of items after your session ends;
  • share, sell, or transmit SharePoint data to third parties for advertising or profiling;
  • train machine-learning models on your SharePoint data.

The Service reads your recycling bin into a per-session cache only while you are actively using it, and destroys that cache when you disconnect or when the session expires.

2. What we keep about your SharePoint tenant

The only SharePoint-related value we retain beyond an active session is the normalised URL of a site that has consumed our one-time free trial. We use this to enforce the trial's one-per-site rule. We do not store anything about the site's contents, owners, users, lists, libraries, or permissions.

3. What we keep about your account

Standard SaaS account data, held only as long as your account exists:

  • your email address, email-verification state, and hashed password;
  • the history of restore jobs you have run (job id, start/end timestamps, item counts, and outcome categories). We do not store the identities or contents of the items themselves;
  • purchase records (plan, quantity, timestamp, Stripe checkout id) so we can reconcile your credit balance;
  • audit events for security-relevant actions (sign-up, sign-in, SharePoint connect and disconnect, restore jobs) with timestamp and correlation id.

4. Authentication and tokens

When you connect your SharePoint session, Microsoft issues a delegated OAuth token that lets the Service call SharePoint on your behalf. The token is held in an encrypted server-side cache keyed to your session. Disconnecting erases the encryption key for that session, which cryptographically destroys any remaining token and cached data for that session. We never hold your SharePoint password.

5. Analytics and marketing

We use basic product analytics to understand which pages get visited, which buttons get clicked, and which parts of the Service need work. This data is aggregated at the page and event level. It does not include any identifier for your SharePoint site, any item metadata, or any content from your tenant.

Marketing pages (landing page, pricing, blog) may use standard web analytics to measure traffic and campaign performance. You can block these with a standard browser tracker-blocker without affecting your ability to use the Service.

6. Payments

Payments are processed by Stripe. Card numbers and billing details are handled by Stripe directly and never transit our servers. We receive only the outcome of the transaction (success or failure), the amount, and the Stripe reference we use to attribute credits to your account.

7. Cookies

We set a single essential cookie to keep you signed in. If we later add optional analytics or marketing cookies, they will be off by default and enabled only with your consent where applicable law requires it.

8. Data location and retention

Account and billing data is held in a managed database in our cloud region and is retained for the life of your account. Recycling-bin snapshots are held only while a SharePoint session is active and are destroyed on disconnect. Audit logs are retained for security and compliance purposes and are purged on a rolling schedule.

When you delete your account, we delete your account record, restore-job history, purchase records, and any active session data. Aggregated, non-identifying analytics may be retained indefinitely as they cannot be traced back to an individual.

9. Your rights

You may request a copy of the personal data we hold about you, ask us to correct inaccuracies, or ask us to delete your account. Send requests via our Contact page. We respond within a reasonable timeframe and always within any period required by applicable law.

10. Changes

We may update this Policy. When we do, we will update the Last updated date at the top and, for material changes, notify registered users by email.

11. Contact

Questions about this Policy or about Advanced Recycling Bin for SharePoint can be sent via our Contact page. See also our Terms & Conditions.

v1.0.0.15