DriveDock Privacy Policy
Last updated:
The short version
- DriveDock collects no personal data and sends no telemetry to any server.
- Google OAuth tokens are stored exclusively in the macOS Keychain.
- DriveDock only asks for the drive.filescope, so it physically can't touch files it didn't upload.
- All source code is publicly auditable on GitHub.
1. Overview
DriveDock is a native macOS app built by a small group of contributors. It's free, it's open source, and it's released under the MIT License. This page is the privacy policy.
The short version is that we don't run a server. There's no analytics backend, no crash reporting service, no telemetry pipeline. The only network calls the app makes go to Google's own APIs.
2. What we don't collect
DriveDock does not collect, transmit, or store any of the following:
- Your name, email, or profile info
- The names, contents, or metadata of your files
- Usage stats, feature analytics, or interaction logs
- Crash reports or diagnostic data
- Your IP address or device identifiers
- Anything about your Drive folder structure
3. Google sign-in
DriveDock uses Google's OAuth 2.0 flow to get permission to upload on your behalf. When you sign in:
- You go to Google's sign-in page directly. DriveDock never sees your Google password.
- DriveDock asks for the
https://www.googleapis.com/auth/drive.filescope. That scope only covers files the app itself creates or uploads, nothing else in your Drive. - The access and refresh tokens get stored in the macOS Keychain (the same encrypted store Safari uses). They never get written to a regular file, a database, or a cloud service.
- Tokens only ever travel to Google's own servers (
accounts.google.comandwww.googleapis.com).
4. What happens when you drop a file
The file is read from your disk using macOS security-scoped bookmarks and streamed straight to Google Drive's upload endpoint. The data path is your disk, then Google's API. Nothing in between.
The app does keep a local upload history (file name, size, timestamp, destination, speed, status) so you can see what you uploaded and find it in Drive. That history stays in the app's container on your Mac. It's never synced anywhere.
5. Where the app talks to the network
Only two places:
accounts.google.comfor sign-in and token refreshwww.googleapis.comfor the Drive API (uploads, folder creation, listing Shared Drives)
No requests go to anything we run. No third-party analytics, ads, or error reporting services.
6. What's on your Mac
The app stores three things locally, that's it:
- OAuth tokens in the macOS Keychain
- Settings like your default upload destination and concurrency, in the app's sandboxed preferences
- Upload history in a local database inside the app container
To wipe everything, delete the app and clear its Keychain entries. That's the whole footprint.
7. Third parties
The only third party involved is Google. The Drive API is governed by Google's Privacy Policy and the Google APIs Terms. After a file reaches Drive, it's subject to Google's data practices, not ours.
8. Kids
DriveDock doesn't collect info from anyone because it doesn't collect info, period. We don't direct the app at children under 13 and we don't knowingly track them.
9. The source
Everything is on GitHub at github.com/sayuru-akash/drivedock. If you want to check the privacy claims in this document against the actual code, please do. That's the easiest way to know if we're being honest.
10. Changes
If this policy changes in a meaningful way, we'll update the date at the top of this page and call it out in the release notes for the next version. We don't have a way to email you about it since we don't have your email, so check back if you care.
11. Questions
Open an issue on GitHub. We read everything and reply when we can.
12. Legal stuff
This policy is a good-faith disclosure. We're not a company, we're not a data controller in the GDPR sense, and the app doesn't collect personal data in the first place. If you need this for compliance, the source is the answer.