Legal / Privacy
Privacy at
DriveShift.
Your migration graph — folders, files, identities, permissions — is your organization's data. Here is exactly what DriveShift keeps and why.
What we store
DriveShift stores organization, user, tenant-connection, migration-job, inventory, permission, session, and audit records in Postgres.
Authentication
Google user login is handled through OAuth. DriveShift does not store user passwords — identity is verified by Google and kept as an organization-scoped server session with an HttpOnly secure cookie.
Tenant credentials
Tenant service-account payloads are designed to be encrypted before storage and are scoped to your organization.
Audit trail
Authentication and migration actions are written to an audit log tied to your organization, actor, and session.
Status of this policy
Replace this summary with reviewed legal policy text before production launch.