RoughSketch
Back to home

Privacy Policy

Last updated: April 16, 2026

Overview

RoughSketch is a diagram editor that saves your work to your own Google Drive. We do not operate a database for your diagrams and we do not store diagram content on our servers — your diagrams live in your Drive account and are sent directly from your browser to Google. This policy explains the small amount of account and operational data we do handle, why, and how you can remove it.

For a focused summary of how RoughSketch uses data from Google APIs, see the Google API Services Disclosure.

Data we collect

When you sign in with Google, we receive:

  • Your email address, display name, and profile photo URL (from your Google account, via the openid, email, and profile scopes)
  • An OAuth refresh token and short-lived access token issued by Google (used to keep you signed in and to call Google Drive on your behalf)

We do not receive or store payment information, contact lists, location data, or any Google data beyond the scopes listed above.

Google OAuth scopes and why we request each one

  • openid, email, profile — to sign you in and display your name and avatar in the app.
  • https://www.googleapis.com/auth/drive.file — so you can save and load RoughSketch diagrams as files in your own Drive. This is the narrowest Drive scope Google offers: it grants access only to files you open or create with RoughSketch. We cannot see, list, or modify any other files in your Drive.

How we use your data

  • To sign you in and keep you signed in across sessions without asking you to re-authenticate repeatedly
  • To read and write the RoughSketch diagram files you choose to open or create, directly between your browser and Google Drive
  • To display your name and avatar in the app so you know which account is active
  • To diagnose and fix problems with the service (through limited operational logging described below)

We do not use your Google data for advertising, profiling, or to train generalized artificial-intelligence or machine-learning models. We do not sell your data. See the Google API Services Disclosure for our affirmative Limited Use commitment.

How and where we store data

  • OAuth refresh token — encrypted on our server using AES-256-GCM and stored in Cloudflare Workers KV, keyed by your email address. It is only decrypted transiently to request a new access token from Google.
  • Access token — held in server memory for the duration of a single request and never persisted.
  • Session cookie — after sign-in, we set a signed JSON Web Token as an httpOnly, Secure, SameSite=Strict cookie on your browser. Because it is httpOnly, page JavaScript cannot read it, which reduces exposure to cross-site scripting. The cookie is not stored in localStorage.
  • Local drafts — your browser stores drafts of diagrams in the Origin Private File System (OPFS), a sandboxed area scoped to roughsketch.app. On older browsers that do not support OPFS, we fall back to IndexedDB under the same origin. This lets you work offline and recover unsaved changes. Drafts are written by your browser only and are not sent to our servers. They are cleared when you delete the diagram, clear site data, or use a different browser or device.
  • Anonymous-mode scenes — if you use RoughSketch without signing in, your scene is persisted in OPFS (or IndexedDB as a fallback) on your device only. It never leaves your device.

What we do NOT store on our servers

We do not store, cache, index, or analyze the contents of your diagrams. When you open or save a diagram, the file is transferred directly between your browser and Google Drive using your Google access token. RoughSketch's servers are not on that data path.

Third-party services

  • Google LLC — provides authentication (Google Sign-In / Google Identity Services library, loaded from Google's CDN) and file storage (Google Drive). Governed by Google's Privacy Policy.
  • Cloudflare, Inc. — hosts the application (Cloudflare Workers), stores the encrypted refresh token (Workers KV), and provides privacy-preserving web analytics as described below. Governed by Cloudflare's Privacy Policy.
  • Google Fonts — RoughSketch loads the Caveat display font from fonts.googleapis.com and fonts.gstatic.com for visual styling. This is a standard font-hosting service provided by Google; no account information or diagram content is sent as part of font requests. Governed by Google's Privacy Policy.

We do not embed any third-party trackers or share your data with advertisers or data brokers. The services above are the only third parties RoughSketch interacts with.

Analytics and tracking

RoughSketch uses Cloudflare Web Analytics to understand aggregate usage patterns (page views, browser/OS mix, approximate region). Cloudflare Web Analytics is cookieless, does not use fingerprinting, does not track users across sites, and anonymizes IP addresses before storage. No advertising cookies, tracking pixels, or third-party analytics scripts run on this site.

You can further opt out at the browser level by enabling “Do Not Track”, blocking scripts from static.cloudflareinsights.com, or using a privacy extension of your choice.

Operational logging

When your browser talks to the RoughSketch API (for sign-in and token refresh), Cloudflare records standard request metadata such as the request timestamp, HTTP status, user-agent string, and truncated IP address. These logs are retained briefly by Cloudflare for abuse prevention and are not combined with your Google account data.

Data retention

  • The encrypted refresh token is retained in Workers KV until you sign out, revoke access from your Google account, or affirmatively delete it.
  • The session cookie expires automatically and is not renewed after you sign out.
  • Operational request logs are retained by Cloudflare per their standard platform retention (typically days to a small number of weeks).
  • Local drafts in OPFS remain on your device until you clear site data or delete the corresponding diagram.

Your rights and choices

You can exercise the following rights at any time:

  • Access — the account data we hold is limited to the profile fields Google provided. You can view these at any time from the account menu in the app.
  • Revocation — revoke RoughSketch's access to your Google account at myaccount.google.com/permissions. This immediately invalidates the refresh token we hold.
  • Deletion — signing out deletes the encrypted refresh token from Workers KV and clears your session cookie. You can also email us to request deletion directly.
  • Portability — your diagrams are standard.excalidraw-format JSON files in your own Google Drive. You can download, move, or delete them at any time using Drive's own tools.
  • Rectification — the profile fields we display come from your Google account. Update them there; the app picks up the new values the next time you sign in.
  • Complaint — residents of the EEA, UK, or Canada may lodge a complaint with their national or provincial data protection authority. Canadian residents may contact the Office of the Privacy Commissioner of Canada.

Security

  • All traffic between your browser, RoughSketch, and Google is encrypted in transit using TLS.
  • Refresh tokens are encrypted at rest with AES-256-GCM before being written to Workers KV.
  • The session cookie is issued as a signed JSON Web Token with the HttpOnly, Secure, and SameSite=Strict attributes.
  • No system can be guaranteed completely secure; please report suspected vulnerabilities to the contact below.

International data transfers

RoughSketch runs on Cloudflare's global network, and your Google data is hosted by Google in the regions they operate. Your data may therefore be processed outside your country of residence, including in the United States. Where applicable, we rely on the privacy frameworks and contractual safeguards maintained by these providers.

Children's privacy

RoughSketch is intended for users who are at least 18 years old. We do not knowingly collect personal data from children. If you believe a child has used RoughSketch and provided personal data, please contact us and we will delete the associated records.

Changes to this policy

We may update this policy to reflect new features, legal requirements, or changes to our infrastructure. Material changes will be indicated by updating the “Last updated” date above. Continued use of RoughSketch after an update means you accept the revised policy.

Contact

For privacy questions, deletion requests, or to report a concern, email support@roughsketch.app.