You agree to the privacy policy below, and the Privacy Policy for Substack, the technology provider.
Privacy Policy
This privacy policy describes how the Tide Simulator Google Sheets™ add-on (“Tide Simulator”, “the add-on”, “we”, “our”) handles information when you install and use it inside Google Sheets. Tide Simulator is published and operated by Iyad George Atuan (“the developer”).
1. Scope of the add-on
Tide Simulator is an editor add-on for Google Sheets™ that runs Monte Carlo simulations on the spreadsheet you have open. It runs entirely on Google’s Apps Script infrastructure and is invoked from the Sheets Extensions menu.
2. Information we access
When you run the add-on, it accesses only the following:
Cell data in the active Google Sheets™ you have open. This is required to read your inputs (assumptions, ranges, correlations) and to write simulation outputs back to the same sheet. Access is granted by the Google OAuth scope https://www.googleapis.com/auth/spreadsheets.currentonly, which restricts access to the single spreadsheet the user has open at the time the add-on is invoked. The add-on cannot see, list, or open any other spreadsheet in your Drive.
The add-on UI in your browser, granted by https://www.googleapis.com/auth/script.container.ui, which is required to render the add-on sidebar and dialogs.
Apps Script execution context, granted by https://www.googleapis.com/auth/script.scriptapp, which the add-on uses to run simulations and manage triggers within Apps Script.
Your basic Google account profile and email address (userinfo.profile, userinfo.email), which Google adds by default to the OAuth consent screen for any add-on. We use these only to identify your session inside the add-on; we do not store, sell, share, or transmit them anywhere outside the Google environment your add-on is running in.
The add-on does not request, and does not have, access to Gmail, Drive (other than the open spreadsheet), Calendar, Contacts, or any other Google Workspace™ data.
3. How information is used
All processing happens transiently inside Google Apps Script while the add-on is running. Inputs are read from the active sheet, the simulation runs, and the outputs are written back to the same sheet. We do not transmit your spreadsheet contents to any external server, third-party API, analytics service, or AI/ML training pipeline.
4. Data retention
Tide Simulator does not maintain a server or external database. We do not retain any copy of your spreadsheet data after the add-on finishes running. The only persistence is whatever the add-on writes back into your own spreadsheet at your request, which remains entirely under your control inside your Google Drive™.
5. Data protection mechanisms for sensitive data
Although Tide Simulator only uses non-sensitive Google OAuth scopes and only reads the spreadsheet you have open, we apply the following data protection mechanisms to any user data the add-on touches:
Encryption in transit: All communication between your browser, Google Sheets™, and Apps Script occurs over TLS/HTTPS, which is enforced by Google’s infrastructure.
Encryption at rest: Any data the add-on reads or writes resides in Google Sheets™, which Google encrypts at rest as part of Google Workspace™.
Least-privilege scopes: The add-on requests the narrowest possible OAuth scope, spreadsheets.currentonly, so it can only access the single spreadsheet the user has open at that moment, never the user’s full Drive.
No external data egress: The add-on does not call any third-party API, does not send data outside the Google Apps Script execution sandbox, and does not log spreadsheet contents.
No persistent storage by us: We do not run a backend server and do not store user data after a simulation completes.
Access control: Only the authenticated user who invoked the add-on can trigger it on their own spreadsheet. The developer cannot access any user’s spreadsheet data.
Code review and updates: The add-on code is maintained in a private source repository, reviewed before each release, and deployed through versioned Apps Script deployments tied to the Google Workspace™ Marketplace listing.
6. Sharing of information
We do not sell, rent, or share user data with third parties. We do not transfer Workspace API data to a third party except as necessary to provide or improve user-facing features of the add-on, comply with applicable law, or as part of a merger, acquisition, or sale of assets, and only with notice to affected users.
7. Use of Google user data and Limited Use compliance
Tide Simulator’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
The use of raw or derived user data received from Workspace APIs will adhere to the Google User Data Policy, including the Limited Use requirements.
Specifically, Tide Simulator does not:
transfer user data to any third party except as needed to provide or improve user-facing features of the add-on;
use user data to serve advertisements;
allow humans to read user data, except (a) with the user’s affirmative consent for specific messages, (b) when necessary for security purposes such as investigating abuse, (c) to comply with applicable law, or (d) where the data has been aggregated and is used for internal operations in accordance with applicable privacy laws;
use user data obtained through Workspace APIs to develop, improve, or train generalized AI or ML models.
8. Children
Tide Simulator is a financial-modelling tool intended for adult users. It is not directed to children under 13 and does not knowingly collect data from them.
9. Changes to this policy
We may update this policy from time to time. The “Effective date” at the top of the policy reflects the date of the most recent change. Material changes will be communicated via the Marketplace listing.
10. Contact
Questions about this privacy policy or about Tide Simulator’s data practices can be sent to: george.atuan.cfa@gmail.com.