Data Security & Google API Compliance — RestoPro
RestoPro is designed to protect Google Business Profile data and restaurant customer feedback data.
OAuth 2.0 Security
RestoPro uses Google OAuth 2.0 for secure authorization. Users grant permission directly through Google. RestoPro never asks for or stores Google passwords.
OAuth Token Handling
OAuth access and refresh tokens are stored securely and access is restricted to authorized systems only. Tokens are revoked and deleted when a user disconnects their Google account or deletes their RestoPro account.
How We Protect Data
RestoPro employs industry-standard security, including AES-256 encryption for stored OAuth tokens and TLS (HTTPS) for all data in transit. We follow the principle of data minimization, requesting only the specific Google Business Profile API scopes necessary to manage your reviews.
AI Processing
Review text may be processed by secure AI providers to generate summaries, sentiment insights, and response drafts. RestoPro minimizes the information sent for AI processing and does not use Google API data to train public AI models.
Access Controls
Internal access to production systems is restricted. Administrative access is limited to authorized personnel and protected by authentication controls.
User Control
Users can disconnect their Google account at any time. Disconnection revokes access and triggers deletion of associated Google Business Profile data within 30 days.
Compliance
RestoPro is designed to comply with the Google API Services User Data Policy and Limited Use requirements.