NoCode UploadBack to site

Privacy Policy

Last updated: June 2026

NoCode Upload ("NoCode Upload," "we," "us") lets people create public upload links that deliver files into a connected cloud storage folder (such as Google Drive). This policy explains what we collect, how we use it, and the choices you have. By using NoCode Upload you agree to this policy.

Information we collect

  • Account information. Your email address and authentication credentials, managed by our authentication provider.
  • Connected Google account. When you connect Google Drive, we receive your Google account email, basic profile, and OAuth tokens that authorize uploads to folders you choose.
  • Upload destinations. The Drive folder you select for each upload link (folder ID and name) and your link settings.
  • Upload metadata. For each uploaded file: file name, size, type, the resulting Drive file ID, and a timestamp.
  • Visitor-provided details. Any name, email, message, or custom fields an uploader submits with a file, plus a one-way hashed form of the uploader's IP address used for abuse prevention.
  • Usage and log data. Standard server logs and diagnostic information.

We do not store the uploaded files themselves — files are transferred directly into your connected storage provider.

How we use Google user data

We request the minimum Google Drive permission needed: drive.file. This grants access only to files our app creates and to the specific folder you select via the Google Picker. We use it solely to upload files submitted through your links into that folder. We do not read, view, or index your other Google Drive files.

NoCode Upload's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

How we use your information

  • Operate the service — create links, transfer uploads into your storage, and show you what was received.
  • Send you notifications you enable (e.g. an email when someone uploads).
  • Prevent abuse, enforce limits, and keep the service secure.
  • Provide support and improve the product.

How we store and protect data

OAuth tokens are encrypted at rest. Access to your records is restricted by row-level security so you can only reach your own data. Public upload pages never expose your folder, your storage account, or other people's uploads.

Sharing

We do not sell your data. We share it only with service providers that operate the product on our behalf — our hosting platform, database/auth provider, email delivery provider, and Google (for Drive access) — and where required by law.

Retention and deletion

You can disconnect a storage provider or delete an upload link at any time from your dashboard, which removes the associated tokens and records. To delete your account and associated data, contact us at support@nocodeupload.com. Disconnecting also revokes our access to your Google account; you can additionally remove access at your Google account permissions.

Children

NoCode Upload is not directed to children under 13, and we do not knowingly collect their data.

Changes

We may update this policy and will revise the date above when we do.

Contact

Questions? Email us at support@nocodeupload.com.