Security
How we protect your data and maintain your trust.
We Never See Your Spreadsheets
SheetDog runs entirely in your browser. Your spreadsheet data never touches our servers.
Encrypted Everywhere
All communications use HTTPS/TLS. Organization API keys are encrypted at rest with AES-256-GCM.
Minimal Permissions
We only request the permissions necessary to operate. No access to your Google Drive or files you don't explicitly open.
Your Keys Stay Local
Personal API keys are stored only on your device using Chrome's secure storage. They never leave your browser.
Direct AI Connections
AI requests go directly from your browser to the AI provider. Your prompts and data never route through SheetDog servers.
Enterprise Ready
Chrome Enterprise policy support, custom API endpoints, and organization-level key management for IT teams.
Architecture Overview
SheetDog is a Chrome extension that enhances Google Sheets with keyboard shortcuts and AI-powered editing. Here's how our architecture protects your data:
Browser-Based Processing
All shortcut and formatting functionality runs entirely in your browser. When you press a keyboard shortcut, SheetDog interacts directly with the Google Sheets interface—no data leaves your computer.
AI Data Flow
When using AI editing features, your selected cell data and prompt are sent directly from your browser to the AI provider. This data:
- Goes directly from your browser to the AI provider (Anthropic or xAI)—never through SheetDog servers
- Is sent over encrypted HTTPS connections
- Is never stored or logged by SheetDog
For enterprise customers using custom API endpoints, AI requests go directly from the browser to your organization's endpoint—SheetDog never sees or proxies this traffic.
What We Store on Our Servers
SheetDog stores minimal data to operate:
- Your email and name (from Google sign-in) for account identification
- Your subscription status and AI credit balance
- AI usage records (token counts only—never prompt content or responses)
- Organization settings and member list (Teams tier)
Key Management
SheetDog supports multiple API key sources, each with appropriate security measures:
Personal API Keys
Stored locally on your device using chrome.storage.local. Never transmitted to SheetDog servers. Never synced across devices.
SheetDog-Managed Key
For users on Pro and Teams plans, SheetDog provides a managed API key with monthly credits. The key is delivered to the extension via an authenticated API call and held in the browser session. Usage is tracked per-user via token counts.
Organization API Keys
For Teams tier organizations, admins can provide an API key for their entire team. Two delivery methods are supported:
- Stored in SheetDog: Encrypted at rest using AES-256-GCM with a server-side encryption key. Delivered to the extension via authenticated API calls.
- Chrome Enterprise Policy: Managed entirely by your IT department via Chrome Enterprise (Google Admin Console). The key never touches SheetDog servers—it's provisioned directly to the browser by Chrome policy.
Enterprise Features
Custom API Endpoints
Organizations can configure a custom API endpoint URL to route AI requests through their own infrastructure (e.g., a Claude proxy with MCP tools connected to internal data sources). HTTPS is enforced. The extension requests browser permission for the specific endpoint domain at runtime—no broad network access is granted by default.
Chrome Enterprise Policy Support
IT administrators can provision both API keys and custom endpoints via Chrome Enterprise managed policy, using the Google Admin Console. This allows zero-touch deployment—employees don't need to configure anything. Policy values are read from chrome.storage.managed and never stored on SheetDog servers.
Organization Admin Controls
Org admins control which key sources are available to their members: organization key, SheetDog-managed key, and/or personal keys. This ensures IT can enforce data governance policies.
Session Security
Extension authentication uses industry-standard JWT (JSON Web Tokens):
- Tokens are signed using HS256 algorithm
- 7-day expiration with automatic refresh
- Stored in Chrome's isolated extension storage, inaccessible to web pages
- Session data (including org settings) refreshed from the backend periodically
Google API Scopes
SheetDog requests only the minimum permissions needed to function:
userinfo.email— To identify your accountuserinfo.profile— To display your name and picturespreadsheets— To apply formatting and AI edits to sheets you openscript.deployments— To execute AI operations via Google Apps Script
We do not request access to your Google Drive. The extension can only interact with sheets you actively open while using SheetDog.
Subprocessors
We use the following trusted third-party services to operate SheetDog:
| Service | Purpose | Data Processed |
|---|---|---|
| Google OAuth | Authentication | Email, name, profile picture |
| Stripe | Payments | Payment details (we never see card numbers) |
| Vercel | Website hosting | Web traffic, API requests |
| Neon | Database | Account, subscription, and org data (encrypted at rest) |
| Google Cloud | OAuth, Apps Script API | Authentication tokens |
| Anthropic | AI processing (default provider) | Selected cell data and prompts (direct from browser) |
| xAI | AI processing (optional provider) | Selected cell data and prompts (direct from browser) |
| Resend | Transactional emails | Email address, account notifications |
Contact
For security inquiries or to report a vulnerability, please contact us at sheetdog.app/contact or email admin@sheetdog.app.
For information about how we handle your personal data, see our Privacy Policy.