geexport ("the Service") is a non-commercial academic tool built as part of an EPFL Bachelor project. It connects to your Google Earth Engine account, lets you configure satellite imagery exports, and writes the resulting GeoTIFF files directly to your Google Drive. This policy explains exactly what data we access, why, and how it is handled.
Who we are
The data controller is Hugo Gebel, EPFL STREEM Lab, École Polytechnique Fédérale de Lausanne, Switzerland. For any privacy request, contact hugo.gebel@epfl.ch.
Data we access
When you sign in with Google, you grant the Service the following scopes:
- Profile & email — your name, email address and Google account identifier, used to create your account and your session.
- Earth Engine
(
auth/earthengine) — to run image computations on your behalf against Google Earth Engine. - Cloud Platform
(
auth/cloud-platform) — to identify and use the Google Cloud project you select in Settings, which Earth Engine requires for compute. - Google Drive
(
auth/drive) — to write the exported GeoTIFF files to your own Drive. Exports go straight to your Drive; the Service does not store the rasters on its own servers.
How we use your data
- Authenticate you and keep you signed in (session cookie).
- Store the Google Cloud project ID you choose, so exports can run.
- Securely hold OAuth access and refresh tokens so export jobs can run and resume without forcing you to re-authorise on every action.
- Track the status of your export jobs so you can monitor them live.
We do not use your data for advertising, profiling, or any purpose unrelated to running your exports. We do not sell your data.
Google API Services Limited Use disclosure
The Service's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically: data obtained through Google APIs is used only to provide and improve the export features visible to you, is never transferred to third parties except as needed to provide those features or as required by law, is never used for advertising, and is never read by humans except with your consent, for security, or to comply with the law.
Where your data is processed
The Service relies on a small set of sub-processors:
- Vercel — application hosting and serverless functions.
- Supabase / PostgreSQL — account, session and job metadata storage.
- Google Cloud & Earth Engine — compute and export execution.
Retention and deletion
Account and token data are kept only while your account is active. You can revoke the Service's access at any time from your Google account permissions; doing so invalidates the stored tokens. To have your account and associated metadata deleted, email hugo.gebel@epfl.ch and we will delete it within 30 days.
Your rights
Under the Swiss FADP and the EU GDPR you may request access to, correction of, or deletion of your personal data, and object to its processing. Contact hugo.gebel@epfl.ch to exercise these rights.
Changes
This policy may be updated as the project evolves. The "last updated" date above reflects the current version.