Privacy Policy

Last updated: April 2026

1. Overview

This Privacy Policy describes how the IFS API Model tool ("the Service") collects, uses, and handles information when you use it. The Service is an internal tool designed for interacting with IFS REST APIs and managing API template data.

2. Information We Collect

The Service may collect and process the following types of information:

  • API credentials — IFS usernames, passwords, client IDs, and client secrets entered in the IFS Extractor page. These are transmitted directly to your IFS environment and are not stored by this Service.
  • API training data — OData service locations, endpoint URLs, HTTP methods, payload templates, and descriptions that you add to the model. These are stored in the local application database.
  • Prediction history — Queries and results from the prediction interface, stored locally for testing and review purposes.
  • Google account information — If you use the Google Drive integration, your Google OAuth access token is used solely to upload/download files to your own Google Drive. No Google account data is stored on our servers.
  • API keys — Training and statistics API keys are stored in your browser's local storage only.
3. How We Use Information
  • Training data is used exclusively to build and improve the API template matching model.
  • IFS credentials are used only to authenticate with your IFS environment during extraction sessions.
  • Google Drive tokens are used only for the file operations you explicitly trigger.
4. Data Storage

All application data (training examples, prediction history) is stored in a local SQLite database on the server where this application is deployed. No data is transmitted to third-party services except:

  • Your IFS environment (for extraction)
  • Google Drive APIs (only when Drive integration is enabled)
  • Google Identity Services (for OAuth authentication)
5. Google Drive Integration

When you authenticate with Google Drive, the Service requests the https://www.googleapis.com/auth/drive scope to create folders and upload/download files. This access is used only during your active session. Tokens are stored in your browser's session storage and expire within one hour.

6. Data Retention

Training data and prediction history are retained until explicitly deleted by an administrator. Session-based data (OAuth tokens) is cleared when you close your browser tab.

7. Security

The Service is intended for use within a controlled environment. API keys protect administrative endpoints. Passwords and secrets are never logged or persisted beyond their immediate use.

8. Changes to This Policy

This policy may be updated as the Service evolves. Continued use of the Service constitutes acceptance of the current policy.

9. Contact

For questions about this Privacy Policy, please contact your system administrator.

Terms of Service · Back to Home