1. Introduction
Smart Dedup ("the App", "we", "our") is a monday.com marketplace application that helps users find and merge duplicate records in their boards. This Privacy Policy explains how we collect, use, and protect information when you use our App.
2. Data We Access
When you use Smart Dedup, the App accesses the following data from your monday.com account through the official monday.com API:
- Board data: Item names, column values, and column definitions — used exclusively for real-time duplicate detection and comparison.
- User ID: Used to send monday.com bell notifications when enabled by the user.
- Account ID and Board ID: Used to scope the App's functionality to your workspace.
3. How We Process Data
All duplicate detection processing happens client-side within your browser, inside the monday.com iframe. Your board data is:
- Loaded from the monday.com API into browser memory
- Processed by our fuzzy matching algorithms locally
- Never sent to our servers or stored externally
- Cleared when you close the App
4. AI Feature
When the optional AI semantic matching feature is enabled (Pro plan), the App sends only the specific pair of items being analyzed (item names and column values) to the Google Gemini API for semantic comparison. This data is:
- Sent via encrypted HTTPS connection
- Not stored by us — processing is stateless
- Subject to Google's Privacy Policy
- Only sent when the user explicitly enables AI matching
5. Third-Party Services & External Endpoints
The App communicates with the following external endpoints. No analytics, tracking, or advertising platforms are used.
| Endpoint | Used by | Purpose |
|---|---|---|
api.monday.com |
Frontend & Backend | monday.com GraphQL API — read board/column/item data and write merges, signals, and notifications. |
generativelanguage.googleapis.com |
Backend only | Google Gemini API — semantic duplicate detection for ambiguous pairs (Pro / Enterprise plans only, opt-in). |
Both endpoints are reached over HTTPS. The Gemini API key is stored server-side in monday Code Secrets and is never exposed to the browser.
6. Data Storage
monday.com Storage API
The App stores the following user preferences using monday.com's built-in Storage API (data remains within monday.com infrastructure):
- Merge rules and settings (language preference, merge strategy)
- Merge history (item IDs, names, timestamps for audit trail)
- Ignored/whitelisted duplicate pair IDs
Browser localStorage
The App stores the following non-personal data in your browser's localStorage:
- Last scan results (pair IDs only, for scan comparison)
- Whitelisted pair IDs
- Daily scan counter
- Last notification text (to prevent duplicate notifications)
7. Data We Do NOT Collect
- We do not collect personal information (name, email, address)
- We do not use cookies or tracking technologies
- We do not implement analytics or user behavior tracking
- We do not store your board data on external servers
- We do not sell, share, or trade any data with third parties
- We do not use your data for advertising purposes
8. Data Security
We implement the following security measures:
- All API communications use HTTPS encryption
- The App runs within monday.com's secure iframe sandbox
- No data is transmitted to our own servers
- OAuth scopes are limited to the minimum required (boards:read, boards:write, notifications:write)
- API keys are managed server-side, never exposed to end users
9. Data Retention
Since we do not store your data externally, there is no data retention policy needed on our end. Data stored in monday.com's Storage API persists as long as the App is installed. Data in browser localStorage persists until cleared by the user or browser.
10. Your Rights
You have the right to:
- Access: All data the App uses is visible to you within the App's interface
- Delete: Uninstalling the App removes all stored preferences. Browser localStorage can be cleared manually.
- Control: AI features are opt-in. Notifications are opt-in. All features can be enabled/disabled in Settings.
11. Children's Privacy
The App is not intended for use by individuals under the age of 16. We do not knowingly collect data from children.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be reflected on this page with an updated "Last updated" date. Continued use of the App after changes constitutes acceptance of the updated policy.
13. Contact Us
If you have questions about this Privacy Policy or your data, please contact us at:
Email: support@mydeveloper.ma