1. Introduction
  2. Welcome to our Privacy Policy. We at Excel Engineering respect your privacy and are committed to protecting your personal data. This privacy policy will inform you about how we handle your personal data, your privacy rights, and how the law protects you.

    This Privacy Policy specifically pertains to our products listed below and aims to provide transparency about our data protection practices. By using our service(s), you confirm that you have read and understood this Privacy Policy.

    Products to which this Privacy Policy pertains:
    Sheet Sherpa (Sheet Switcher)
    Book Butler (Workbook Configuration Controller)
    Row Rider (Row Reviewer/Editor)
    Flow Finder (Advanced Reference Report)

  3. Introduction
  4. At Excel Engineering, we adhere to the principle of data minimization, which means we only collect data that is necessary for the provision of our services. When you sign up for and use any of our products, we collect the following personal data:

    Microsoft user ID: This ID is provided by Microsoft during the Single Sign-On (SSO) process. We do not have any control over this ID; it's purely handled and managed by Microsoft.

    Stripe customer ID: This ID is provided by Stripe, our payment service provider, once you sign up for our paid features. This ID is exclusively managed by Stripe.

    Apart from these two pieces of data, we do not collect or store any additional personal information. All other data required for the functionality of the add-in is either not stored or is stored locally on your device, ensuring that such data never leaves your device.

  5. Information Use
  6. The collected information, i.e., your Microsoft user ID and Stripe customer ID, is primarily used for two purposes:

    Authentication: We use your Microsoft user ID to authenticate your identity and provide access to our add-in.

    Identification: We use the combination of your Microsoft user ID and Stripe customer ID to identify your user account, especially in cases where you opt for our paid features. This identification allows us to check your subscription status by querying Stripe directly, using your Stripe customer ID.

    We assure you that the collected data will not be used for any purpose other than those stated above. We do not track your behavior, conduct profiling, or perform any other activity that might compromise your privacy.

  7. Information Sharing
  8. At Excel Engineering, we respect your privacy rights and keep your personal data confidential. We do not sell, distribute, or lease your personal data to third parties unless we have your explicit consent or are required by law to do so.

    However, it's necessary to clarify the two instances where your data interacts with third-party services:

    Microsoft: The Microsoft user ID is provided by Microsoft's Single Sign-On (SSO) service. As such, during the authentication process, your user ID is handled by Microsoft, adhering to Microsoft's Privacy Policy.

    Stripe: The Stripe customer ID is provided by Stripe, our payment service provider. Whenever you sign up for our paid features, we will use Stripe's payment services, and Stripe will handle your customer ID, adhering to Stripe's Privacy Policy.

    In both instances, we have no control over these third-party entities. Therefore, we encourage you to review their privacy policies to understand how they handle your data.

    Internally, we restrict access to your personal data to those team members who need to know this information to provide our services to you. They are bound by confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.

    We want to reassure you that protecting your data is our priority, and we implement all necessary measures to prevent unauthorized access or disclosure of your data.

Data Protection

Your data's safety is a priority for us. Despite only collecting exactly two data points on our users – both of which are automatically generated and allocated by their respective sources (Microsoft and Stripe), we have implemented robust measures to ensure the protection of the information we collect, as described below:

  1. Encryption:
  2. All data that we store and transmit is secured using industry-standard encryption techniques. This includes the user IDs that are in our possession. Encryption ensures that even in the unlikely event of an unauthorized breach, the intercepted data cannot be easily deciphered and misused.

  3. Access Control:
  4. Access to the data we collect is strictly controlled and limited to authorized personnel who require this information to provide our service. We employ stringent access control measures to prevent any unauthorized access to your data.

  5. Regular Audits:
  6. We conduct regular audits of our systems and practices to monitor and maintain the integrity of our data protection measures. This includes inspecting who has access to the data and investigating any suspicious activities.

  7. Compliance with Laws and Regulations:
  8. We are committed to adhering to all relevant laws and regulations concerning data protection. This includes the General Data Protection Regulation (GDPR) if our services are provided within Europe, and the California Consumer Privacy Act (CCPA) if we provide services within the State of California, amongst others.

  9. Data Backup:
  10. We conduct regular backups of the data we possess to protect it from potential loss or damage due to technical failures or cyberattacks. Our backup processes are designed to ensure quick restoration of data if necessary.

  11. Incident Response:
  12. We understand that even with the most secure measures in place, incidents can occur. In such an unlikely event, we have a response plan in place that includes notifying affected users promptly and taking swift measures to mitigate any potential damage.

Our commitment to these principles demonstrates our dedication to ensuring your data is safe and secure with us. We continuously evaluate our practices and improve upon them to stay ahead of potential threats.

Data Retention

We maintain a minimalist approach to data collection and storage, keeping only what is necessary to facilitate the functioning of our service. We store the Microsoft User ID and Stripe Customer ID on our servers, and we retain this data only for as long as it is required to serve its purpose. When the data is no longer needed, for example, if you choose to discontinue our services, we will delete this data in accordance with applicable laws and regulations. We will also periodically review the data we hold and securely erase any data that we no longer need.

User Rights

We acknowledge and respect the rights you have concerning your data, including:

  1. Right to Access:
  2. You have the right to request a copy of the data we hold about you.

  3. Right to Rectification:
  4. If you believe that the data we have about you is inaccurate or incomplete, you have the right to ask us to correct it.

  5. Right to Erasure:
  6. You can ask us to erase your data if you no longer wish for it to be used, provided that there are no legal requirements for us to keep it.

  7. Right to Restrict Processing:
  8. You can ask us to stop processing your data if you contest its accuracy, believe its processing is unlawful, or if you want us to retain your data beyond the period it is required for us to fulfill our services, for the establishment, exercise or defense of legal claims.

  9. Right to Data Portability:
  10. Where applicable, you have the right to request that we transfer your data to another organization or to you, in a structured and commonly used format.

  11. Right to Object:

You can object to our processing of your data if it is based on legitimate interests or if it is being used for marketing purposes.

If you wish to exercise any of these rights, please contact us through the contact information provided on our website. Please note that we may need to verify your identity before proceeding with your request. If you are not satisfied with our response, you have the right to lodge a complaint with the relevant supervisory authority.

Third-Party Services

Our add-in may contain links to other services or products that are not operated by us. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party services. We strongly advise you to review the privacy policy of every site you visit.

One such third-party service used by us is Stripe. Stripe is used for handling payments on our service. Stripe operates independently from us and has its own privacy policy, which we strongly suggest you review. This Privacy Policy does not apply to Stripe. View Stripe's Privacy Policy.

Please note that we do not have any control over and are not responsible for the privacy practices of such third parties. Therefore, we cannot guarantee the absolute security of your information. We encourage our users to be aware when they leave our service and to read the privacy policies of each and every service that collects personally identifiable information.

Changes to This Privacy Policy

We reserve the right to update or change our Privacy Policy at any time. We will notify you of any changes by posting the new Privacy Policy on this page. These changes will be effective immediately after they are posted on this page. Your continued use of our services following the posting of the revised Privacy Policy means that you accept and agree to the changes. If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.

Please review this Privacy Policy periodically for any changes. Dates of the any updates will be posted at the top of this page.

If you have any questions about this Privacy Policy, you can contact us: