Privacy Policy

Effective Date: April 23rd, 2025

Fabrix Security Ltd. ("Fabrix", "we", "us", or "our") is committed to maintaining the privacy, confidentiality, and security of customer data. This Privacy Policy outlines how our Google Workspace integration operates, what data we access, why we access it, and how it is safeguarded. This policy applies specifically to the Fabrix app submitted for verification with Google Cloud.

1. Compliance & Auditing

Fabrix takes a holistic approach to security, covering engineering, infrastructure, and process layers. The platform is SOC 2 Type II certified and ISO 27001 aligned, with regular audits to validate security controls and operational integrity.

Annual third-party penetration testing is conducted on all production systems and applications.
Security incidents and vulnerabilities are triaged and resolved with defined SLAs.
Written security policies are maintained covering GDPR, CCPA, business continuity, disaster recovery, and data handling.
Policies and audit reports are available to customers upon request.

2. Data Access and Scope Usage

The Fabrix app uses a read-only, agentless integration model to collect metadata from your Google Workspace environment. This metadata is used solely to enhance identity security, access visibility, and policy enforcement. Below is a list of the exact scopes requested, along with a justification for each:

User and Group Metadata

admin.directory.user.readonly
Grants read-only access to user profiles (name, email, organizational unit, status). Used to build a real-time inventory of users, detect inactive accounts, and enforce least-privilege access policies.
admin.directory.group.readonly
Provides visibility into Google Groups and their members. Used to identify group-based access relationships and detect overly broad or orphaned groups.

Administrative and Organizational Structure

admin.directory.rolemanagement.readonly
Used to understand delegated admin privileges. Enables Fabrix to analyze privileged access and report on excessive administrative roles.
admin.directory.customer.readonly
Fetches the customerʼs unique Google Workspace ID and metadata. Used to scope tenancy boundaries and provide accurate multi-tenant data mapping.
admin.directory.domain.readonly
Retrieves a list of verified domains. Used to correlate identity data and ensure access policies align across domains under the same organization.
admin.directory.orgunit.readonly
Accesses organizational unit hierarchy. Supports context-aware access analysis and policy tailoring by department or function.

Audit and Usage Reporting

admin.reports.audit.readonly
Grants read-only access to administrator and system event logs. Used to detect abnormal activities, support access reviews, and enhance audit reporting.
admin.reports.usage.readonly
Provides aggregate usage data (logins, app usage, etc.). Used to detect unused accounts, redundant access, and enforce data-driven identity cleanup.

User Identity Confirmation

userinfo.profile
Provides basic user information, including display name and profile photo. Used for user-friendly display of access relationships and activity timelines.
userinfo.email
Retrieves the authenticated user's email address. Used as a primary identifier to correlate access and audit data across identity systems.

3. Access Control

Access to customer systems is exclusively handled by the Fabrix Connectors and Scanners running. These components operate in read-only mode, and no manual access or remote shell access is permitted to the running services. All components are deployed and maintained through Fabrixʼs CI/CD pipeline, with infrastructure as code IaC) managed using Terraform.

Access to customer tenants in the Fabrix Console is limited to authorized Fabrix personnel—such as support engineers or customer success managers—and is only granted under strict RBAC policies and subject to logging and audit. Data accessible by Fabrix staff is limited to identity metadata and reporting outputs, not customer business data.

A limited group of Fabrix DevOps engineers may access the production infrastructure for operational and maintenance purposes, always under audit and approval. Okta is used to manage identity and SSO for internal access, and ZTNA (Zero Trust Network Access) is implemented using Microsoft Entra Secure Access to enforce software-defined perimeters and audit access attempts.

All access requires multi-factor authentication MFA, is governed by leastprivilege principles, and is monitored continuously.

4. Encryption & Data Handling

Data is encrypted by default—in transit using TLS 1.2+ and at rest using AES256.
All metadata collected is stored securely in Amazon RDS and Snowflake, with strict controls on who can access, process, or query that data.

Fabrix does not collect or store customer business data. Only identity metadata is retained, including account names, group membership, permissions, entitlements, and audit logs. Fabrix may also generate intermediate scanning artifacts for classification or reasoning but does not persist these beyond the analysis stage unless required for compliance or reporting.

Fabrix supports tokenization and redaction of certain metadata fields, and in Outpost mode, data can be stored entirely within the customer environment. Fabrix enforces strict tenant isolation using database-per-tenant and logical separation at the infrastructure and data layers, eliminating the risk of cross-tenant data exposure.

5. Purpose of Data Collection

Fabrix uses the data exclusively for identity and access governance purposes, including:

Visualizing identity-to-resource relationships across your environment
Detecting risky access and role violations
Enabling intelligent least-privilege recommendations
Powering workflows for user access reviews and compliance reporting

We do not access, collect, or process user content such as email bodies, attachments, calendar events, documents, or files.

6. Data Sharing

We do not sell, share, or disclose any data to third parties. Data remains within the Fabrix platform and is used solely to deliver the security capabilities described above. All access is scoped and limited to what is strictly necessary.

7. Data Retention and User Control

Fabrix retains metadata only for the duration required to provide identity analytics. Customers retain full control over access to their data and can revoke Fabrix's permissions at any time via the Google Admin Console. Revoking access stops all data collection and processing immediately.

Fabrix maintains clearly defined data retention, backup, and disposal policies. Upon termination of a customer contract, all associated tenant data is securely deleted from databases and backups by Fabrixʼs data handling policy and terms of service.

Sensitive scanning artifacts and metadata collected during active scans are automatically deleted after processing unless explicitly retained for audit or compliance reasons.

8. Contact

If you have any questions about this Privacy Policy, or how your data is handled, please contact us.