Google integrations · Reviewed July 18, 2026

Google access, explained clearly.

Google connections are optional. Lumen asks for a permission only when you connect the matching feature, uses it to complete actions you request, and lets you disconnect at any time.

In context

Separate connection for each service

Drive, Gmail, Calendar, and YouTube are authorized separately so one feature does not silently unlock another.

Least privilege

Permissions map to visible features

Read and write permissions are limited to the operations described below; Lumen does not request delete access.

User control

Approval before consequential actions

Sending mail, creating events or documents, RSVPing, and uploading videos require an explicit user action or approval.

Revocable

Disconnect whenever you choose

Disconnecting deletes Lumen's stored authorization for that service. Access can also be revoked in your Google Account.

1. Choose Connect

You start from the relevant Lumen feature.

2. Review Google consent

Google shows the account and requested permissions.

3. Use the feature

Lumen calls Google only for the action you request.

4. Disconnect

The encrypted server-side authorization record is deleted.

Permissions and why they are necessary

Google service and OAuth scopeUser-facing use in Lumen Doc HubWhy a narrower permission is not enough
Google identity
openid
email
profile
Sign in to Lumen with Google and show which Google account is connected to an optional service.Lumen receives only the account identifier, name, email address, and profile image needed for sign-in and account transparency.
Google Drive
https://www.googleapis.com/auth/drive.readonly
Search the user's Drive, read a file the user selects from results, import Google Sheets or CSV data, and refresh an explicitly connected spreadsheet.The feature searches files the user already has across Drive. drive.file alone cannot discover or read those existing files unless each is first opened with Lumen.
Google Drive
https://www.googleapis.com/auth/drive.file
Create a new Google Doc only when the user approves a “create Drive document” action, and access files created or opened through Lumen.The read-only scope cannot create a document. drive.file is the narrow write permission and does not grant general write or delete access across Drive.
Gmail
https://www.googleapis.com/auth/gmail.readonly
Search the user's mailbox and read a message the user asks Lumen Agent to summarize or use in a task.Metadata-only access does not provide the message body required for the user-requested reading and summarization feature. Lumen does not request modify or delete access.
Gmail
https://www.googleapis.com/auth/gmail.send
Send a new email or reply after Lumen shows the action and the user approves it.This is Google's send-only permission. It does not allow Lumen to edit mailbox state or delete messages.
Google Calendar
https://www.googleapis.com/auth/calendar.events
List and search events, create an event the user approves, and RSVP to an event at the user's direction.The feature needs both event reading and event changes. Lumen does not request access to Calendar settings or unrelated Google account data.
YouTube
https://www.googleapis.com/auth/youtube.upload
Upload only the finished video the user chooses from Lumen Design, with the title, description, tags, audience, and visibility the user reviews.This is Google's upload-only scope. It does not grant permission to read, edit, or delete the user's existing videos.

How Google user data is handled

  • Access and use. Lumen accesses Google data only after the user connects that service and only to provide the visible feature described above.
  • Storage. OAuth access and refresh tokens are encrypted at rest in Lumen's server-side vault. Google file, email, and calendar responses are not routinely retained as a separate server-side dataset. Content can remain in a local Lumen document or task history when the user chooses to use or save the result.
  • AI-assisted tasks. When a user explicitly asks Lumen Agent to summarize or transform connected content, the content needed for that request may be sent through Lumen's managed backend to the AI processor identified in our Privacy Policy. It is used only to return that user-facing result, not for advertising or to train generalized AI models.
  • Sharing. Lumen does not sell Google user data, use it for targeted advertising, or disclose it to data brokers. A service provider receives data only when needed to deliver the user-requested feature, protect the service, or comply with law.
  • Human access. Lumen personnel do not read Google user data unless the user gives explicit permission for specific support, access is necessary to investigate abuse or a security incident, or access is required by law.
  • Retention and deletion. The connector authorization remains until the user disconnects, revokes access at Google, or deletes the Lumen account. Disconnecting deletes the stored connector token record. Locally saved results remain under the user's control.

Limited Use. Lumen Doc Hub's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including its Limited Use requirements.

Your controls

  1. Connect only the Google service you want from its feature in Lumen Doc Hub.
  2. Review Google's consent screen before granting access.
  3. Review consequential actions in Lumen before they are sent to Google.
  4. Use Disconnect in Lumen to delete the stored connector authorization, or revoke Lumen Doc Hub from your Google Account's third-party access controls.
  5. Request account and associated cloud-data deletion by emailing privacy@lumenqube.com.

For the complete legal disclosure, including subprocessors, security, retention, international transfers, and privacy rights, read our Privacy Policy. For help connecting or disconnecting a service, contact support@lumenqube.com.