Building Control System
Privacy policy
Last updated 14 July 2026
We use your Google account for exactly one thing: to check whether your email address is on the list of people allowed into the Building Control System. We do not read your mail, your contacts, your calendar, or your files. We could not if we wanted to, because we never ask Google for permission to.
Who operates this
The Building Control System is operated by the Old Apostolic Lutheran Church of Minnetonka, Minnesota. If you have a question about this policy, you can reach the church through its page on the Old Apostolic Lutheran Church of America site.
What Google gives us
When you sign in, Google provides three things about the account you signed in with:
- Your email address
- Your name
- Your profile picture
These come from the basic sign-in permissions (openid, email,
and profile). We request nothing else. There is no permission on this
application that would let it reach any other part of your Google account.
What we do with it
Your email address is compared against a short list of people the church has authorized. If it is on the list, you are let through to the building automation system. If it is not, you are turned away. That is the whole of it.
Your name and profile picture are not used for anything. We receive them because Google sends them with the basic sign-in permissions, not because we need them.
We do not use your information to build a profile of you, to advertise to you, or to combine with information from anywhere else.
What the building system sees
The building automation system behind this door is ordinary commercial software with its own separate sign-in. It does not use your Google identity, it does not act on it, and it does not store it. It does not know or care that we checked you first.
Who else sees it
The sign-in check is run for us by Cloudflare, Inc. When you sign in, Cloudflare records the event, including your email address, the time, and the IP address you connected from, and holds that record under its own retention policy.
Cloudflare processes this for us and for no one else. We do not sell your information, we do not share it with advertisers or data brokers, and we do not give it to anyone else except where the law requires it.
Google’s rules
Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
How long we keep it
The church keeps your email address on the authorization list for as long as you are authorized to use the system, and takes it off when you are not. Cloudflare’s sign-in records are held under Cloudflare’s retention policy, which we do not control.
Turning it off
You can disconnect this application from your Google account at any time at myaccount.google.com/permissions. Doing so stops Google sending us anything, and ends your ability to sign in.
You can also ask to be taken off the authorization list. Removal stops future sign-ins, but a session you already have stays valid until it expires, which can take up to 24 hours.
Changes
If this policy changes, the date at the top of this page changes with it.