Can I sync ClickUp to Google Sheets automatically?

Yes. ClickBridge syncs ClickUp tasks, time tracking, and custom fields to Google Sheets on a schedule. No manual exports, no copy-pasting, no code required. You connect ClickUp, choose which lists or views to sync, and your sheet updates automatically.

Does ClickUp have a native Google Sheets integration?

No. ClickUp does not provide a native sync to Google Sheets. You can manually export tasks to CSV, but the export is static, requires re-running every time data changes, and breaks if you change your list structure. There is no native time-tracking export to Sheets.

Do ClickUp integrations miss tasks in multiple lists?

Yes — most do. ClickUp's "Tasks in Multiple Lists" feature lets a task appear in several lists at once. Most sync tools query the list endpoint, which only returns tasks physically homed in that list. Mirrored tasks are silently excluded. ClickBridge syncs by view, which captures every task visible in the list — including mirrored ones.

Will my data duplicate on each sync?

No. ClickBridge uses upsert logic — each task or time entry is keyed by its ClickUp ID, so existing rows are updated in place rather than appended. Your sheet stays clean across thousands of syncs.

Can I choose which fields to sync?

Yes. You select which lists or views to sync, which custom fields to include, and whether to include closed tasks, subtasks, and descriptions.

How often does the sync run?

Sync runs on a schedule you control. Scheduled sync is the right architecture for reporting use cases — dashboards, weekly reviews, billing — where predictable, reliable data matters more than instant updates.

Can I sync time tracking to Google Sheets?

Yes. ClickBridge exports ClickUp time entries to Google Sheets — manually for any date range, or on a recurring weekly or monthly schedule. You can filter by space, folder, or list, and include or exclude billable-only entries.

Can ClickUp roll up custom field values from subtasks?

No. ClickUp's native rollup field works for time tracked and time estimated, but not for numerical custom fields, formulas, or currency. This has been a top community feature request since 2020 and is still not on ClickUp's committed roadmap. ClickBridge aggregates these values automatically and writes them back to parent tasks.

Do I need Zapier or Make?

No. ClickBridge replaces those automation chains for ClickUp-to-Sheets sync. You don't pay per task, you don't build a flow, and you don't troubleshoot broken automations when ClickUp's API changes.

No. ClickBridge syncs on a schedule. For reporting use cases, scheduled sync is more reliable than real-time and avoids the failure modes of event-driven pipelines for every change.

Privacy Policy

Effective date: 16 April 2026

Last updated: 16 April 2026

Who we are

This Privacy Policy explains how Thinkual S.A.S ("we", "us", "our", or "Thinkual"), a French simplified joint-stock company (société par actions simplifiée), collects, uses, stores, and protects your personal data when you use ClickBridge (the "Service"), our SaaS platform that syncs and transforms data between ClickUp and Google Sheets.

Data controller:

Thinkual S.A.S

627 Chemin Des Litauds

71250 Sainte Cécile, France

Privacy and data requests: privacy@click-bridge.com

Supervisory authority:

Commission Nationale de l’Informatique et des Libertés (CNIL)

3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07, France

Website: www.cnil.fr

What data we collect

We collect and process the following categories of personal data:

Account data — When you create a ClickBridge account, we collect your name, email address, and authentication credentials. If you sign up via a third-party identity provider, we receive the profile information you authorise that provider to share.

Billing data — If you subscribe to a paid plan, we collect payment information (processed by our payment provider), billing address, invoice details, and transaction history. We do not store full payment card numbers on our systems.

Integration credentials — When you connect ClickUp or Google Sheets to ClickBridge, we securely store the OAuth tokens and refresh tokens necessary to maintain your authorised connections. These tokens grant ClickBridge access only to the scopes you have approved.

Sync configuration data — We store your sync settings, including which ClickUp workspaces, spaces, lists, and fields you have selected, which Google Sheets spreadsheets are linked, your mapping rules, rollup definitions, scheduling preferences, and transformation configurations.

ClickUp workspace data — To perform sync operations, calculate rollups, and run scheduled jobs, ClickBridge accesses and may temporarily cache data from your ClickUp workspace. This includes task data, time tracking entries, custom field values, list and folder structures, and workspace metadata. This data is processed and may be temporarily cached solely for service functionality and is not retained beyond what is necessary to complete sync operations and scheduled jobs.

Google Sheets data — ClickBridge accesses your Google Sheets spreadsheets to write synced and transformed data. We use the Google Sheets API (spreadsheets scope) and, optionally, the Google Drive API (drive.file scope, limited to files you specifically select). We read spreadsheet structure to configure syncs and write data as directed by your sync configuration.

Usage and log data — We collect technical information about how you use the Service, including IP addresses, browser type, pages visited, feature usage, error logs, and timestamps. This data helps us maintain, secure, and improve the Service.

How we use your data

We process your personal data for the following purposes, each with a corresponding legal basis under Article 6 of the GDPR:

Where we rely on legitimate interest, we have conducted a balancing assessment to ensure our interests do not override your fundamental rights and freedoms. You may contact us at any time to request information about these assessments

Purpose

Providing and operating the Service (account management, authentication, executing syncs, calculating rollups, running scheduled jobs)

Processing payments and maintaining billing records

Maintaining security, preventing fraud, and investigating abuse

Improving and developing the Service, including analytics on feature usage and performance monitoring

Communicating with you about your account, service updates, and technical notices

Sending marketing communications (only with your prior consent)

Complying with legal obligations, including tax and accounting requirements, and responding to lawful requests from authorities

Data categories

Account data, integration credentials, sync configurations, ClickUp data, Google Sheets data

Billing data

Account data, usage and log data, integration credentials

Usage and log data (aggregated or pseudonymised where possible)

Account data

Account data (email)

Account data, billing data

Legal basis

Performance of contract (Art. 6(1)(b))

Performance of contract (Art. 6(1)(b)) and Legal obligation (Art. 6(1)(c)) for retention of accounting records

Legitimate interest (Art. 6(1)(f)) — our interest in protecting the Service, our users, and our infrastructure

egitimate interest (Art. 6(1)(f)) — our interest in understanding how the Service is used to improve it

Performance of contract (Art. 6(1)(b))

Consent (Art. 6(1)(a)) — you may withdraw consent at any time

Legal obligation (Art. 6(1)(c))

Where we rely on legitimate interest, we have conducted a balancing assessment to ensure our interests do not override your fundamental rights and freedoms. You may contact us at any time to request information about these assessments

Google user data: Limited Use disclosure

ClickBridge’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, ClickBridge:

• Limits use of Google user data to providing and improving the user-facing features of the Service that are prominent in the ClickBridge interface (syncing, transforming, and aggregating data between ClickUp and Google Sheets).

• Does not transfer Google user data to third parties, except as necessary for service provision (infrastructure sub-processors), for security purposes, or to comply with applicable law.

• Does not use Google user data for serving advertisements, retargeting, personalised or interest-based advertising, determining creditworthiness, or lending purposes.

• Does not sell Google user data to any third party, including advertising platforms, data brokers, or information resellers.

• Does not use Google user data to create, train, or improve machine learning or artificial intelligence models, whether generalised or otherwise.

• Does not allow humans to read Google user data unless you have given affirmative agreement, it is necessary for security purposes (such as investigating a bug or abuse), it is necessary to comply with applicable law, or the data is aggregated and anonymised and used for internal operations in accordance with applicable privacy law.

Who we share your data with

We do not sell your personal data. We share personal data only in the following circumstances:

Sub-processors and third-party services — We use a limited number of third-party service providers to operate the Service. These providers process data only on our instructions (sub-processors) or in accordance with the integrations you authorise (third-party services). All are bound by appropriate contractual and legal safeguards. Our current providers are listed in the next section

Legal requirements — We may disclose personal data where required by law, regulation, legal process, or enforceable governmental request, or where necessary to protect our rights, safety, or property, or those of our users.

Business transfers — In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the successor entity. We will notify you of any such transfer and any changes to this Privacy Policy. For Google user data, such transfers will only occur with your explicit prior consent.

Sub-processors and third-party services

The following table lists the sub-processors and integrated third-party services that handle data in connection with the Service.

Provider

Supabase

Qonto

Mailgun (provided via Lovable Cloud)

Google (Google Sheets API / Google Drive API)

ClickUp (Mango Technologies, Inc.)

Role

Sub-processor

Integrated third-party service (user-authorised)

Purpose

Database hosting, authentication, backend functions

Payment processing (hosted payment page)

Transactional email delivery. Emails are sent via Lovable’s managed email API, which uses Mailgun under the hood

Writing and reading data in user-authorised spreadsheets

Reading authorised workspace, task, time-tracking and custom-field data

Location

EU / United States (depending on project region)

France (EU

Lovable AB (Sweden, EU); Mailgun (Sinch Email, United States)

Global

United States

Transfer mechanism

EU-US Data Privacy Framework and SCCs where data is processed in the US

Intra-EU processing — no international transfer

Intra-EU processing via Lovable, with SCCs and EU-US DPF for onward transfer to Mailgun

EU-US Data Privacy Framework and SCCs. Also governed by Google’s own terms and privacy policy.

SCCs and EU-US Data Privacy Framework. Also governed by ClickUp’s own terms and privacy policy.

You may request an up-to-date list of sub-processors at any time by contacting us at privacy@click-bridge.com.

International data transfers

Thinkual S.A.S is established in France (European Union). Some of the providers we use are located outside the European Economic Area (EEA), particularly in the United States

When personal data is transferred outside the EEA or the United Kingdom, we ensure appropriate safeguards are in place:

EU–UK transfers: The European Commission has renewed its adequacy decision for the United Kingdom (effective until 27 December 2031). Personal data flows freely between the EU and UK under this decision.

EU/UK–US transfers: For US-based providers that are certified under the EU-US Data Privacy Framework (and the UK Extension to the Data Privacy Framework), transfers are covered by the relevant adequacy decisions. We additionally maintain Standard Contractual Clauses (SCCs, Commission Implementing Decision 2021/914) as a supplementary safeguard.

Other transfers: For any transfers to countries without an adequacy decision and where the Data Privacy Framework does not apply, we rely on SCCs and conduct Transfer Impact Assessments where appropriate.

You may request a copy of the safeguards we have in place by contacting us at privacy@click-bridge.com.

How long we keep your data

We retain personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Data category

Account data

Billing and transaction records

Integration credentials (OAuth tokens)

Sync configuration data

Temporarily cached operational data (including ClickUp data)

Google Sheets data

Usage and log data

Encrypted backups

Marketing consent records

Retention period

Duration of your active account. Following a deletion request or account closure, deleted within 30 days.

10 years from the date of the transaction, as required by French commercial and tax law (Code de commerce, Art. L123-22)

Until you disconnect the integration or close your account, at which point tokens are revoked and deleted within 7 days

Duration of your active account, deleted within 30 days of account closure

Up to 24 hours, after which it is automatically purged

Not persistently stored by ClickBridge; accessed and written in real time via the Google Sheets API

Up to 12 months from collection, then deleted or anonymised

Up to 90 days, after which backups are rotated and deleted data is removed from backup systems

Duration of your account plus 3 years following withdrawal of consent (to evidence compliance)

When a retention period expires, we delete or irreversibly anonymise the data. For more information on how to request deletion of your data, see our Data Deletion Policy at https://click-bridge.com/data-deletion.

Your rights

Under the EU General Data Protection Regulation (GDPR) and, where applicable, the UK GDPR, you have the following rights in relation to your personal data:

Right of access (Art. 15) — You may request a copy of the personal data we hold about you.

Right to rectification (Art. 16) — You may request that we correct inaccurate or incomplete personal data.

Right to erasure (Art. 17) — You may request that we delete your personal data, subject to certain exceptions (see our Data Deletion Policy).

Right to restriction of processing (Art. 18) — You may request that we restrict the processing of your personal data in certain circumstances.

Right to data portability (Art. 20) — You may request to receive your personal data in a structured, commonly used, and machine-readable format.

Right to object (Art. 21) — You have the right to object at any time to the processing of your personal data where we rely on legitimate interest as the legal basis. You also have an absolute right to object to processing for direct marketing purposes. We will cease processing unless we demonstrate compelling legitimate grounds that override your rights.

Right to withdraw consent (Art. 7(3)) — Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

Right not to be subject to automated decision-making (Art. 22) — ClickBridge does not currently make any decisions based solely on automated processing that produce legal effects or similarly significantly affect you.

Right to lodge a complaint — You have the right to lodge a complaint with a supervisory authority. For users in France or the EU, this is the CNIL (www.cnil.fr). For users in the United Kingdom, this is the Information Commissioner’s Office (ICO) (ico.org.uk).

To exercise any of these rights, please contact us at privacy@click-bridge.com. We will respond to your request within one month. In complex cases, we may extend this by a further two months, in which case we will inform you within the initial one-month period.

We will not charge a fee for processing your request unless the request is manifestly unfounded or excessive. We may request additional information to verify your identity before fulfilling your request.

Provision of personal data

Providing your account data (name and email address) is a contractual requirement — it is necessary for us to create and maintain your ClickBridge account and provide the Service to you. If you do not provide this data, we cannot provide the Service.

Connecting your ClickUp and Google accounts is necessary for the core functionality of the Service. Without these connections, ClickBridge cannot perform its syncing and transformation functions.

Providing billing data is a contractual requirement for paid plans.

Providing consent for marketing communications is entirely voluntary and has no effect on your access to or use of the Service.

Cookies

ClickBridge currently uses only essential cookies required for authentication, session management, security, and core functionality of the Service. These cookies are strictly necessary for the Service to operate and do not require consent under applicable law. We do not currently use analytics, advertising, or other non-essential cookies. If we introduce any non-essential cookies in the future, we will update this Privacy Policy and obtain your consent before placing them.

Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful access, use, destruction, loss, alteration, or disclosure. These measures include:

• Encryption of data in transit (TLS/HTTPS) and at rest

• Secure storage of OAuth tokens and integration credentials using encryption at rest with proper key management

• Access controls limiting personnel access to personal data on a need-to-know basis

• Regular security reviews and monitoring

• Use of reputable, security-certified infrastructure providers

No method of transmission over the internet or electronic storage is completely secure. While we strive to protect your personal data, we cannot guarantee its absolute security.

Children

ClickBridge is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately and we will take steps to delete that data.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by email (using the address associated with your account) or by posting a prominent notice within the Service, at least 30 days before the changes take effect.

We encourage you to review this Privacy Policy periodically. The “Last updated” date at the top of this page indicates when this Privacy Policy was most recently revised.

Dual role: controller and processor

For certain processing activities, Thinkual acts in different capacities:

As a data controller: We are the controller for your account data, billing data, usage data, and any personal data we collect directly from you for the purposes of providing, securing, and improving the Service.

As a data processor: When ClickBridge processes data from your ClickUp workspace or Google Sheets on your behalf (for example, syncing task data into a spreadsheet you control), we may act as a processor on your instructions. In this capacity, we process the data solely as directed by your sync configurations. If you use ClickBridge in a business context and require a Data Processing Agreement (DPA), please contact us at privacy@click-bridge.com.