Are my CAD files uploaded to Thingraph servers?

No. Thingraph CAD Viewer and DWG Viewer render DWG, DXF, and 3D models entirely in your web browser using WebGL. File content is processed on your device and is not sent to Thingraph servers for storage or conversion.

What Google Drive permissions does CAD Viewer need?

The app uses OAuth with the drive.file scope, which allows access only to files you explicitly open with the app via Open with. It cannot browse, list, or read your entire Google Drive.

Can CAD Viewer modify or delete my Google Drive files?

No. The viewer apps have read-only access to files you open. They cannot modify, rename, or delete files in Google Drive.

Privacy · Security

Is CAD Viewer Safe? Are My Files Uploaded to Your Servers?

A common question from engineering and design teams: when I open a DWG, DXF, or 3D model with Thingraph CAD Viewer or DWG Viewer, where does my data go? This page explains our client-side architecture, Google Drive permissions, and what we do — and do not — collect.

Short answer

Your CAD file content is not uploaded to Thingraph servers for viewing. Rendering happens in your browser on your device using WebGL (@x-viewer/core / Three.js). We do not operate a cloud conversion service that stores your drawings.

How client-side rendering works

You open a file (local upload or Google Drive Open with).
The file bytes are loaded into your browser (from disk or Google’s API).
The viewer parses DWG/DXF/3D data and draws with WebGL on your GPU.
No step sends the full file to a Thingraph backend for processing.

This architecture is the same for 2D DWG/DXF (Viewer2d) and 3D models including IFC and STEP (WebAssembly modules run in-browser).

Google Drive: what access do we request?

When you install from Google Workspace Marketplace, the app asks for limited OAuth scopes:

https://www.googleapis.com/auth/drive.file — lets the app read only files you open with it (or create through it). It cannot enumerate your Drive or open arbitrary files you did not choose.
Install-related scopes so the app appears in Open with for supported extensions.

Read-only for viewing apps: DWG Viewer and CAD Viewer do not write changes back to Drive. CAD Editor may let you work on a 3D scene in the browser session; saving edited models back to Drive depends on product features — opened Drive files are still not copied to Thingraph servers.

What data might leave your browser?

Google APIs — when opening from Drive, your browser talks to Google to download the file you selected. That traffic is between you and Google under Google’s privacy policy.
OAuth tokens — stored locally in your browser so you do not sign in every time. Tokens identify your session to Google, not file content to Thingraph servers.
Analytics — we may use privacy-focused analytics (e.g. page views, feature usage counts) on cad.thingraph.site. Analytics do not include your DWG geometry or file names by design. See our Privacy Policy.
CDN libraries — the app loads JavaScript and WASM (e.g. Three.js, IFC/Open CASCADE runtimes) from our site or CDNs; not your file content.

Local upload (no Google account)

On DWG Viewer or CAD Viewer local pages, you drag a file from your computer. The file is read with the browser’s File API and never leaves your machine except as rendered pixels on screen. No account required.

Enterprise and confidential drawings

Teams handling sensitive IP often prefer client-side viewers because:

No server-side copy of the drawing for basic viewing
Restricted Google scope (drive.file) limits blast radius
Access can be revoked instantly at Google Account permissions

Your organization may still require its own security review. Official policies: CAD Viewer Privacy, DWG Viewer Privacy.

What we do not do

Store your DWG/DXF/3D file content on Thingraph servers for viewing
Sell your drawings or file lists to third parties
Browse your entire Google Drive without you opening a specific file
Modify or delete your Drive files from the viewer apps

Revoke access

Remove Thingraph apps at myaccount.google.com/permissions. Clear site data in your browser to remove local tokens. Re-install anytime from Install.