Enterprise, Non-Profit & Government Pricing
Non-profit organizations are eligible for a discount on Enterprise pricing.
15-day free trial available for GAT+ and GAT Shield.
GAT Unlock and GAT Flow are not availableduring trials.
at monthly billing.
at monthly billing.
at monthly billing.
at monthly billing.
Your subscription must cover all active users on your domain, it cannot be purchased for admins only.
Monthly plans do not include email support or training, please contact sales@generalaudittool.com if you want to purchase any of these.
We bill in USD for the US and Canada residents only. Billing is in Euro for all other countries.
Compare Plans in Detail
Pricing FAQs
Can we buy GAT for admins only?
No, GAT has to be installed and deployed for all the users of the organisation, this is not only for billing purposes but also technical purposes. To do a proper audit of all aspects of the Google Workspace environment, we must audit every user to see how they interact with one another. This is necessary for proper email auditing, proper collaboration measurement and depending on the version of Google Workspace that you have, it is necessary for proper Drive audits, in particular where visitor events are recorded. Email us at sales@generalaudittool.com for more information
Who do you consider as an ‘Active User’?
‘Active Users’ are the individuals behind an account. For Enterprise, Government and Non-Profit domains you must pay for all the active users reported by Google. Suspended, and Free Cloud Identity Accounts are not considered for billing. Educational domains don’t pay for IDLE, inactive, service or suspended accounts. Contact sales@generalaudittool.com for more information.
Can I buy through a local reseller?
Yes, we have resellers all around the world. Contact us at sales@generalaudittool.com for further information.
Can I buy your plans in a monthly basis?
Yes. Please contact sales@generalaudittool.com for more information.
How do I pay?
Payment is done by credit card through the tool, through our partners, through a US$ or Euro cheque or by wire transfer. For wire transfer, we will give you our payment details on receipt of the PO. Orders based on company P.O.s have a 30 day credit. POs via email are acceptable. For those domains that require supplier approval, we ask you to start that process now. For those domains that wish to purchase through their Google Workspace Reseller, we welcome that path and we ask you to contact both ourselves and the reseller. Resellers will first have to be approved by GAT Labs.
Do I need to pay extra for On-boarding?
Our prices include the on-boarding feature. Contact support@generalaudittool.com for more information about our training programs for customers.
Do I need to pay extra for training?
Only our yearly plans include training and email support. Monthly plans won’t include training and email support but you can purchase that separately. Contact support@generalaudittool.com for more information about our training programs for customers.
We have multiple domains, but they are all virtual domains on top of a single set of accounts, do we have to buy GAT for each domain?
No, you should only have to buy it once, but we automatically charge by domain name so contact us at sales@generalaudittool.com to explain your circumstances and we will take care of it at the back-end.
Do you offer discounts for volume?
Yes, if your domain surpasses 5,000 active users, your domain can apply for a volume discount. Contact us at sales@generalaudittool.com to discuss your needs. Discounts for Educational domains will apply after 20,000 active users
Do you offer discounts to Non-Profits and Charities?
Yes, Non-Profits and Charities can avail up to a 50% discount off list price. See Enterprise pricing here Please contact us at sales@generalaudittool.com to discuss your needs.
Can I pay with any credit card (Visa, Master Card, Amex)?
Yes, you can purchase our products via a secure link. Please contact sales@generalaudittool.com for more information.
Does my subscription auto-renew every year?
No unless you choose otherwise, our Renewals Team will contact you 6 weeks prior to the end of your yearly subscription to see if you wish to renew.
Please contact renewals@generalaudittool.com for more information.
How long is the GAT+ admin log retained for? Indefinitely?
It has the same lifetime than the scan data, after 30 days of inactivity when the license
As long as the tool is installed – Admin logs are kept, if the tool is removed after 30 days the data is removed automatically.
How often do GAT+ scans run?
At least once per day, and every time you access the tool in any given area a new scan will be scheduled to run in the background.
How long does the first scan take?
It depends on the size of your domain, we calculate 30 minutes per 1 million records. You can check the scan status under:
GAT+ > Configuration > General > Tasks
How long do you keep our data once our license expires?
All the collected data will be deleted in 30 days.
How far do email scans index? Historically
When you install the tool, it indexes back the last 28 days’ email. We do this to provide seed statistics for tables, etc., going forward it indexes all emails for all time until you remove the tool.
How far back does the “Drive event scan” can go back?
6 months from the point of installation, max available from the API 180 days.
Drive event scan is related to all actions taken on files and folders (view/edits/download etc).
Drive events logs are kept indefinitely, once GAT+ is installed – as long as the tool is installed we keep Drive event logs.
Do you have an SLA and how will downtime be reported?
You can request or send the SLA to dpo@generalaudittool.com we will get back to you as soon as possible. Downtime is reported on our Status Page if it happens
How is metadata accessed via Google API?
You can request or send the SLA to dpo@generalaudittool.com we will get back to you as soon as possible. Downtime is reported on our Status Page if it happens
Is my metadata secure during transit?
Data in transit is encrypted with TLS.
How is my metadata kept secured?
Data at rest is encrypted with the AES-256 algorithm.
Where is my metadata stored?
It’s stored on Google Cloud Platform (GCP). We offer our customers a choice of GCP locations to store their data. Each location is subject to a different legal environment. The geographic locations are US (default), EU and UK.
What data do we work with?
We process and store metadata.
Do you have a Privacy policy? As an EU-based company, this would comply with GDPR requirements.
Our privacy policy is stated as complete non-disclosure of customer data and automatically implemented ‘right to be forgotten’ of customer data after 30 days since last use. This policy predates GDPR. There is no access to customer data by any staff other than development engineers. Customer data is never removed from GCP.
Do you have a Business Continuity Policy in place?
For business continuity of our cloud services, we are dependent on GCP business continuity.
Do you have a Security/Breach Incident Management Policy and Procedure in place?
In the event of a customer data breach, we have a declared policy of customer notification. The response to any specific incident will depend on the nature of the incident and is not defined in specific terms.
Do you have an encryption policy that covers data encryption in transit and at rest?
The Tool itself runs using a 2048-bit modulus RSA key, SHA256 is used for hashing, and AES (256-bit) is used for encryption. It is Verified by Comodo. This ensures the site you connect to is who it says it is (generalaudittool.com), thus eliminating man-in-the-middle attacks. It also ensures that any data transferred is moved inside an HTTPS tunnel, from Google to the audit tool and from the audit tool to your browser.
Will our organization be able to manage who has access to the service (our organization’s staff)?
GAT is the very first Google Workspace security tool provider to offer ‘lock and key’ access to Google Workspace files and emails. Ever aware that end-user security is paramount, this feature set goes much further than any of our competitors, not only does it allow for full file management, but it is the only tool to give silent views of all files and emails (Admins and Security Officers won’t appear as ‘Viewers’ of the files or emails), while at the same time, it executes in a secure way that deeply protects end user’s rights. We carefully designed the solution to require both a lock and key for access. Managers, C level executives, and security officers can also relax knowing you cannot download GAT and have unrestricted access to sensitive financial files or snoop on HR emails. Google Workspace Admin staff using GAT can report that they have the most functional security tool in the marketplace, yet with the highest security standards available.
Do you have a policy and process for secure disposal of both IT equipment and media?
No customer data is ever stored on local equipment or media. Google is responsible for this.
Will you need to/ be required to access personal data/ confidential information belonging to our organization? e.g. staff; customer data; confidential business information?
Yes. GAT only requires metadata. We build our exposure profile based purely on the metadata. GAT never retrieves file contents for auditing. We believe the risk in extracting file contents from the secure ‘shredded’ environment of Google’s servers to any third-party software is too great for companies serious about security, so we don’t do it. Some of the most security-sensitive government customers in the US and the UK use GAT precisely because we don’t extract file contents.
Do you maintain a record of your data processing activities in line with the requirements of the General Data Protection Regulation including DPO details; Processing purpose; Data types; Sharing details; International transfers; and Retention periods?
Yes.
Can we buy GAT for admins only?
No, GAT has to be installed and deployed for all the users of the organisation, this is not only for billing purposes but also technical purposes. To do a proper audit of all aspects of the Google Workspace environment, we must audit every user to see how they interact with one another. This is necessary for proper email auditing, proper collaboration measurement and depending on the version of Google Workspace that you have, it is necessary for proper Drive audits, in particular where visitor events are recorded. Email us at sales@generalaudittool.com for more information
Who do you consider as an ‘Active User’?
‘Active Users’ are the individuals behind an account. For Enterprise, Government and Non-Profit domains you must pay for all the active users reported by Google. Suspended, and Free Cloud Identity Accounts are not considered for billing. Educational domains don’t pay for IDLE, inactive, service or suspended accounts. Contact sales@generalaudittool.com for more information.
Can I buy through a local reseller?
Yes, we have resellers all around the world. Contact us at sales@generalaudittool.com for further information.
Can I buy your plans in a monthly basis?
Yes. Please contact sales@generalaudittool.com for more information.
How do I pay?
Payment is done by credit card through the tool, through our partners, through a US$ or Euro cheque or by wire transfer. For wire transfer, we will give you our payment details on receipt of the PO. Orders based on company P.O.s have a 30 day credit. POs via email are acceptable. For those domains that require supplier approval, we ask you to start that process now. For those domains that wish to purchase through their Google Workspace Reseller, we welcome that path and we ask you to contact both ourselves and the reseller. Resellers will first have to be approved by GAT Labs.
Do I need to pay extra for On-boarding?
Our prices include the on-boarding feature. Contact support@generalaudittool.com for more information about our training programs for customers.
Do I need to pay extra for training?
Only our yearly plans include training and email support. Monthly plans won’t include training and email support but you can purchase that separately. Contact support@generalaudittool.com for more information about our training programs for customers.
We have multiple domains, but they are all virtual domains on top of a single set of accounts, do we have to buy GAT for each domain?
No, you should only have to buy it once, but we automatically charge by domain name so contact us at sales@generalaudittool.com to explain your circumstances and we will take care of it at the back-end.
Do you offer discounts for volume?
Yes, if your domain surpasses 5,000 active users, your domain can apply for a volume discount. Contact us at sales@generalaudittool.com to discuss your needs. Discounts for Educational domains will apply after 20,000 active users
Do you offer discounts to Non-Profits and Charities?
Yes, Non-Profits and Charities can avail up to a 50% discount off list price. See Enterprise pricing here Please contact us at sales@generalaudittool.com to discuss your needs.
Can I pay with any credit card (Visa, Master Card, Amex)?
Yes, you can purchase our products via a secure link. Please contact sales@generalaudittool.com for more information.
Does my subscription auto-renew every year?
No unless you choose otherwise, our Renewals Team will contact you 6 weeks prior to the end of your yearly subscription to see if you wish to renew.
Please contact renewals@generalaudittool.com for more information.
How long is the GAT+ admin log retained for? Indefinitely?
It has the same lifetime than the scan data, after 30 days of inactivity when the license
As long as the tool is installed – Admin logs are kept, if the tool is removed after 30 days the data is removed automatically.
How often do GAT+ scans run?
At least once per day, and every time you access the tool in any given area a new scan will be scheduled to run in the background.
How long does the first scan take?
It depends on the size of your domain, we calculate 30 minutes per 1 million records. You can check the scan status under:
GAT+ > Configuration > General > Tasks
How long do you keep our data once our license expires?
All the collected data will be deleted in 30 days.
How far do email scans index? Historically
When you install the tool, it indexes back the last 28 days’ email. We do this to provide seed statistics for tables, etc., going forward it indexes all emails for all time until you remove the tool.
How far back does the “Drive event scan” can go back?
6 months from the point of installation, max available from the API 180 days.
Drive event scan is related to all actions taken on files and folders (view/edits/download etc).
Drive events logs are kept indefinitely, once GAT+ is installed – as long as the tool is installed we keep Drive event logs.
Do you have an SLA and how will downtime be reported?
You can request or send the SLA to dpo@generalaudittool.com we will get back to you as soon as possible. Downtime is reported on our Status Page if it happens
How is metadata accessed via Google API?
You can request or send the SLA to dpo@generalaudittool.com we will get back to you as soon as possible. Downtime is reported on our Status Page if it happens
Is my metadata secure during transit?
Data in transit is encrypted with TLS.
How is my metadata kept secured?
Data at rest is encrypted with the AES-256 algorithm.
Where is my metadata stored?
It’s stored on Google Cloud Platform (GCP). We offer our customers a choice of GCP locations to store their data. Each location is subject to a different legal environment. The geographic locations are US (default), EU and UK.
What data do we work with?
We process and store metadata.
Do you have a Privacy policy? As an EU-based company, this would comply with GDPR requirements.
Our privacy policy is stated as complete non-disclosure of customer data and automatically implemented ‘right to be forgotten’ of customer data after 30 days since last use. This policy predates GDPR. There is no access to customer data by any staff other than development engineers. Customer data is never removed from GCP.
Do you have a Business Continuity Policy in place?
For business continuity of our cloud services, we are dependent on GCP business continuity.
Do you have a Security/Breach Incident Management Policy and Procedure in place?
In the event of a customer data breach, we have a declared policy of customer notification. The response to any specific incident will depend on the nature of the incident and is not defined in specific terms.
Do you have an encryption policy that covers data encryption in transit and at rest?
The Tool itself runs using a 2048-bit modulus RSA key, SHA256 is used for hashing, and AES (256-bit) is used for encryption. It is Verified by Comodo. This ensures the site you connect to is who it says it is (generalaudittool.com), thus eliminating man-in-the-middle attacks. It also ensures that any data transferred is moved inside an HTTPS tunnel, from Google to the audit tool and from the audit tool to your browser.
Will our organization be able to manage who has access to the service (our organization’s staff)?
GAT is the very first Google Workspace security tool provider to offer ‘lock and key’ access to Google Workspace files and emails. Ever aware that end-user security is paramount, this feature set goes much further than any of our competitors, not only does it allow for full file management, but it is the only tool to give silent views of all files and emails (Admins and Security Officers won’t appear as ‘Viewers’ of the files or emails), while at the same time, it executes in a secure way that deeply protects end user’s rights. We carefully designed the solution to require both a lock and key for access. Managers, C level executives, and security officers can also relax knowing you cannot download GAT and have unrestricted access to sensitive financial files or snoop on HR emails. Google Workspace Admin staff using GAT can report that they have the most functional security tool in the marketplace, yet with the highest security standards available.
Do you have a policy and process for secure disposal of both IT equipment and media?
No customer data is ever stored on local equipment or media. Google is responsible for this.
Will you need to/ be required to access personal data/ confidential information belonging to our organization? e.g. staff; customer data; confidential business information?
Yes. GAT only requires metadata. We build our exposure profile based purely on the metadata. GAT never retrieves file contents for auditing. We believe the risk in extracting file contents from the secure ‘shredded’ environment of Google’s servers to any third-party software is too great for companies serious about security, so we don’t do it. Some of the most security-sensitive government customers in the US and the UK use GAT precisely because we don’t extract file contents.
Do you maintain a record of your data processing activities in line with the requirements of the General Data Protection Regulation including DPO details; Processing purpose; Data types; Sharing details; International transfers; and Retention periods?
Yes.