Why DriveWacher is asking these permissions?

DriveWatcher needs to access resources on behalf of a user, so the very first time you run it, a consent screen is shown to you.

Then DriveWacher will run on your context and it will be able to check and review the changes in the Drive activity.

DriveWacher use secure OAuth 2.0 protocol to manage the authorizations.

View the files in your Google Drive

As DriveWatcher is going to check the changes in your Google Drive documents, the application need access to check and review what’s is happening there!

Send email on your behalf

Email notifications are send with your user name. In case you setup a notification for your team, you will be the sender of the email.

View your contacts

When you setup the email notification, the people picker needs to read your contact list to suggest names and show their profile pictures.

View the activity history of your Google Apps

The Apps Activity API lets your app retrieve information about a user’s G Suite activity. Currently, the API supports retrieving activity from the Google Drive service about changes to a user’s Google Drive files. This provides additional functionality on top the existing Drive API for your app to do things like:

Display activity on a user’s files.

Track changes to specific files or folders.

Alert a user to new comments or changes to files.

More info here