Privacy Policy

Last Updated: March 11, 2026

Ostensio ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our Chrome extension and related services.

1. Information We Collect

Authentication Data

When you sign in with Google, we collect your email address, name, and profile information through Google OAuth. This data is used solely to authenticate your account and provide personalized features.

Extension Usage Data

We collect information about how you use the extension, including: website URLs where you create extractions, screenshots you capture, popups and highlights you create, project information and annotations, and action history within projects.

Browser Data

The extension accesses your active tab information to enable core functionality like capturing screenshots and creating webpage element extractions. We do not track your browsing history outside of project-related activities.

Local Storage

Settings, preferences, and temporary authentication tokens are stored locally in your browser using Chrome's storage API. This data remains on your device unless you choose to sync with our cloud service.

2. How We Use Your Information

  • Authenticate your account and maintain your login session
  • Store and sync your projects, screenshots, and extractions across devices
  • Enable collaboration features when you share projects with team members
  • Provide customer support and respond to your inquiries
  • Improve and optimize the extension's functionality
  • Send important service updates and announcements (with your consent)

3. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

With Your Consent

When you explicitly choose to share projects with other users or team members.

Service Providers

We use trusted third-party services for cloud storage (AWS S3) and authentication (Google OAuth). These providers are contractually bound to protect your data.

Legal Requirements

When required by law, court order, or to protect our legal rights and safety.

4. Chrome Extension Permissions

Our extension requests the following permissions to function:

storage

To save your settings, authentication state, and local project data.

activeTab

To interact with the webpage you're currently viewing when you activate the extension.

tabs

To capture screenshots of webpage elements and manage tab information.

scripting

To determine device pixel ratio for high-quality screenshot capture.

clipboardWrite

To automatically copy screenshots and selected content to your clipboard.

downloads

To save full-page PDF and JPG exports to your Downloads folder.

identity

To enable Google OAuth authentication for secure login.

host_permissions (all URLs)

To allow you to capture and manage webpage elements on any website you visit.

5. Data Security

We implement industry-standard security measures to protect your information:

  • All data transmission is encrypted using HTTPS/TLS
  • Authentication tokens are stored securely using Chrome's session storage
  • Screenshots and project data are stored on secure AWS S3 infrastructure
  • Access to your data requires authentication via Google OAuth
  • We regularly review and update our security practices

6. Data Retention

We retain your data as follows:

  • Account data: Until you delete your account
  • Projects and screenshots: Until you manually delete them
  • Action history: Stored indefinitely within projects for audit purposes
  • Local browser data: Until you uninstall the extension or clear browser data

7. Your Privacy Rights

You have the right to:

  • Access and download all your personal data
  • Delete your account and associated data at any time
  • Opt out of optional data collection and analytics
  • Request corrections to inaccurate personal information
  • Revoke access permissions for the extension
  • Choose not to sync data with cloud services (local-only mode)

8. Cookies and Tracking

We do not use cookies or third-party tracking on websites you visit. Authentication tokens are stored locally in your browser and are not shared with third parties.

9. Children's Privacy

Our service is not intended for users under 13 years of age. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will delete it immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last Updated" date. Your continued use of the extension after changes indicates acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at:

Email: [email protected]

Website: https://ostensio.mlziade.com.br/contact

12. GDPR Compliance (EU Users)

If you are located in the European Economic Area (EEA), you have additional rights under GDPR:

  • Right to data portability
  • Right to object to data processing
  • Right to lodge a complaint with your local data protection authority
  • Right to withdraw consent at any time

Our legal basis for processing your data is your consent and our legitimate interest in providing and improving our services.