NoteKo📝

# Privacy Policy for NoteKo

## Overview

NoteKo is a Chrome extension that allows users to securely manage personal notes with Google account authentication. This privacy policy explains how we collect, use, and protect your information.

## Information We Collect

### 1. Authentication Information

- **Google Account Data**: When you sign in with Google, we collect your email address and basic profile information (name, profile picture) provided by Google OAuth.

- **Authentication Tokens**: We store session tokens locally in your browser to keep you signed in.

### 2. User-Generated Content

- **Notes**: All notes you create, edit, or delete are stored in our Supabase database and associated with your user account.

### 3. Technical Information

- **User ID**: A unique identifier generated by Supabase to associate your notes with your account.

## How We Use Your Information

- **Authentication**: To verify your identity and provide secure access to your notes

- **Data Storage**: To save and retrieve your personal notes

- **Session Management**: To keep you logged in across browser sessions

## Data Storage and Security

- All data is stored securely in Supabase's cloud infrastructure

- Notes are protected by Row Level Security (RLS) policies - you can only access your own notes

- Authentication is handled through Google's secure OAuth 2.0 protocol

- Session tokens are stored locally in Chrome's secure storage

## Data Sharing

We do NOT:

- Share your data with third parties

- Sell your information

- Use your data for advertising

- Access your notes for any purpose other than providing the service

## Third-Party Services

This extension uses:

- **Google OAuth**: For authentication (subject to [Google's Privacy Policy](https://policies.google.com/privacy))

- **Supabase**: For backend services and data storage (subject to [Supabase's Privacy Policy](https://supabase.com/privacy))

## Your Rights

You have the right to:

- Access your data at any time through the extension

- Delete your notes individually or all at once

- Sign out and revoke access to your account

- Request complete deletion of your account and all associated data

## Data Retention

- Notes are retained until you delete them or delete your account

- Session data is cleared when you sign out

## Permissions Explained

- **Storage**: To save your login session locally

- **Identity**: To enable Google sign-in through Chrome's authentication API

## Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted with an updated "Last Updated" date.

## Contact

For questions or concerns about this privacy policy or your data, please contact:

salman.farsi.4001@gmail.com

## Open Source

This extension is open source. You can review the code at:

https://github.com/4001-lab/Chrome-Extension-Auth-Demo