# Privacy Policy for X (Twitter) Video Saver
**Effective Date:** February 13, 2026
**Last Updated:** February 13, 2026
## 1. Introduction
This Privacy Policy describes how the **X (Twitter) Video Saver** browser extension ("we", "us", or "our") handles your information. We are committed to protecting your privacy and ensuring you have a positive experience when using our extension.
## 2. Information We Collect
We do **not** collect, store, or share any personally identifiable information (PII) about you. We do not use cookies or tracking pixels.
### 2.1 Data Processed Locally
The only data processed by this extension includes:
- **Tweet URLs** that you explicitly choose to download.
- **User preferences** (theme, file naming, folder path settings).
- **Download history** (stored locally on your device for your convenience).
- **Anonymous client ID** (a randomly generated UUID stored locally, used solely for subscription verification — it is not linked to your identity).
### 2.2 Storage Usage
- **chrome.storage.sync**: Used to store your user preferences (theme selection, filename formatting, date prefix settings) and your anonymous client ID. These settings are synced across your Chrome profile if you are signed in.
- **chrome.storage.local**: Used to store download history, subscription status cache, cloud connection status, and simple usage counters directly on your device. This data is stored entirely on your device and contains no personal information.
## 3. How We Use Information
### 3.1 Video Downloads
When you click the "Download" button on a video:
- The extension processes the download **directly** using your browser by communicating with Twitter/X's public content delivery networks (`cdn.syndication.twimg.com`).
- No tweet data or URLs are sent to any unrelated third-party servers.
### 3.2 Quoted Tweet Resolution
For complex tweet structures (e.g., quoted tweets):
- The extension may momentarily inject a local script into the webpage to read internal component data (React Fiber state) strictly to identify the video ID.
- This process happens **entirely within your browser tab**. NO data from this process is sent to us or any third party.
### 3.3 Subscription Verification
- To verify Premium subscription status, the extension sends your **anonymous client ID** (a random UUID) to our backend (hosted on Supabase). This ID is not linked to your personal identity, email, or browsing history.
- The backend responds with the subscription status only. No other data is exchanged.
### 3.4 Cloud Sync (Premium Feature, Opt-In)
- If you choose to connect Google Drive or Dropbox, the extension uses standard OAuth2 flows to authenticate with these services.
- **Google Drive**: We use the minimal `drive.file` scope — the extension can only access files it creates. It cannot read, modify, or delete any other files in your Google Drive.
- **Dropbox**: The extension uploads files only to a dedicated application folder (if using app-scoped access) or a specific root folder.
- Cloud sync is **entirely optional** and only activates when you explicitly connect a cloud service and enable auto-sync.
- OAuth tokens are managed by Chrome's built-in identity system (for Google Drive) or stored locally (for Dropbox). We do not store or have access to your OAuth tokens on any server.
## 4. Permissions Justification
| Permission | Why It's Needed |
|---|---|
| `downloads` | To save downloaded video files to your device. |
| `storage` | To store your preferences, download history, and subscription cache locally. |
| `identity` | To authenticate with Google Drive via OAuth2 for optional cloud backup (Premium). |
| `https://twitter.com/*`, `https://x.com/*` | To inject the download button into video players on Twitter/X. |
| `https://cdn.syndication.twimg.com/*` | To fetch video metadata from Twitter's public syndication API. |
| `https://resdwlovimhbsfyjdfex.supabase.co/*` | To verify Premium subscription status using an anonymous client ID. |
| `https://www.googleapis.com/*` | To upload files to Google Drive (Premium cloud sync, opt-in). |
| `https://content.dropboxapi.com/*`, `https://api.dropboxapi.com/*` | To upload files to Dropbox (Premium cloud sync, opt-in). |
## 5. Third-Party Sharing
We do **not** sell, trade, or transfer your information to outside parties. We do not use any third-party analytics services. The third-party services accessed by this extension are:
- **Twitter/X CDN** (`cdn.syndication.twimg.com`) — To fetch video data. This is Twitter's own public infrastructure.
- **Supabase** — To verify subscription status only. No personal data is sent.
- **Google Drive / Dropbox** — Only if you opt-in to cloud sync. These services have their own privacy policies.
## 6. Data Retention
- All locally stored data (preferences, history, cache) can be cleared by the user at any time via Chrome's extension management or by uninstalling the extension.
- We do not retain any data on our servers beyond the subscription record linked to your anonymous client ID.
## 7. Children's Privacy
This extension is not directed to children under 13 and does not knowingly collect information from children.
## 8. User Consent
By using our extension, you consent to this privacy policy.
## 9. Changes to This Policy
We may update this privacy policy from time to time. Any changes will be reflected by updating the "Last Updated" date above.
## 10. Contact Us
If you have any questions regarding this privacy policy, you may contact us at:
- **Email**: neocrtxai@gmail.com
- **Support**: Via the support section on the Chrome Web Store listing.