Back to Dashboard
Overview
Sticky Notes - Easy Web Notes & Quick Reminders ("the Extension") respects your privacy. This policy explains what data we collect and how we use it.
Data Collection
What We Collect
- Sticky Notes Content: The text content of notes you create on websites
- Note Metadata: Website URLs where notes are saved, note positions on the page, note colors, and timestamps
- User Preferences: Theme color selection, dashboard settings, and display preferences
- Authentication Data: If you choose to sign in with Google OAuth, we store your Google user ID, email address, and profile information for cloud sync functionality
- Website Content: The URLs and page titles where you create notes (necessary for organizing and displaying notes by website)
What We DON'T Collect
✓ We do NOT collect your complete browsing history - only URLs where you actively create notes
✓ We do NOT track your activity, clicks, scrolling, or keystrokes on websites
✓ We do NOT collect personally identifiable information beyond what's needed for Google login (optional)
✓ We do NOT collect financial data, payment information, or health information
✓ We do NOT use analytics, tracking pixels, or third-party cookies
✓ We do NOT collect location data or device information
✓ We do NOT read or collect data from other browser tabs or windows
How We Use Your Data
Local Storage (Default)
By default, all notes are stored locally in your browser using Chrome's storage.sync and storage.local APIs. This data:
- Stays on your device and never leaves unless you enable cloud sync
- Is automatically synced across your Chrome browsers when using the same Google account (Chrome's native sync)
- Can be deleted anytime by clearing browser data or uninstalling the extension
Cloud Sync (Optional - Requires Login)
If you choose to sign in with Google:
- Your notes are backed up to our secure cloud storage server (pay.agent0s.dev)
- All data transmission uses HTTPS encryption
- Your Google OAuth token is used only for authentication
- We store your email and user ID to associate notes with your account
- You can disable cloud sync anytime and revert to local-only storage
- You can delete all cloud data from the Cloud Storage settings page
Extension Functionality
We use collected data solely to:
- Display your sticky notes on the correct websites
- Save and restore note positions, content, and styling
- Organize notes by website domain in the dashboard
- Provide search and filtering capabilities
- Enable keyboard shortcuts (Ctrl+Q) to create notes
- Support PDF note-taking for local PDF files
- Remember your theme color preferences
Data Sharing & Third Parties
WE DO NOT:
✓ Sell or transfer your data to third parties for ANY purpose
✓ Share your notes content with advertisers or data brokers
✓ Use your data for advertising, marketing, or profiling
✓ Transfer data for purposes unrelated to sticky notes functionality
✓ Use or transfer data to determine creditworthiness or for lending purposes
✓ Share your data with anyone except as required by law
Your notes are private and stay private.
Data Security & Encryption
- All cloud data transmission uses HTTPS/TLS encryption
- Cloud-synced notes are stored on secure servers with access controls
- Google OAuth tokens are handled securely and never exposed
- Local data is protected by Chrome's built-in security mechanisms
- We implement industry-standard security practices
- No sensitive data is transmitted in plain text
Your Rights & Data Control
You have complete control over your data:
- Access: View all your notes through the extension dashboard
- Export: Copy or export notes from the dashboard
- Delete: Delete individual notes or all notes anytime
- Cloud Control: Enable or disable cloud sync at any time
- Account Deletion: Delete your cloud account and all associated data from Cloud Storage settings
- Uninstall: Uninstalling the extension removes all local data immediately
- Opt-out: You can use the extension entirely offline without any login
GDPR Rights: If you're in the EU, you have rights to data portability, rectification, and erasure. Contact us to exercise these rights.
Third-Party Services & External Resources
The extension uses the following third-party services:
- Google OAuth & Identity API: For optional user authentication and login (Google's Privacy Policy applies)
- Chrome Storage API: For local and sync storage of notes (Google's Privacy Policy applies)
- Google Fonts: Poppins font family loaded from fonts.googleapis.com and fonts.gstatic.com
- Flaticon UI Icons: Icon assets loaded from cdn-uicons.flaticon.com for the user interface
- Cloud Storage Server: pay.agent0s.dev - our secure backend for optional cloud sync (HTTPS encrypted)
Important: We do not share your note content or personal data with any third parties for advertising, analytics, or marketing purposes.
Permissions & Host Access
The extension requests the following Chrome permissions:
- storage: To save notes locally and sync across your Chrome browsers
- activeTab: To inject sticky notes into the currently active webpage only
- scripting: To dynamically add note-taking functionality to web pages
- contextMenus: To add "Create Sticky Note" to right-click menu
- identity: For optional Google OAuth login for cloud sync
- <all_urls> (Host Permission): Required because sticky notes must work on ANY website you visit - this is the core functionality. We do NOT use this to track or collect data from websites you don't create notes on.
Children's Privacy (COPPA Compliance)
This extension does not knowingly collect personal information from children under 13 years of age. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information.
Remote Code & External Scripts
We do NOT use remote code. All JavaScript and functionality is included in the extension package. We do not:
- Load external JavaScript files from CDNs or third-party servers
- Use eval() or similar functions to execute remote code
- Include WebAssembly modules from external sources
- Reference external files in script tags (except approved resources like fonts and icons)
The only external resources loaded are:
- Google Fonts (Poppins font family) - CSS and font files only, no scripts
- Flaticon icons - CSS and icon assets only, no scripts
Changes to This Policy
We may update this privacy policy from time to time to reflect changes in our practices or for legal compliance. When we make changes:
- The "Last Updated" date at the top will be changed
- Significant changes will be communicated through the extension
- Your continued use of the extension constitutes acceptance of the updated policy
- You can always review the latest version at this URL
Legal Compliance
This extension and privacy policy comply with:
- Chrome Web Store Developer Program Policies
- General Data Protection Regulation (GDPR) - EU data protection law
- California Consumer Privacy Act (CCPA) - California privacy rights
- Children's Online Privacy Protection Act (COPPA) - Children's privacy protection
- Chrome Extension Manifest V3 requirements
We are committed to protecting your privacy and complying with all applicable data protection laws.