Privacy Policy for Webcore

Effective Date: April 29, 2025

1. Introduction

This Privacy Policy explains how Webcore (“we,” “us,” or “our”) collects, uses, discloses, and safeguards your information when you use our Chrome browser extension (the “Extension”). We are committed to protecting your privacy. Please read this policy carefully. By using the Extension, you agree to the terms of this Privacy Policy. Our collection, use, and sharing of information strictly adheres to the Chrome Web Store User Data Policy, including the Limited Use requirements.

2. Information We Collect

We collect the following types of information:

• Google Account Information: When you choose to sign in, we use Firebase Authentication to securely connect with your Google account. We access your basic profile information provided by Google, specifically your Name, Email Address, and unique Google User ID. This is used solely for authentication and identifying you within the service.
• Webpage Content and Metadata: To enable the Extension’s core functionality (like summarizing or answering questions about a page), we need to process the content of the webpage you are actively using within the Extension’s side panel.
  • When: This information is accessed only when you explicitly interact with the Extension by sending a message or requesting a summary for the current page.
  • What: We use Mozilla’s Readability library to attempt to extract the main readable content of the page, along with the page Title and URL.
  • Important Note: Readability aims to isolate the primary content (like an article), excluding headers, ads, and navigation. However, it processes the page’s underlying structure. If you use the Extension on a page containing sensitive or private information (e.g., a private document, email), that information could be included in the extracted content if it’s part of the main body Readability identifies. We do not intentionally target or store sensitive information, but you should be aware of this possibility when using the Extension on non-public pages.
• User Interactions (Prompts & Responses): We collect the questions or prompts you type into the Extension’s chat interface and the AI-generated responses to display the conversation history within the Extension.

3. How We Use Your Information

We use the information we collect for the following purposes:

• To Provide and Operate the Service:
  • Authenticate your identity using your Google Account information.
  • Process your prompts and use the provided webpage content, title, and URL as context to generate responses via our AI model.
  • Display the conversation history (prompts and AI responses) within the Extension’s side panel during your current session.
• To Maintain Security: Verify user identity and secure the communication between the Extension and our backend services.

4. Information Sharing and Disclosure

We do not sell your personal information. We may share information under the following limited circumstances:

• Backend Service: Your prompts, the extracted webpage content/title/URL (when you send a message/request), your chat history for the current session, and your Google User ID (for authentication) are sent to our secure backend infrastructure (hosted on Vercel). This is necessary to process your requests and provide the Extension’s core functionality.
• Third-Party AI Provider (AWS Bedrock / Anthropic): To generate AI responses, our backend service sends your prompts, the current session’s chat history, and the associated webpage context (content, title, URL) to large language models hosted on AWS Bedrock, operated by Anthropic. This transfer is necessary to provide the core AI-powered features of the Extension. We rely on AWS and Anthropic’s security and privacy practices for the data while it is being processed by them. We do not control their data handling or retention policies. Page content/URL/title and chat history are sent only for real-time processing and are not stored by our service after the request is completed.
• Prohibited Advertising and Other Transfers: We do not use or transfer user data to serve users personalized, re-targeted, or interest-based advertisements. We do not transfer user data for any purpose other than providing or improving the Extension’s features, ensuring security, complying with applicable laws, or as part of a merger, acquisition, or sale of assets.
• Legal Requirements: We may disclose your information if required by law, subpoena, or other legal process, or if we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
• Prohibited Human Interaction: We do not allow humans to read your personal or sensitive user data, except in specific cases permitted by the Chrome Web Store policy: (a) with your affirmative consent for specific purposes (e.g., troubleshooting technical support issues), (b) when necessary for security purposes (e.g., investigating abuse), (c) to comply with applicable laws, or (d) when the data is aggregated and anonymized for internal operations (e.g., generating aggregate usage statistics).

5. Data Security

We implement reasonable security measures to protect your information. All transmissions of personal and sensitive user data between the Extension, our backend services, and third-party AI providers are encrypted using industry-standard protocols such as HTTPS. We also rely on Firebase’s secure authentication mechanisms. However, no electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

• Google Account Information: Your Google User ID, email, and name are associated with your Firebase Authentication account as long as you keep the Extension connected to your Google Account.
• Webpage Content, Title, and URL: We do not store this information on our backend systems. It is processed ephemerally only when you submit a request and is passed to the AI provider for generating a response for that specific request.
• Chat History (Prompts and Responses): Chat history is stored locally within the Extension only for the duration of your active browsing session in the side panel. It is not stored persistently on our backend servers. Closing the side panel or navigating away may clear this session history.

7. Your Rights and Choices

• Authentication: You can disconnect the Extension from your Google Account at any time via your Google Account security settings (https://myaccount.google.com/permissions) or by uninstalling the Extension.
• Data Access and Deletion: To request access to or deletion of the Google Account information associated with your use of the Extension (Name, Email, Google User ID held by Firebase Authentication), please contact us at privacy@webcore.dev. We will process your request in accordance with applicable data protection laws. Please note that we do not persistently store webpage content or chat history.

8. Children’s Privacy

The Extension is not intended for use by children under the age of 13 (or the relevant age in your jurisdiction). We do not knowingly collect personal information from children.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy within the Extension or on an associated website. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at: privacy@webcore.dev