Privacy Statement

We are committed to protecting your privacy. This extension is designed with privacy as a core principle.

Data Collection and Storage

We do not store your data. We only scan for OTPs locally.

All email processing happens entirely within your browser. No data is transmitted to external servers or stored anywhere outside your device.

Permission Justifications

Why We Need These Permissions

When submitting to the Chrome Web Store or similar platforms, you may be asked to justify the following permissions:

identity Permission

The extension requires the identity permission to authenticate the user securely with Google. This enables secure access to your Gmail account through Google's official OAuth2 flow.

https://www.googleapis.com/* Permission

The extension uses the gmail.readonly scope to fetch only the latest unread emails to extract OTP codes locally within the browser. No data is sent to external servers.

Note: The gmail.readonly scope is the most restrictive Gmail scope that allows reading emails. We only access unread messages to identify OTP codes, and all processing happens locally in your browser.

How It Works

1. Authentication: You grant permission to access your Gmail through Google's secure OAuth2 system
2. Local Processing: The extension reads only your latest unread emails
3. OTP Detection: OTP codes are detected and extracted locally in your browser
4. No Transmission: No email content or data leaves your device