MARKETSCRUBBER

DATA PRIVACY & SECURITY

DATA COLLECTION

Extension Core Functionality (No Personal Data)
- No browsing history: Only processes Facebook Marketplace listings, no other browsing activity
- No user tracking: No analytics, tracking, or user behavior monitoring
- No personal data from Facebook: Does not collect personal information from Facebook Marketplace pages
- Local storage only: All user preferences and settings remain on the user's device

ExtPay Payment Processing (Personal Data Collection)
When users opt for premium features, the extension integrates with ExtPay, which collects and processes the following personal and sensitive user data:

- Email addresses: Required for account creation and subscription management
- User IDs: Unique identifiers for user accounts
- Payment/financial information: Processed securely through ExtPay/Stripe for subscription payments
- Authentication information: Login credentials and authentication tokens handled by ExtPay
- Subscription details: Plan information, renewal dates, payment dates, and trial status

Data Collection Purpose: This data is collected and processed solely for the purpose of enabling premium feature access and managing user subscriptions. Payment processing is directly related to the extension's premium functionality as described in the Chrome Web Store listing.

Data Storage: Payment-related data is stored by ExtPay/Stripe in accordance with their privacy policies and security practices. The extension stores only subscription status locally (trial active, paid status) for feature access control.

DATA TRANSMISSION
- ExtensionPay/Stripe communication: Transmits payment-related data (email, payment information, subscription details) to ExtPay/Stripe for subscription management and payment processing. All transmissions use HTTPS encryption.
- No data to Facebook: No data is sent to Facebook or any other third parties
- No telemetry: No usage statistics, error reports, or diagnostic data is transmitted
- No advertising data: No user data is used for advertising, marketing, or analytics purposes

USER CONTROL
- Complete user control: All filtering is based on user-defined criteria
- Transparent operation: Users can see exactly what is being filtered and why
- Premium features are optional: Users can use the extension without premium features; payment is opt-in
- Disable anytime: All features can be disabled without affecting core browser functionality
- Data deletion: All stored data can be cleared through browser settings or extension options
- Payment data management: Users can manage their subscription and payment information directly through ExtPay


COMPLIANCE & TRANSPARENCY

PRIVACY POLICY
- Clear disclosure of all data handling practices, including ExtPay payment processing
- Transparent disclosure of what data is collected, how it's used, and what's shared
- User consent for all data operations (payment processing is opt-in)
- Right to data deletion and modification
- Privacy policy posted in Chrome Web Store Developer Dashboard

LIMITED USE REQUIREMENTS COMPLIANCE
The extension complies with Chrome Web Store Limited Use requirements for personal and sensitive user data:

1. Allowed Use: Payment-related data (email, user IDs, subscription information) is used exclusively to provide premium feature access and manage user subscriptions. This use is directly related to the extension's single purpose and user-facing features.

2. Allowed Transfer: User data is transferred only to:
   - ExtPay/Stripe: Necessary for payment processing and subscription management (required to provide premium functionality)
   - No other transfers are made

3. Prohibited Advertising: User data is never used or transferred for:
   - Personalized advertising
   - Re-targeted advertising
   - Interest-based advertising
   - Marketing purposes

4. Prohibited Human Interaction: No human employees or contractors read user payment data. Data is processed automatically by ExtPay/Stripe systems only. The only exception would be with explicit user consent for technical support purposes.

SECURITY MEASURES
- HTTPS-only communication with external services (ExtPay/Stripe)
- All payment data transmitted over encrypted connections
- Payment processing handled by PCI-compliant third-party services (Stripe)
- No execution of arbitrary or user-generated code
- Sandboxed execution environment
- Regular security updates and maintenance

USER BENEFITS
- Improved marketplace browsing experience
- Reduced exposure to unwanted content
- Enhanced privacy through content filtering
- No impact on non-marketplace browsing

https://seandellis.com/projects/marketscrubber/privacy-policy.txt