AuraNotes Privacy Policy

Last Updated: June 1, 2025

AuraNotes ("the Extension") is committed to protecting your privacy. This policy outlines how your data is handled when you use AuraNotes.

What User Data Does AuraNotes Handle?

AuraNotes handles the following types of information:

• Google Account Information: When you connect AuraNotes to Google Drive, the Extension uses Google's OAuth 2.0 authentication. This process may involve access to your Google Account's email address and basic profile information, solely for the purpose of authenticating you with Google Drive and enabling the Extension to connect to your own Drive account for storing and syncing notes. AuraNotes does not store your email address or profile information itself; it only uses the secure authentication token provided by Google.
• Note Data (User-Created Content): This includes the content of your notes (title, text), their position on the page (x, y coordinates), size (width, height), display state (e.g., minimized), the webpage scope you associate them with (exact URL, URL without parameters, or domain), and timestamps. This data is created and managed by you.
• Webpage URLs: The URLs of the webpages you visit where you interact with AuraNotes (i.e., create or view notes). This is used to associate your notes with specific web contexts so they appear when you revisit those pages. The Extension does not build a general browsing history for other purposes.
• Extension Settings & Sync Status: Your chosen Google Drive storage preference (hidden app folder or visible folder), the ID of your AuraNotes data file on Drive, and the timestamp of the last successful sync. This is used to manage the synchronization process and remember your preferences.

How AuraNotes Uses and Protects Your Data

• Storage:
  • Locally: Your notes and some settings are stored in your browser's local IndexedDB and chrome.storage.local. This allows for faster loading of notes and provides offline access to notes you've already synced or created. This data remains on your computer.
  • Google Drive: Your notes (as an auranotes_data.json file) are synced to your own Google Drive account. You have full control over this file within your Drive. AuraNotes uses Google's secure APIs (HTTPS) to interact with your Drive.
• Data Transmission: Your note data is transmitted securely (using HTTPS) between your browser and your Google Drive account during synchronization. AuraNotes does not send your note data, URLs, or Google account information to any third-party servers, other than Google's own services (Drive API, Authentication services) as required for its core functionality.
• Privacy by Design:
  • The permission to access website data (scripting on all URLs) is strictly for the purpose of displaying and managing your notes on those pages. AuraNotes is designed not to interfere with or collect data from other parts of the webpage.
  • You choose where your notes file is stored in your Google Drive (a hidden app-specific folder or a visible folder).
• No Sale of Data: AuraNotes does not sell or share your personal data with third parties for marketing or any other purposes.
• Open Source (Optional): (If you make it open source, add this line) The source code for AuraNotes is available for review at http://www.github.com/johnvilsack/auranotes, promoting transparency.

Permissions Explained

AuraNotes requests certain permissions to function. Here's why:

• identity: To authenticate you with Google Drive.
• storage: To save settings and local note cache.
• scripting (on all sites): To display notes on webpages.
• tabs: To get the current page URL for note context.
• alarms: To schedule background sync.
• notifications: To provide sync status updates (primarily in-popup).
• Access to googleapis.com: To communicate with Google Drive.
• Google Drive Scopes (drive and drive.appdata): To create, read, and update the AuraNotes data file and manage the 'AuraNotes' folder (if chosen) in your own Google Drive. AuraNotes only interacts with its own dedicated file/folder.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

Contact Us

If you have any questions about this Privacy Policy, please contact us at: https://github.com/johnvilsack/auranotes/issues