User Data Disclosure
Chrome Web Store — answers to the Developer Dashboard data-handling questions for ScraperQ.
Does the extension handle any of the following user data?
Personally Identifiable Information (PII)
Yes — We handle:
- Name, email address, profile picture URL received from Google OAuth during sign-in.
These are used solely to identify the user's account and display their name/avatar in the extension UI. They are not used for advertising, analytics, or sold to third parties.
Authentication Credentials
Yes — We store:
- JWT access token — stored in
chrome.storage.local - JWT refresh token — also stored in
chrome.storage.local
Tokens are transmitted only to our own backend API (scraperq.com) over HTTPS.
Web History / Page Content
Yes, locally in the browser for the user-facing scraping feature — ScraperQ inspects the current page and related API traffic during template setup and, for API-based templates, when the user explicitly starts a scrape job.
This inspection is used only to discover page structure, identify relevant APIs, locally refresh temporary request authentication details needed for API replay, and determine API pagination or items-path structure when the user asks ScraperQ to build an API-based template. Secret auth values are not stored on scraperq.com servers. Backend APIs receive sanitized metadata and a bounded first-page API response sample only when required to infer the items array path or pagination pattern.
Financial / Health / Authentication Information
No.
Certification
All user data collected:
- Is only used for the functionality described in the extension's store listing
- Is not sold or transferred to third parties (except as required by law)
- Is not used for advertising purposes
- Is not used for creditworthiness or lending purposes
- Is handled in accordance with our Privacy Policy
Single-Purpose Justification
ScraperQ's single purpose is web scraping / data extraction. All permissions requested are necessary and minimal for this purpose:
| Permission | Justification |
|---|---|
debugger | Used during template setup to detect page structure (DOM, API calls) and, for API-based templates, when the user starts a scrape job to locally refresh temporary request auth needed for API replay. User sees Chrome's "Debugging" banner and must consent before first use. |
<all_urls> (optional) | Users choose which pages to scrape; broad host access is necessary since the target site is unknown at install time. This is an optional permission, requested only when the user initiates a scrape. |
scripting | Injects lightweight selector and crawler scripts into pages on demand (not via static content_scripts). |
Remote Code Execution
ScraperQ does not execute any remotely-hosted code. All JavaScript is packaged
in the extension and reviewed at submission time. No eval() or dynamic script
loading from external URLs is used.
For the full privacy policy see our Privacy Policy.