Legal

Privacy Policy

Last updated: March 23, 2026

1. Who We Are

ExtensionDB (extensiondb.store) is a paid directory that lets you search, filter, and analyze metadata for 246,000+ Chrome extensions. This policy explains what data we collect when you use the service and how we handle it.

2. Data We Collect

Account Data (via OAuth)

We offer sign-in through Google and GitHub only. When you authenticate, we receive and store:

  • Your name
  • Your email address
  • Your profile image URL

We do not collect or store passwords. Authentication is handled entirely by your chosen OAuth provider.

Purchase Data

Payments are processed by LemonSqueezy. When you purchase access, we store:

  • The email address used at checkout
  • Your order ID and purchase status
  • The webhook payload from LemonSqueezy (order details)

We do not process or store credit card numbers, bank details, or other payment instrument data. All payment processing is handled by LemonSqueezy.

Session Data

When you sign in, we create a session that records:

  • A session token
  • Your IP address
  • Your browser user agent
  • Session expiration timestamp

Usage Data

We store extension bookmarks you save within the dashboard. Search queries and filter selections are passed as URL parameters and are not logged or stored server-side.

3. Data We Do Not Collect

  • We do not use Google Analytics or any third-party analytics service
  • We do not use tracking pixels or advertising scripts
  • We do not sell, rent, or share your personal data with third parties for marketing

4. How We Use Your Data

  • Account & purchase data: To verify your purchase, grant dashboard access, and display your profile within the app
  • Session data: To keep you signed in and secure your account
  • Bookmarks: To let you save and retrieve your favorite extensions

5. Third-Party Services

We rely on the following third-party services, each with their own privacy policies:

  • Cloudflare — hosting, CDN, and database (Cloudflare Pages & D1)
  • LemonSqueezy — payment processing
  • Google — OAuth authentication and Google Fonts
  • GitHub — OAuth authentication

When you sign in via Google or GitHub, your data is subject to their respective privacy policies in addition to ours.

6. Cookies

We use a session cookie to keep you signed in. This is a functional cookie required for the service to work. We do not use cookies for tracking or advertising.

7. Data Storage & Security

Your data is stored in a Cloudflare D1 database. Data is transmitted over HTTPS. We use HMAC-SHA256 verification for payment webhooks and OAuth 2.0 for authentication to protect against unauthorized access.

8. Data Retention

Your account and purchase data are retained for as long as your account exists. Sessions expire automatically. If you wish to have your data deleted, contact us and we will remove your account, purchase record, bookmarks, and session data.

9. Your Rights

You may request to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Delete your account and all associated data

To exercise any of these rights, contact us at the email below.

10. Chrome Extension Data

The extension metadata displayed on this site (names, descriptions, ratings, permissions, etc.) is publicly available information from the Chrome Web Store. We do not collect private data from extension developers or users of those extensions.

11. Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the service after changes constitutes acceptance of the updated policy.

12. Contact

If you have questions about this privacy policy or want to exercise your data rights, contact us at [email protected].