VidlyGen Chrome Extension Privacy Policy
🔒 Data Collection Notice: This extension accesses webpage content to extract article text for video generation. We also collect your Google profile information for authentication. Your data is used only for video generation services as described in this privacy policy.
📋 Chrome Web Store Limited Use Disclosure
This extension collects and uses web browsing activity solely to extract article content for the user-facing video generation feature as described in the Chrome Web Store listing. No browsing data is used for advertising, sold to third parties, or used for any purpose unrelated to the core video generation functionality.
The VidlyGen Chrome Extension collects the following types of information to provide video generation services:
📧 Google Account Information (via OAuth)
- Email address: Used for user authentication and account management
- Profile information: Name and profile picture for account identification
- Google User ID: Unique identifier for account linking
📄 Webpage Content
- Article text: Extracted from webpages you visit to generate video scripts
- Page URLs: To identify the source of extracted content
- Page metadata: Title, description, and basic page information
🔐 Authentication Data
- JWT tokens: Stored locally for authenticated API access
- Refresh tokens: For automatic session renewal
- Session data: Temporary session management information
📊 Usage Analytics
- Video generation counts: To track subscription usage limits
- Processing times: For service optimization
- Feature usage: To understand user preferences
- Error logs: For technical support and debugging
💳 Payment Information
- Subscription status: Current plan and billing status
- Transaction IDs: For payment verification (processed by third parties)
- Usage quotas: To enforce subscription limits
2. How We Use Browser Permissions
Our extension requests specific browser permissions to provide its functionality. Here's exactly how each permission is used:
🌐 "activeTab" Permission
Purpose: Read content from the currently active webpage for article analysis
Usage: Only when you actively click the extension button to extract article content
Data Access: Text content, page title, and URL of the active tab only
Justification: Essential for extracting article content to generate video scripts
💾 "storage" Permission
Purpose: Store authentication tokens, user preferences, and usage analytics locally
Usage: Saves login state, user settings, and temporary processing data
Data Stored: JWT tokens, refresh tokens, user preferences, usage counts
Justification: Required to maintain login state and track subscription usage
👤 "identity" + "identity.email" Permissions
Purpose: Google OAuth authentication for user login and account management
Usage: Authenticate users and link accounts with VidlyGen backend
Data Access: Google email, profile name, and user ID only
Justification: Essential for user authentication and subscription management
⏰ "alarms" Permission
Purpose: Background token refresh and periodic cleanup tasks
Usage: Automatically refresh expired authentication tokens
Data Access: No additional data access - manages existing tokens only
Justification: Maintains seamless user experience by preventing login expiration
📝 "scripting" Permission
Purpose: Inject content scripts to extract article content from webpages
Usage: Only activated when user clicks extension button on article pages
Data Access: Text content and structure of the current webpage
Justification: Required to intelligently extract article content from various website formats
🔗 "tabs" Permission
Purpose: Create new tabs for payment processing and manage tab navigation
Usage: Opens payment processing pages and manages extension workflow
Data Access: Basic tab information (URL, title) for navigation purposes only
Justification: Essential for payment flow and seamless user experience
🌍 Host Permissions
vidlygen.com: Backend API communication for video generation services
checkout.razorpay.com: Payment processing for subscription management
<all_urls> Content Scripts: Extract article content from any website the user visits
Justification: All-URLs access is necessary because users may want to convert articles from any website into videos
3. Google OAuth Integration
🔐 Google API Services User Data Policy Compliance
Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
OAuth Client ID: 956795057229-qvdb6hac0tokr48dg9vmjr4kvnqe3okp.apps.googleusercontent.com
Requested Scopes:
openid - Basic authentication verificationemail - Access to email address for account identificationprofile - Access to basic profile information (name, picture)
Google Data Usage:
- Email addresses are used solely for user authentication and account management
- Profile information is displayed in the user interface for account identification
- Google user IDs are used to link accounts between the extension and backend service
- No Google data is used for advertising, analytics, or any purpose outside core functionality
- Google data is not sold, shared, or disclosed to third parties except as required for service operation
Data Retention for Google Information:
- Google authentication tokens are stored locally and refreshed automatically
- Profile information is retained for the duration of your account
- You can revoke access at any time through your Google Account settings
- Account deletion removes all associated Google data from our systems
4. How We Use Your Data
We use the collected information for the following specific purposes:
🎬 Video Generation Services
- Extract and analyze article content to create engaging video scripts
- Generate AI-powered voiceovers and visual content
- Assemble final video content with audio, images, and effects
- Provide real-time progress updates during video processing
👤 User Account Management
- Authenticate users and maintain secure login sessions
- Manage subscription plans and usage quotas
- Process payments and billing for premium features
- Provide customer support and technical assistance
📈 Service Improvement
- Analyze usage patterns to improve video generation quality
- Monitor system performance and optimize processing times
- Debug technical issues and prevent service disruptions
- Develop new features based on user needs
🔒 Security and Compliance
- Detect and prevent fraudulent usage
- Enforce rate limiting and subscription quotas
- Maintain audit logs for security purposes
- Comply with legal and regulatory requirements
5. Third-Party Services
Our extension integrates with the following third-party services to provide functionality:
🌐 Google OAuth API
Purpose: User authentication and account management
Data Shared: Email address, profile information, user ID
Privacy Policy: Google Privacy Policy
🎤 AI Voice Generation Services
Purpose: Convert article text to high-quality audio narration
Data Shared: Article text content only (no personal information)
Usage: Text-to-speech conversion for video generation
🖼️ AI Image Generation APIs
Purpose: Create visual content and scene illustrations for videos
Data Shared: Image generation prompts derived from article content
Usage: Visual content creation for video scenes
💳 Razorpay Payment Gateway
Purpose: Process subscription payments and manage billing
Data Shared: Payment amounts, transaction IDs, subscription status
Privacy Policy: Razorpay Privacy Policy
💰 PayPal Payment Services
Purpose: International payment processing for global users
Data Shared: Payment information as required for transaction processing
Privacy Policy: PayPal Privacy Policy
🔧 VidlyGen Backend Services
Purpose: Video processing, content generation, and account management
Data Shared: All data collected by the extension for service provision
Location: Hosted on secure VPS infrastructure
6. Data Storage and Security
🔐 Local Storage (Chrome Extension)
- Authentication tokens: Stored using Chrome's secure storage API
- User preferences: Extension settings and configuration
- Temporary data: Processing status and cached information
- Security: Data is encrypted and accessible only to the extension
🏢 Backend Storage (VidlyGen Servers)
- User profiles: Account information and subscription data
- Usage analytics: Aggregated usage statistics and performance metrics
- Generated content: Temporary storage of video files and assets
- Security measures:
- Industry-standard AES encryption for sensitive data
- HTTPS/WSS encrypted transmission for all communications
- Secure token handling with automatic expiration
- Regular security audits and penetration testing
- Access controls and audit logging
🌐 Data Transmission Security
- All data transmission uses HTTPS encryption (TLS 1.3)
- WebSocket connections use secure WSS protocol
- API endpoints implement strict authentication and authorization
- Rate limiting and DDoS protection on all endpoints
7. Data Retention
📅 Retention Periods
- User account data: Retained until account deletion is requested
- Usage analytics: Retained for 2 years for service improvement
- Generated videos: Temporary storage for 30 days, then automatically deleted
- Authentication tokens: Valid for 24 hours, automatically refreshed
- Error logs: Retained for 90 days for debugging purposes
- Payment records: Retained for 7 years as required by financial regulations
🗑️ Data Deletion
- Users can request complete account deletion at any time
- Deletion requests are processed within 30 days
- Backup systems are purged within 90 days of deletion
- Legal requirements may require retention of certain financial records
8. Your Rights and Controls
🎛️ Data Control Options
✅ Access Your Data
- View your account information and subscription status in the extension dashboard
- Request a complete data export by contacting support
- Access usage analytics and video generation history
✏️ Modify Your Data
- Update account preferences through the extension interface
- Modify Google account information through your Google Account settings
- Change subscription plans and payment methods
🗑️ Delete Your Data
- Request complete account deletion through support
- Revoke Google OAuth access through your Google Account settings
- Uninstall the extension to remove all local data
⚙️ Control Data Collection
- Choose which articles to process for video generation
- Opt out of usage analytics collection (contact support)
- Manage subscription and billing preferences
📞 Exercise Your Rights
To exercise any of these rights, contact us at: support@vidlygen.com
We will respond to your request within 30 days and provide verification of identity if required.
9. Legal Compliance
🌍 International Compliance
- GDPR (General Data Protection Regulation): Full compliance for EU users
- CCPA (California Consumer Privacy Act): Compliance for California residents
- Chrome Web Store Policies: Adherence to all developer program policies
- Google API Services User Data Policy: Compliance with OAuth and API usage terms
⚖️ Legal Basis for Processing
- Contractual necessity: Processing required to provide video generation services
- Legitimate interests: Service improvement and security measures
- Consent: Optional analytics and marketing communications
- Legal obligation: Financial record keeping and fraud prevention
10. Children's Privacy
Our extension is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take immediate steps to delete such information from our systems.
Parents and guardians can contact us if they believe their child has provided personal information through our extension.
11. Changes to This Privacy Policy
We may update this privacy policy periodically to reflect changes in our practices or legal requirements. When we make changes:
- We will update the "Last updated" date at the bottom of this policy
- For material changes, we will provide notice through the extension interface
- Users will be prompted to review updated policies before continued use
- We encourage periodic review of this policy for any changes
Continued use of the extension after policy updates constitutes acceptance of the new terms.
Effective Date: August 17, 2025
Last Updated: August 17, 2025
Version: 2.0 (Chrome Web Store Compliance)