PagePulse Privacy Policy

Effective date: April 28, 2026 · Last updated: April 28, 2026 (v1.3 — adds opt-in features)

Local-first by default. Three opt-in features (Sync, AI summaries, Webhooks) explicitly transmit data — described below.

1. What We Collect

PagePulse stores the following data locally on your device only using Chrome's built-in storage API (chrome.storage.local):

Monitor configurations: The URLs and element selectors you choose to monitor, along with your preferences (check interval, keywords, ignore patterns).
Text snapshots: The text content of monitored elements, stored locally for change comparison.
Change history: Records of detected changes (old and new text values with timestamps), retained for 30 days and then automatically deleted.
User preferences: Your settings such as theme choice (dark/light), notification sound preference, and diff view mode.

2. What We Do NOT Collect

PagePulse does not collect, transmit, or store:

Personal information (name, email, address, phone number)
Browsing history or browsing activity
Cookies or authentication tokens
Analytics, telemetry, or usage tracking data
Financial or payment information
Location data
Any data to external servers, APIs, or cloud services operated by PagePulse

PagePulse has no server component of its own. All baseline functionality runs entirely within your browser. The optional features described in section 5 (AI summaries, Webhooks, cross-device Sync) connect your browser directly to destinations you explicitly configure — PagePulse never proxies, intercepts, or stores those communications.

3. Permissions Explained

PagePulse requests the following Chrome permissions, each for a specific and necessary purpose:

Permission	Why We Need It
alarms	Schedule periodic webpage checks at the intervals you configure (5 minutes to 24 hours).
storage	Store your monitor configurations, change history, and settings locally on your device.
notifications	Send you Chrome desktop notifications when a monitored element changes.
activeTab	Access the current tab to let you select an element to monitor. Only activates when you click the PagePulse icon.
scripting	Inject the element selection interface into the current page when you create a new monitor.
offscreen	Parse fetched webpage HTML to extract monitored element content. Required because Chrome service workers do not have DOM access.
Host access (optional, per-site)	Fetch the specific webpages you choose to monitor. This permission is requested per domain only when you create a monitor, never in bulk. You can revoke access at any time.

PagePulse follows the principle of least privilege. We do not request broad host permissions at install time. Host access is optional and granted per-site at your explicit request.

4. How Your Data Is Stored

Default location: All data is stored in chrome.storage.local, which resides on your device only.
Encryption: Data is protected by Chrome's built-in storage security and your operating system's user-level access controls.
Retention: Change history is automatically pruned after 30 days. Monitor configurations persist until you delete them. All data is removed when you uninstall the extension.
Optional cross-device sync: If you turn on the Sync toggle in the dashboard header, monitor configurations (URL, selector, label, intervals, render mode, keywords, ignore patterns, webhook URL, notification mode, active state) are written to chrome.storage.sync. This API is provided by Google Chrome and replicates encrypted data across devices signed in to your Chrome profile via Google’s sync infrastructure. Page baselines, change history, AI keys, AI prompts, and AI usage NEVER sync — they remain in chrome.storage.local. Sync is off by default.

5. Optional Outbound Features (Opt-In)

Three features in PagePulse, all off by default and individually opt-in, transmit data to destinations you choose. PagePulse never operates a server; these features connect your browser directly to third parties of your choosing.

5.1 AI summaries (off by default)

If you enable AI summaries in the dashboard and provide your own API key, PagePulse calls the LLM provider you select — Anthropic, NVIDIA, OpenAI, Groq, OpenRouter, a local Ollama instance, or any custom OpenAI-compatible endpoint. The HTTP request goes from your browser directly to that endpoint with your key in the auth header. The request body contains:

The monitor label you assigned (e.g. "Job postings").
The detected change — both the old and new text from the monitored element (truncated to 800 characters each).
An instruction string — the built-in default unless you set a global or per-monitor override in settings.

The LLM provider receives this content and may store, log, or use it according to their terms of service. You agree to those terms when you provide them with your API key. PagePulse never sees the request, the response, or your key. The user’s key is stored in chrome.storage.local only and is explicitly excluded from chrome.storage.sync.

Network requests fire only when you click "Generate AI Summary" — never automatically.

5.2 Webhook actions (off by default, per-monitor)

If you fill the Webhook field on any monitor, PagePulse fires an HTTP POST to that URL whenever the monitor detects a change. The request body is JSON containing the monitor id, label, URL, the change’s old and new text, and the timestamp. Typical destinations are Slack incoming webhooks, Discord webhooks, Zapier catch-hooks, IFTTT, n8n, or your own server. Whatever service you point the webhook at receives the data under their privacy policy — not ours.

5.3 Browser-render mode (configurable per monitor)

For Single-Page Application (SPA) sites or pages that require a JavaScript runtime, PagePulse renders the page in a hidden offscreen iframe (Chrome 116+) or, as a fallback, a tiny off-screen popup window. The user’s normal browsing cookies for the target site may be used during this render — this is required to monitor pages that need authentication. No data leaves the browser as a result of rendering.

6. Data Sharing

PagePulse, as a publisher, does not share, sell, rent, or transfer your data. We do not collect any data — we have nothing to share. The opt-in features above transmit data to destinations you select; whatever you transmit is governed by your relationship with that destination, not with PagePulse.

7. Children's Privacy

PagePulse is not directed at children under the age of 13. We do not knowingly collect personal information from children. Since no personal information is collected from any user, this policy applies equally to all ages.

8. Your Rights (GDPR / CCPA)

For EU/EEA residents (GDPR):

Since all data is stored locally on your device and we have no access to it, you have full control over your data at all times. You can view, modify, export, or delete all your data directly within the extension's dashboard. Uninstalling the extension removes all data.

For California residents (CCPA):

We do not sell personal information. We do not collect personal information. You have the right to know what data is collected (none by us), request deletion (uninstall the extension), and opt out of sale (nothing is sold).

9. Chrome Web Store Compliance

PagePulse complies with the Chrome Web Store Developer Program Policies, including:

Single purpose: PagePulse has one purpose — monitoring webpage elements for text changes.
Minimal permissions: Only permissions necessary for core functionality are requested.
No remote code: All code is bundled locally within the extension. No code is loaded from external sources.
Accurate description: The Chrome Web Store listing accurately describes what the extension does and its limitations.

10. Changes to This Policy

We may update this privacy policy to reflect changes in the extension's functionality. Changes will be posted on this page with an updated effective date.

11. Contact

If you have questions about this privacy policy or PagePulse:

Developer: Kelvin Nyadzayo
Email: kelvin.nyadzayo16@gmail.com
GitHub: github.com/Nyadzayo/page-pulse