Thank you for using Leafovers (“the Extension”, “we”, “our”, or “us”).
This Privacy Policy explains how we collect, use, and protect your information when you use the Leafovers Chrome Extension and related services available at leafovers.com.
1. Information We Collect
We collect only the minimum data necessary to provide core functionality of the Extension:
User Content: Sticky notes you create on webpages.
Account Information: Your Google account user ID and email address when you sign in.
Authentication Data: Secure authentication tokens provided by Google OAuth.
Subscription Information: Limited billing-related data handled by third-party payment providers (we do not store full payment details).
We do not collect browsing history, personally sensitive browsing data, or unrelated webpage content.
2. How We Use Information
We use collected data strictly to:
Provide core functionality (creating and displaying notes)
Authenticate users via Google sign-in
Create and manage user accounts
Sync notes securely across devices
Store and retrieve notes from our backend
Provide customer support
Improve the Extension’s performance and reliability
We do not sell, rent, or use your data for advertising or profiling.
3. Data Storage and Security
Notes are stored locally on your device and/or securely on our servers when sync is enabled
User account data (user ID and email) is stored securely
All data is transmitted over encrypted connections (HTTPS)
We implement appropriate technical and organizational measures to protect your data.
4. Chrome Extension Permissions
Leafovers only requests permissions necessary for its functionality, such as displaying and saving notes on webpages.
We do not use permissions to collect or track browsing activity beyond what is required to attach notes to specific pages.
5. Data Sharing
We do not share your personal data with third parties, except:
With Google for authentication (OAuth)
With payment providers for subscription processing
When required by law or legal obligation
6. Data Retention
We retain your data only as long as necessary to provide the service:
Your notes and account data are stored until you delete them
When you delete your account, all associated data is permanently removed
7. Your Rights (GDPR)
If you are located in the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation (GDPR):
Right to access your personal data
Right to correct inaccurate data
Right to delete your data (“right to be forgotten”)
We process your data under the following legal bases:
Contractual necessity: To provide the core functionality of the Extension
Legitimate interests: To improve and maintain the service
Consent: When you choose to sign in and enable syncing
9. International Data Transfers
Your data may be processed on servers located outside your country. We ensure appropriate safeguards are in place to protect your data in accordance with GDPR.
10. Third-Party Services
We use:
Google OAuth for authentication
Trusted payment providers for subscriptions
These services are governed by their own privacy policies.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised “Last updated” date.