Privacy Policy
Last updated: 31 May 2026
This Privacy Policy describes how GSC Page Lens ("the Extension"), developed and operated by Navaneeth CT ("I," "me," "my"), collects, uses, stores, and protects information when you use the Extension. By installing or using the Extension, you agree to the practices described in this policy.
The Extension is a Google Chrome browser extension that displays Google Search Console performance data as a sidebar overlay on web pages you visit. It is designed with a privacy-first architecture: the Extension has no backend server, and your Google Search Console data is never transmitted to, processed by, or stored on any server operated by me.
1. Information the Extension Accesses
The Extension accesses the following categories of information solely to provide its core functionality.
1.1 Google Search Console Data
When you activate the Extension on a web page, it fetches the following data for that page from Google's Search Console API:
- Page-level performance metrics: clicks, impressions, click-through rate (CTR), and average search position
- Top search queries driving traffic to the page
- Indexing status of the page (whether Google has indexed it)
This data is fetched directly from Google's servers using your authenticated Google account. It is cached locally in your browser for performance and is never sent to me or any third party.
1.2 Page URL
The Extension reads the URL of the page you are currently viewing in order to query Google's Search Console API for data specific to that page. This URL is sent only to Google's API as part of the data request. It is not collected, logged, or transmitted to me or any third party.
1.3 Google Search Console Property List
The Extension retrieves a list of web properties (domains and URL prefixes) associated with your Google Search Console account. This list is used to determine whether the current page belongs to a property you have verified in Search Console. It is cached locally in your browser.
2. Information the Extension Does Not Collect
The Extension does not collect, record, or transmit any of the following:
- Personally identifiable information (such as your name, email address, or Google account details)
- Browsing history or a record of the URLs you visit
- Analytics, telemetry, or usage tracking data
- Cookies or tracking identifiers
- The content of web pages you visit
There is no analytics SDK, no tracking pixel, and no server-side logging in the Extension.
3. Google Account Authentication
The Extension uses Google OAuth 2.0 via Chrome's built-in chrome.identity API to authenticate your Google account. This authentication is managed entirely by Chrome and Google; the Extension never sees, stores, or has access to your Google password.
The Extension requests the following OAuth scopes:
| OAuth Scope | Purpose |
|---|---|
webmasters.readonly |
Read-only access to Search Console performance data (clicks, impressions, CTR, position, and queries). |
webmasters |
Required by Google's URL Inspection API to retrieve indexing status, even for read-only inspection requests. The Extension never writes to, modifies, or deletes any data in your Search Console account. |
You may revoke the Extension's access to your Google account at any time by visiting your Google Account Permissions page and removing GSC Page Lens from the list of authorized applications.
4. Google API Services User Data Policy
GSC Page Lens's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
Specifically:
- The Extension uses Google user data only to provide and improve the user-facing features described in this policy (displaying Search Console performance data as a sidebar overlay).
- The Extension does not transfer Google user data to any third party, except as necessary to provide the Extension's core functionality, to comply with applicable law, or with the user's explicit affirmative consent.
- The Extension does not use or transfer Google user data to serve advertising, including retargeting, personalized, or interest-based advertising.
- No human reads Google user data obtained through the Extension, unless: (a) the user has given explicit affirmative consent to view specific data; (b) it is necessary for security purposes (such as investigating a security incident); or (c) it is necessary to comply with applicable law.
5. Data Storage
All data stored by the Extension is kept locally in your browser using Chrome's built-in extension storage APIs. No data is stored on any external server.
| Storage Mechanism | Contents | Synced Across Devices |
|---|---|---|
chrome.storage.sync |
License key, trial start timestamp, sidebar width preference | Yes (synced by Chrome across your signed-in browsers) |
chrome.storage.local |
Cached API responses (performance trends, queries, indexing status), property list | No (stored on the current device only) |
Cached data is subject to a time-to-live (TTL) policy and is automatically refreshed when it expires. You can clear all data stored by the Extension at any time by removing the Extension from Chrome.
6. Data Security
All communication between the Extension and Google's APIs occurs over HTTPS, ensuring that data is encrypted in transit. Data stored locally in your browser is protected by Chrome's built-in extension storage security model, which isolates extension data from other extensions and web pages.
7. Third-Party Services
The Extension interacts with the following third-party services:
| Service | Purpose | Data Shared |
|---|---|---|
| Google Search Console API | Fetch performance metrics, query data, and indexing status for the current page. | The URL of the current page and your OAuth token (managed by Chrome). Governed by Google's Privacy Policy. |
| Chrome Identity API | Authenticate your Google account via OAuth 2.0. | Managed entirely by Chrome/Google. The Extension does not access or store your credentials. |
| Dodo Payments | Process license purchases and validate license keys. | Only the license key string is sent for validation. No Search Console data, browsing data, or personal information is included. Governed by Dodo Payments' Privacy Policy. |
No other third-party services, SDKs, or analytics tools are used by the Extension.
8. Chrome Extension Permissions
The Extension requests the minimum set of Chrome permissions necessary to provide its functionality:
| Permission | Why It Is Needed |
|---|---|
activeTab |
To read the URL of the page you are viewing when you activate the Extension, so it can query Search Console for that page's data. |
identity |
To authenticate your Google account via Chrome's built-in OAuth flow. |
storage |
To cache API responses locally and persist user preferences (such as sidebar width). |
alarms |
To schedule periodic license revalidation checks. |
9. Data Retention and Deletion
- Uninstalling the Extension automatically deletes locally cached data stored in
chrome.storage.local(API responses, property list). Data inchrome.storage.sync(license key, trial timestamp, sidebar width) may persist in your Google account after uninstall. To remove it, you can reinstall the Extension and clear the data before uninstalling again, or use Chrome's developer tools. - Cached API responses are automatically refreshed when they exceed their TTL. They are not retained indefinitely.
- Revoking Google account access through your Google Account Permissions page will revoke the Extension's OAuth token, preventing it from making further API requests on your behalf.
Because the Extension stores no data on any server, there is no server-side data to delete. All data is under your direct control within your browser.
10. Children's Privacy
The Extension is not directed at children under the age of 13 (or the applicable age of digital consent in your jurisdiction). I do not knowingly collect personal information from children. If you believe a child has provided information through the Extension, please contact me at the address below.
11. Your Rights
Because the Extension does not collect or store personal data on any server, your data rights are inherently satisfied through local control. You can exercise the following at any time without needing to submit a request:
- Access: You can inspect all data stored by the Extension using Chrome's developer tools (Extensions > GSC Page Lens > Inspect views).
- Deletion: You can delete all locally stored data by uninstalling the Extension. See Section 9 for details on sync storage.
- Revocation: You can revoke the Extension's access to your Google account at any time through your Google Account Permissions page.
If you have additional questions or concerns about your data, please contact me using the information below.
12. Changes to This Policy
I may update this Privacy Policy from time to time to reflect changes in the Extension's functionality, legal requirements, or best practices. If material changes are made, I will update the "Last updated" date at the top of this page. Your continued use of the Extension after any changes to this policy constitutes your acceptance of the updated policy.
13. Governing Law
This Privacy Policy is governed by and construed in accordance with the laws of India. Any disputes arising from or in connection with this policy shall be subject to the exclusive jurisdiction of the courts located in India.
14. Contact
If you have questions, concerns, or requests regarding this Privacy Policy or the Extension's data practices, you can contact me at:
Navaneeth CT
Email: hello@navaneethct.com