This Privacy Policy explains how the Knei browser extension collects, uses, and protects your information. Your privacy is important to us, and we are committed to being transparent about our data practices.

1. Data We Collect

The Knei extension is designed to help you build relationships with people you engage on social media platforms. To do this, it collects the following types of information:

• Scraped Social Media Impressions: When you are open a supported social media website (currently Instagram and LinkedIn), the extension's content script identifies and collects usernames from som of your interactions. This includes usernames of people whose profiles you view and those who you open chat with. This data is collected in real time as you browse.
• Authentication Data: To connect your activity to your Knei account, the extension stores a unique authentication token provided by the Knei backend after you log in. This token is used to securely send your data.
• Extension Usage Data: The extension stores data locally in your browser to manage its functionality, such as a session ID, a count of impressions, and the number of distinct browsing sessions for each social media platform. This data is used to implement a sending threshold and is not transmitted to our servers.

2. How We Use the Data

The data we collect is used exclusively for the following purposes:

• Analysis and Insights: The primary purpose is to send your scraped impressions to the Knei application. There, the data is used to provide you with insights and analytics on your social media interactions.
• Extension Functionality: The locally stored data is used to ensure the extension operates correctly. This includes tracking your login state, displaying your current impression count, and ensuring that impression data is only sent after a certain usage threshold is met.

3. Data Storage and Security

• Local Storage: The extension uses Chrome's local storage to save your authentication token, login status, and temporary usage data. This data is stored securely in your browser and is not accessible by other websites or extensions.
• API Transmission: Scraped impression data is sent from your browser to our secure backend API using your authentication token. All communication is encrypted using standard security protocols (HTTPS).
• Third-Party Services: We use a third-party service (Bubble) to host our backend API. By using this extension, you acknowledge that your data will be processed on their platform. We have configured the API to handle your data securely.

4. Permissions We Require

Our extension requests a minimal set of permissions required to perform its functions.

• storage: This allows the extension to save and retrieve your login status, authentication token, and impression session data locally in your browser.
• scripting & host_permissions: These permissions are necessary to inject our scraping script into the instagram.com and linkedin.com websites and to make secure API calls to our backend.
• alarms: This is used to schedule a recurring task for rescanning pages, which is essential for capturing new content on single-page applications like Instagram and LinkedIn.

5. Your Choices and Rights