Um diese Add-ons zu verwenden, müssen Sie Firefox herunterladen.

Anmelden
Add-on-Symbol

Datenschutzerklärung für GetTimetracker Add-on

GetTimetracker Add-on von Wellmade, Nabil Hamid

0 von 5 Sternen
5
0
4
0
3
0
2
0
1
0
Datenschutzerklärung für GetTimetracker Add-on

GetTimetracker Add-on — Privacy Policy

Last updated: 2026-04-22

This privacy policy describes how the GetTimetracker browser add-on
(the "Extension") handles your data. The Extension is a companion to the
GetTimetracker web application at https://app.gettimetracker.app and
only works when paired with a GetTimetracker account.

Summary

  • The Extension stores an authentication token, a workspace ID, and a
    server address     in your browser's extension storage.
  • All network traffic goes only to the GetTimetracker backend at
    https://api.gettimetracker.app.
  • We do not sell your data, share it with third parties, serve ads,
    run analytics, or include third-party scripts.
  • We do not read the pages you visit, your browsing history, your
    cookies, your passwords, your clipboard, or any form data.

Data the Extension stores locally

The Extension saves the following values in your browser's extension
storage on your device:

| Value | Purpose |
| ------------------ | ------------------------------------------------------------------------- |
| Authentication token (JWT) | Minted by the GetTimetracker backend specifically for the Extension, used to authorize API calls on your behalf. |
| Workspace ID | The workspace you selected in the web app, so the Extension shows the right projects, tasks, and time logs. |
| API base URL | The address of the GetTimetracker backend the Extension contacts. |

These values never leave your device except when the Extension sends
them to the GetTimetracker backend to authenticate and synchronize your
time logs.

Data the Extension transmits

The Extension communicates only with the GetTimetracker backend at
https://api.gettimetracker.app (HTTPS and WSS). Typical requests
include: start a time log, stop a time log, list projects and tasks,
and receive real-time updates over a WebSocket. The same data you
already create and see in the web app.

The Extension does not send any data to any other server.

How the Extension obtains the token

When you click Connect with account, the Extension opens the
/extension/connect page on https://app.gettimetracker.app. That page
asks the backend to mint a token scoped to the Extension and passes it
back to the Extension through a window.postMessage handshake
(mediated by a small content script and a page bridge).

The Extension never reads your main session cookie or your
password, and it never scans pages for credentials.

Permissions the Extension requests and why

The Extension declares the minimum permissions needed for the features
above. The full list is visible in manifest.json.
  • storage — to keep the token, workspace ID, and API URL between
    browser sessions.
  • tabs — to open the /extension/connect page during the login
    handshake and to focus the correct tab when you click links from the
    popup. The Extension does not read tab titles, URLs, or contents of
    sites other than app.gettimetracker.app.
  • alarms — to tick the running-timer display in the popup and
    keep the WebSocket connection healthy while the browser is idle.
  • Host access to https://app.gettimetracker.app/* — for the
    content script that performs the connect handshake described above.
    The content script only listens for messages that originate from the
    GetTimetracker web app and does not read page content.
  • Host access to https://api.gettimetracker.app/* — so the
    Extension can call the GetTimetracker API from the popup and the
    background service worker.

On Firefox, the manifest also declares
data_collection_permissions.required = ["authenticationInfo"], which
reflects the fact that the Extension stores an authentication token as
described above. No other data collection permissions are declared or
used.

What the Extension does NOT do
  • It does not collect browsing history, page contents, URLs of pages
    you visit, search queries, form data, cookies of other sites, or the
    clipboard.
  • It does not include analytics, telemetry, crash reporting, error
    reporting to third parties, fingerprinting, or any third-party SDK,
    library, or script.
  • It does not serve advertising or build advertising profiles.
  • It does not sell or share your data with any third party.
  • It does not use remote code — all code runs from the Extension
    package you installed.

Data retention and deletion

Locally stored values live only in your browser's extension storage.
You can delete them at any time by:
  • Removing or disabling the Extension (clears all local storage), or
  • Signing out or disconnecting the Extension from within the popup, or
  • Revoking the Extension's token from the GetTimetracker web app.

Server-side, the token is revocable at any time from your account
settings in the web app. Your time-log, project, and workspace data
retention is governed by the main GetTimetracker privacy policy and
terms, available at https://gettimetracker.app.

Children

The Extension is not directed to children under 13 (or the minimum age
required by your local law) and is not intended for their use.

Security

The Extension communicates with the GetTimetracker backend only over
HTTPS and WSS. The authentication token is stored in the browser's
standard extension storage, which is isolated from regular web pages
and from other extensions.

Changes to this policy

If we change how the Extension handles data, we will update this
document and bump the Last updated date above. The policy is
distributed with each Extension release and is also available in the
public repository.

Contact

For privacy questions, please open an issue on the GetTimetracker
support page linked from https://gettimetracker.app, or email the
address listed in the store listing for the Extension.