https://ishan.info/privacy-policy

Last Updated: January 2025
Introduction

Nerdling ("we," "our," or "us") respects your privacy. This Privacy Policy explains how we collect, use, and protect information when you use the Nerdling Chrome extension.
Information We Collect
1. Selected Text and Page Context

When you explicitly activate Nerdling by right-clicking on selected text or using the keyboard shortcut (Ctrl+Shift+E / Cmd+Shift+E), we collect:

Selected text: The text you have chosen on a webpage
Surrounding context: Approximately 500 characters of text before and after your selection to provide contextually relevant explanations


This information is collected only when you explicitly invoke the extension. We do not automatically collect or monitor any content from web pages.
2. IP Address and User Agent

When you request an explanation, our API server automatically receives:

IP address: Collected via HTTP request headers for rate limiting purposes
User Agent: Browser information used to create an anonymous hash for rate limiting


These are standard HTTP headers automatically transmitted with all web requests. We use this information solely for rate limiting (50 requests per day per user) and do not use it for tracking or identification purposes.
3. User Preferences (Stored Locally Only)

Nerdling stores the following preferences locally in your browser using Chrome's storage API:

Dialogue box position preference (top, bottom, left, right, or center)
Theme preference (light or dark mode)
Default explanation mode preference
Whether to show mode selection each time
Onboarding completion status


This information is stored only on your device and is never transmitted to our servers.
How We Use Your Information

We use the collected information solely for the following purposes:

Providing Explanations: Selected text and context are sent to our API to generate AI-powered explanations, definitions, analogies, and examples based on your chosen mode.
Rate Limiting: IP address and user agent information are used to enforce usage limits (50 requests per day) to ensure fair usage and service availability.
Service Improvement: We may analyze usage patterns in aggregate, anonymized form to improve our service. Individual user data is not analyzed or used for this purpose.


Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties.

We share information only in the following limited circumstances:

With our service providers: We use Cloudflare Workers to host our API and Cloudflare KV for rate limiting. These services process your data on our behalf under strict contractual obligations.
AI service provider: We use OpenAI's API to generate explanations. Your selected text and context are sent to OpenAI to generate responses. Please review OpenAI's Privacy Policy for information about how they handle data.


We do not share information with:

Advertising networks
Data brokers
Analytics services (beyond standard server logs)
Any third parties for marketing purposes


Data Security

We take data security seriously:

Encryption in Transit: All data transmitted between the extension and our servers is encrypted using HTTPS/TLS encryption.
Encryption at Rest: Rate limiting data stored in Cloudflare KV is encrypted.
Minimal Data Collection: We collect only the data necessary to provide the service.
No Persistent Tracking: We do not create persistent user profiles or track users across sessions.


Data Retention

Selected text and context: Transmitted to our API for immediate processing. We do not store the text content after generating the explanation response.
Rate limiting data: Stored in Cloudflare KV for approximately 24 hours, after which it automatically expires and is deleted.
User preferences: Stored locally in your browser using Chrome's sync storage. You can delete this data at any time by uninstalling the extension or clearing Chrome's storage.


Your Rights and Choices

You have control over your data:

Stop Using the Extension: Simply uninstall the extension to stop all data collection.
Clear Local Data: You can clear stored preferences by uninstalling the extension or using Chrome's storage management tools.
Rate Limit: The 50 requests per day limit applies per user (identified by IP address and user agent). This limit resets daily at midnight UTC.


Information We Do NOT Collect

We do not collect:

Your browsing history or a list of websites you visit
Personal information such as your name, email address, or contact details
Payment or financial information
Authentication credentials or passwords
Health information
Personal communications (emails, messages, etc.)
Information about other browser extensions or applications
Keystrokes or mouse movements beyond text selection
Any data automatically without your explicit action


Children's Privacy

Nerdling is not intended for children under 13 years of age. We do not knowingly collect information from children under 13.
Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

Updating the "Last Updated" date at the top of this policy
Publishing the updated policy on our website
Notifying users through the Chrome Web Store listing if changes are material


Your continued use of Nerdling after changes become effective constitutes acceptance of the updated Privacy Policy.
Compliance with Chrome Web Store Policies

This Privacy Policy complies with the Chrome Web Store User Data Policy requirements:

We collect only the minimum data necessary for our core functionality
All data transmission is encrypted using HTTPS
We use collected data only for user-facing features (generating explanations)
We do not use data for advertising, retargeting, or monetization
We do not allow human review of user data except as necessary for security or legal compliance


Chrome Web Store Permission Justifications

Nerdling requires the following Chrome extension permissions to function. Below is a detailed explanation of why each permission is necessary:
1. contextMenus

Justification:

Nerdling adds a "Nerdling" option to the browser's right-click context menu when users select text. This is the primary way users access the extension's core functionality - selecting text and getting instant definitions and explanations. The context menu integration allows users to seamlessly activate Nerdling without leaving their current page or interrupting their reading flow.

Code Reference: background.js lines 2-7 - Creates context menu item for text selections.
2. scripting

Justification:

The extension needs to inject content scripts (content.js) and styles (styles.css) into web pages dynamically when the user activates the extension. This is essential for the core user experience - showing definitions and explanations in an overlay without navigating away. The scripting permission is used in combination with activeTab to inject scripts and capture selected text and page context when users activate the extension via right-click or keyboard shortcut. This approach is more secure than using broad host permissions, as scripts are only injected when explicitly requested by the user.

Code Reference: background.js - Dynamically injects scripts and CSS when user activates extension via context menu or keyboard shortcut.
3. activeTab

Justification:

The activeTab permission provides temporary access to the currently active tab only when the user explicitly invokes the extension. This is used for both:

Right-click context menu: When users right-click on selected text and choose "Nerdling"
Keyboard shortcut: When users press Ctrl+Shift+E (Windows) or Cmd+Shift+E (Mac)


The activeTab permission is more secure than broad host permissions because it only grants access when the user takes an explicit action, and the access is temporary. This allows Nerdling to work on any webpage while maintaining user privacy and security. The extension uses activeTab in combination with the scripting permission to inject content scripts and read selected text.

Code Reference: background.js - Context menu and keyboard command handlers that access the active tab to read selections and inject scripts.
4. storage

Justification:

Nerdling stores user preferences to personalize the experience across browsing sessions. This includes: dialogue box position (top, bottom, left, right, center), theme preference (light/dark mode), default explanation mode, and whether to show mode selection each time. Without storage, users would need to reconfigure these settings every time they use the extension, significantly degrading the user experience.

Code Reference: content.js lines 349-502 - Multiple storage operations to save and load user preferences for position, theme, default mode, and onboarding status.
Summary

All four permissions are essential for Nerdling's core functionality:

contextMenus: Right-click menu integration
scripting: Inject dialogue box UI and capture selections (used with activeTab)
activeTab: Provides secure, temporary access to the active tab when user explicitly invokes the extension (via right-click or keyboard shortcut)
storage: Save user preferences


The extension uses the activeTab permission instead of broad host permissions (<all_urls>), which is more secure and privacy-friendly. The activeTab permission provides temporary access to the currently active tab only when the user explicitly invokes the extension (right-click or keyboard shortcut), ensuring the extension works on any webpage while maintaining user privacy and security.

The extension follows privacy best practices by only accessing content when explicitly invoked by the user and not collecting browsing history or personal data.
Limited Use Disclosure

Nerdling's use of information received from Google APIs (if applicable) will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: ishan.apte01@gmail.com


Note: This privacy policy is specific to the Nerdling Chrome extension. Your use of other services or websites may be subject to different privacy policies.
Back to Home