Privacy & Data Use Policy for CardBook

Last updated: 2025-08-11

1. Introduction

CardBook (“the Add-on”) is developed and maintained by Anaïs Vigneau (“we”, “us”, or “our”).
This Policy describes what information is collected when you use the Add-on, how it is used, and your rights regarding that information.

This policy applies to the CardBook add-on distributed via addons.thunderbird.net and any related websites or services we operate.



2. What data we collect

CardBook is designed to manage your address books locally in Thunderbird. The add-on does not transmit your address book contents to us or any third party.

We may collect or process the following data:

• Locally stored address book data: Stored entirely on your device or in the remote service you connect to (e.g., CardDAV server, Nextcloud). We do not have access to this data.
• Configuration and settings: Stored locally in your Thunderbird profile.
• Connection details for external address book services: These may include server URLs, usernames, and authentication tokens — stored locally and, if necessary, sent only to the configured server to provide the requested functionality.
• Optional diagnostic data: If you enable debug logging and send us a log file, it may contain technical information such as server responses, Thunderbird version, and error messages.

We do not collect:

• Browsing history
• Personal email content
• Your address book data, unless you explicitly send us diagnostic logs for troubleshooting

3. Why we collect data

• To provide address book management features and synchronize with your chosen CardDAV or local data sources.
• To troubleshoot technical issues (only when you provide logs).
• To improve the Add-on (based on anonymized feedback or support requests).

4. How we share data

We do not sell or share your personal data.
Data may only be shared:

• If you explicitly send us diagnostic logs containing relevant details for support.
• When required by law (e.g., to comply with a valid legal process).

5. Data storage and retention

• All operational data (contacts, configuration, authentication) is stored locally on your computer or on the remote server you configure.
• We do not store your data on our servers.
• Any diagnostic logs you send for support are retained only for the time needed to resolve the issue, then permanently deleted.

6. Security

• Communication with remote CardDAV servers uses HTTPS/TLS encryption where supported.
• Authentication tokens or credentials are stored encrypted with a master password.
• We encourage you to connect only to trusted servers.

7. Your choices and controls

• You can remove the add-on at any time via Chrome Add-ons Manager.
• You are in full control of your address book storage and remote connections.

8. Children

The Add-on is not intended for use by children under 13 years old, and we do not knowingly collect personal information from children.



9. Changes to this Policy

We may update this Policy to reflect changes in features, security practices, or legal requirements.
We will update the “Last updated” date above when changes are made.



10. Contact

If you have questions, concerns, or requests regarding this Policy, contact:
cardbook.thunderbird@gmail.com