The omanote browser extension requests the following permissions. Each is used solely for the stated purpose and for no other reason.

1. activeTab: Reads the URL and title of the current tab only when you explicitly invoke the extension (clicking the toolbar icon or using a context-menu action). The extension does not access tab content passively or in the background.
2. contextMenus: Adds a "Save to omanote" right-click option on pages and selected text. Nothing is sent until you confirm.
3. storage: Caches your encrypted authentication token and encryption state in the browser's local extension storage. This data never leaves your device except as part of the normal authentication flow.
4. scripting / tabs: Used only during the one-time sign-in flow to open the omanote authentication page and inject the minimal bridge script that completes sign-in. Not used for passive monitoring.
5. alarms: Schedules periodic token refresh in the background so your session remains active without requiring manual re-login.

The extension does not read browsing history, monitor pages you visit, capture keystrokes, or transmit any data to parties other than the omanote backend when you explicitly save content.

All content saved via the extension is encrypted with your omanote passphrase on your device before it is transmitted to the server.

learn more: http://omanote.iambishistha.com/privacy