Last updated: May 2025
AlphaSaaS Inc. we operates the AlphaSaaS Discovery Chrome browser extension (the “Extension”). This Privacy Policy describes in detail how we collect, use, disclose, retain, and protect information when you install and use our Extension. Please read this policy carefully. If you do not agree with any part of it, you must uninstall the Extension immediately.
1. Data Controller
AlphaSaaS Inc.
- Website: https://www.alphasaas.io
- Email: info@alphasaas.io
We are responsible for deciding how and why your data is processed under applicable data protection laws.
2. Scope and Applicability
This Policy applies solely to data collected through the AlphaSaaS Discovery Chrome Extension. It does not apply to any data collected through other websites, mobile applications, or services operated by us.
By installing or using the Extension, you consent to the collection and use of information in accordance with this Policy.
3. Definitions
- “Personal Data” or “Personally Identifiable Information (PII)” means any information relating to an identifiable individual.
- “Web History” refers to the list of URLs, page titles, and timestamps for each tab event.
- “Session Data” refers to temporary buffers, queued events, and state stored in local Chrome storage.
- “Processing” means any operation performed on Personal Data, whether electronic or manual.
4. Information We Collect
4.1 Personally Identifiable Information (PII)
- Email Address
- Source: Retrieved once via the Chrome Identity API
- Purpose: To uniquely identify each user within your organization’s reports. No passwords or other credentials are collected.
- Scope: Only the primary Chrome-signed email address is fetched at installation.
4.2 Web History and Usage Data
- URL of every tab when opened, activated (focused), or closed.
- Page Title corresponding to each URL event.
- Timestamp (UTC) for each event.
This data is collected to enable your organization to understand which web-based applications and domains are being used, for how long, and by which users.
4.3 Local Storage and Session Data
-
Chrome Storage Buffers
We store events temporarily in the user’s local browser storage to:- Handle offline conditions gracefully
- Batch and retry uploads to our backend
- Maintain state for surveys and announcements
-
Session Identifiers
Unique session IDs are generated (via UUID) each time a new tab is opened to correlate events belonging to the same browsing session.
4.4 Survey & Announcement Metadata
- Survey/Announcement IDs
- Interaction timestamps (when the user opens, submits, or closes a survey/announcement)
- Survey Responses (optional answers or ratings provided by the user)
This metadata is used solely to deliver and record in-browser surveys and announcements as configured by your organization.
5. How We Use Your Information
5.1 Purpose of Collection
-
Usage Analytics & Reporting
- Generate per-user, per-domain, and per-organization usage dashboards.
- Provide CSV/PDF export capabilities for detailed audit and analysis.
-
Offline Resilience
- Ensure no session or event data is lost if the network is unavailable; automatically sync when back online.
-
Feature Notifications
- Display context-aware surveys or announcements to gather feedback and share updates.
-
Account Mapping
- Map browser activity to employee records via email, enabling personalized reporting and permissions.
5.2 Legal Basis for Processing
Where applicable (e.g., GDPR), our legal basis for processing Personal Data includes:
- Contractual necessity: Data processing is necessary to perform our Service Agreement with your organization.
- Legitimate interests: To improve and secure our services, provide analytics, and maintain reliable operation.
- Consent: Where required by law, explicit user or organizational consent has been obtained.
6. Data Retention and Deletion
- Active Subscription: We retain raw activity logs and associated identifiers for the duration of your organization’s active subscription.
- Post-Uninstallation or Deactivation:
- We delete the email-to-session mapping immediately.
- We purge all logs older than 30 days.
- Full data deletion requests can be submitted via info@alphasaas.io.
7. Data Sharing and Disclosure
7.1 Within Your Organization
Only authorized administrators and analysts within your company can access usage reports tied to your email. Access is role-based and audited.
7.2 Service Providers and Sub-Processors
We engage third-party providers (e.g., AWS, data analytics platforms) under strict Data Processing Agreements. They are permitted to process data only to the extent necessary to deliver the services.
7.3 Legal Obligations
We may disclose data if required by law, regulation, or valid legal process (e.g., court orders, subpoenas), or to protect our rights, property, or user safety.
8. Security Measures
- Encryption in Transit: All data sent to our servers uses HTTPS/TLS.
- Encryption at Rest: Sensitive data is encrypted within our databases using industry-standard AES-256.
- Access Controls: Role-based access, multi-factor authentication, and strict audit logging in our backend.
- Secure Development Practices: Regular code reviews, dependency scanning, and penetration testing.
9. Cookies and Tracking Technologies
Our Extension itself does not use browser cookies. We rely on Chrome’s Storage API for local persistence. No third-party trackers or analytics scripts are injected into web pages.
10. Your Rights and Choices
Depending on your jurisdiction, you may have rights to:
- Access: Request a copy of your Personal Data.
- Rectification: Correct inaccurate or incomplete data.
- Erasure (“Right to be forgotten”): Delete your Personal Data from our systems.
- Restriction of Processing: Limit how we use your data.
- Data Portability: Obtain a machine-readable copy of your logs.
- Object: Challenge processing based on legitimate interests.
To exercise these rights, contact us at privacy@alphasaas.io. We will respond within applicable legal timeframes.
11. Children’s Privacy
Our Extension is not directed to or intended for use by individuals under the age of 16. We do not knowingly collect or maintain data from minors.
12. Changes to This Privacy Policy
We may update this policy periodically. When we do:
- The Last updated date at the top will be revised.
- We will post the new policy here and, where appropriate, notify your organization.
- Continued use of the Extension after changes constitutes acceptance of the updated Policy.
13. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy, please contact:
AlphaSaaS Inc.
Email: info@alphasaas.io
Website: https://www.alphasaas.io
Thank you for trusting AlphaSaaS Discovery. We are committed to safeguarding your privacy and providing transparent data practices.