Privacy Policy

1. Who We Are

Scholar Scope ("we", "us", or "our") is an independent Chrome extension developed and maintained by an individual developer. The extension is distributed through the Chrome Web Store under the name Scholar Scope – Research & PDF Finder.

Our website is located at scholarscope1.netlify.app. This Privacy Policy applies to the Scholar Scope Chrome extension, the Scholar Scope website, and any related services.

2. Data We Collect

We collect only the minimum data required to operate the extension. Here is a complete list of everything we collect:

Data Type	What It Is	Where Stored	Required?
Email address	Provided when you create an account or sign in with Google	Firebase Authentication & Firestore	Only if you sign in
User ID (UID)	An anonymous unique identifier created by Firebase when you sign up	Firebase Authentication & Firestore	Only if you sign in
Custom site bundles	Website URLs and names you save as research bundles	Chrome local storage on your device	Optional
Research history	Queries you have searched through the extension	Chrome local storage on your device	Optional, clearable
Supporter status	Whether your account has the Supporter badge (true/false)	Firebase Firestore & Auth custom claims	Only if you donate
Donation email	Email you voluntarily submit on the donation page to claim a badge	Firebase Firestore (donationClaims)	Optional

Data We Do NOT Collect

Your browsing history — we never read, store, or transmit any pages you visit
The content of any web pages you visit
Payment information — all donations are made through crypto wallets; we never handle card numbers or bank details
Your IP address
Cookies (other than those set by Firebase Authentication internally)
Any form of behavioral tracking or analytics
Device identifiers beyond what Chrome provides to extensions

3. How We Collect Data

Account sign-up

When you create an account on the Scholar Scope website using email/password or Google Sign-In, your email address and a Firebase-generated User ID are stored in Firebase Authentication and Firestore. This is optional — you can use the extension without an account.

Extension operation

When you use the extension's search, bundle, or history features, data is saved to your browser's local storage (chrome.storage.local) on your own device. This data does not leave your device unless you are signed in, in which case your supporter status is synced.

Website sync

When you sign in on the Scholar Scope website and then open the extension popup, the extension reads your authentication state from the website's localStorage (only on scholarscope1.netlify.app) to sync your supporter status to the extension. No browsing data from other sites is ever accessed.

Donation page

If you voluntarily enter your email on the donation/checkout page and click "I've Completed My Donation," that email is saved to our Firebase Firestore database so we can apply your Supporter badge. This is entirely optional.

4. How We Use Your Data

We use your data only for the following purposes:

Account authentication — to verify your identity when you sign in and maintain your session
Supporter badge — to identify whether your account is entitled to the Supporter badge and display it accordingly in the extension and website
Extension functionality — to save and restore your custom site bundles and research history across browser sessions
Donation processing — to associate a submitted email with a donation and manually grant the Supporter badge after payment verification
Developer notification — when you submit a donation claim, we send ourselves an automated email notification (via EmailJS) containing your email and which crypto network you selected, so we can verify and grant your badge promptly

        We do not use your data for: advertising, profiling, resale to third parties, marketing emails, or any purpose beyond what is listed above. We will never sell your personal data.
      

5. Third-Party Services

Scholar Scope uses the following third-party services. Each has its own privacy policy:

Service	Purpose	Data Shared	Privacy Policy
Google Firebase	Authentication, database (Firestore), Cloud Functions	Email, UID, supporter status	firebase.google.com/support/privacy
EmailJS	Sends the developer a notification email when a donation is submitted	Donor's email, chosen crypto network, timestamp	emailjs.com/legal/privacy-policy
Google Fonts	Website typography	Your IP (standard web request)	policies.google.com/privacy
Netlify	Hosts the Scholar Scope website	Standard web server logs (IP, user agent)	netlify.com/privacy
Chrome Web Store	Extension distribution	Governed by Google's policies	policies.google.com/privacy

We do not share your data with any other third parties. We do not use advertising networks, tracking pixels, or analytics services of any kind.

6. Extension Permissions Explained

Scholar Scope requests the minimum permissions required for its features. Here is exactly why each permission is needed:

Permission	Why We Need It
activeTab	Allows the extension to interact with the tab you are currently on when you open the popup or use the context menu — only at the moment you click. We do not read page content or URLs in the background.
contextMenus	Creates the right-click menu options (Search Google, YouTube, PDFs, etc.) that appear when you highlight text on any page.
scripting	Required to inject the search overlay into the current tab when you trigger it via the context menu, and to read your auth state from the Scholar Scope website tab for login sync.
storage	Saves your custom site bundles and research history to your browser's local storage on your own device.
scholarscope1.netlify.app (optional)	An optional permission you can grant to allow automatic sign-in sync between the website and the extension popup. Only active on the Scholar Scope website. Never used to read any other site.

        Scholar Scope does not request the tabs permission and therefore cannot read your browsing history. The Chrome install dialog will show no warnings about reading your history.
      

7. Data Storage & Security

Where data is stored

On your device — Bundles and history are stored in chrome.storage.local, which is private to the extension and not accessible to websites.
Firebase (Google Cloud) — Account data and supporter status are stored in Firebase services hosted on Google Cloud infrastructure with encryption at rest and in transit (TLS).
Database location — Firebase data is stored in the asia-southeast1 (Singapore) region.

Security measures

All communication between the extension and Firebase uses HTTPS/TLS encryption
Firestore security rules restrict each user to reading and writing only their own data
Firebase Authentication handles password storage using industry-standard hashing — we never see your raw password
The donation claim endpoint is protected by a server-side secret key and is not publicly accessible
We do not log or store any sensitive user actions on our own servers

8. Data Retention

Account data — Retained as long as your account exists. You may request deletion at any time (see Your Rights below).
Bundles & history — Stored only on your device. Cleared when you uninstall the extension or clear your browser data.
Donation claims — Retained in Firestore for record-keeping. We do not delete these automatically, but you may request removal.
EmailJS logs — Donation notification emails are retained in EmailJS for up to 30 days per their standard policy, then automatically deleted.

9. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Right to access

You may request a copy of all personal data we hold about you.

Right to deletion

You may request that we delete your account and all associated data. To do so, contact us at the email below. We will complete the deletion within 30 days.

Right to correction

If any data we hold about you is inaccurate, you may request a correction.

Right to data portability

You may request your data in a machine-readable format.

How to exercise your rights

Contact us at the email address in Section 12. We will respond within 30 days. We may ask you to verify your identity before processing your request.

Deleting your own data immediately

Bundles & history — Click "Clear" in the extension popup, or uninstall the extension
Account — Contact us to delete your Firebase account and Firestore document

10. Children's Privacy

Scholar Scope is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has provided us with personal information, please contact us immediately and we will delete it.

Users between 13 and 18 should review this policy with a parent or guardian before using the extension.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For significant changes, we will post a notice on the Scholar Scope website.

We encourage you to review this policy periodically. Your continued use of Scholar Scope after any changes constitutes your acceptance of the updated policy.

Previous versions of this policy are available upon request.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Scholar Scope Privacy Contact

Email: ptspts2005@gmail.com

Website: scholarscope1.netlify.app

We aim to respond to all privacy-related inquiries within 5 business days.

Table of Contents