Inbox Radar Privacy Policy

Last updated: 2025-10-23

    1. Who we are
    • Inbox Radar is a Chrome browser extension that helps you monitor and triage messages across Gmail, Outlook, and Slack from one place.
    • Application is being developed by ArdentCode I sp. z o.o. in Poland
    • Contact: inboxradar@services.ardentcode.com
    1. What the extension does
    • Locally reads message metadata from open Gmail and Outlook tabs to show unread/relevant items and let you jump directly to a message.
    • Optionally connects to Slack via OAuth to read channel lists, unread counts, and the latest message previews for triage.
    1. Data we process Processed locally on your device (stored in chrome.storage.local):
    • Email metadata from Gmail/Outlook pages you have open: sender name, subject/title, short snippet/preview text, approximate date/time, and internal thread/conversation identifiers exposed by the page.
    • Slack metadata (when connected): workspace/team ID and name, channel IDs/names where applicable, unread counts, and the most recent message preview text for triage.
    • Your configuration and usage data: filters you define, which tab of filters is active, dismissed message keys, per-account/workspace counts, and UI state (e.g., settings visibility).
    • Account labeling: for Gmail/Outlook we attempt to identify the active account (email address when available from the page’s aria-label/title; otherwise a numeric account index) to separate counts across multiple accounts.
    • Tokens/credentials stored locally:
        • Slack OAuth user access token, Slack team ID/name, and authed user ID (to fetch unread counts and previews). These are stored only in chrome.storage.local on your device and used to call Slack APIs directly from the extension.
    • We do not collect:
        • Your full email content or attachments.
        • Your Gmail/Outlook data to our servers.
        • Keystrokes, browsing history beyond the specific mail/chat tabs, or analytics/telemetry.
    1. Where data flows
    • Gmail/Outlook: All extraction happens entirely in your browser on those pages. No message data is transmitted to our servers.
    • Slack: The extension calls Slack APIs from your browser using your Slack token. Message metadata is used to compute counts and previews and is stored locally.
    • OAuth helper: Slack sign-in uses a backend redirector solely to complete the OAuth flow and return the token to your browser. We do not use this token to access your Slack data outside your device.
    1. Permissions we request and why
    • activeTab, tabs, scripting: To inject minimal code into Gmail/Outlook tabs you already have open and to open/focus the correct tab/message on click.
    • storage: To save your filters, dismissed items, connection info, and last results locally.
    • alarms: To periodically check for new messages (default every 1 minute).
    • identity: To facilitate Slack OAuth.
    • Host permissions: mail.google.com, outlook.office.com, *.slack.com/app.slack.com to read visible message metadata and open deep links.
    1. Data retention and control
    • Local storage persists until you remove the extension or clear its data.
    • Slack connection persists until you revoke it. To disconnect, revoke the app in your Slack account settings (Manage Apps) and/or remove the extension. The extension does not sync your data to cloud storage.
    • You may also manually clear Chrome’s site/extension storage or reinstall the extension to reset all local data.
    1. Security
    • Slack tokens and message metadata are stored in Chrome’s local extension storage. We follow the principle of least privilege and do not collect data we don’t need.
    • No encryption at rest is added beyond what Chrome provides for extension storage. Anyone with local access to your user profile could access stored data; protect your device and OS account.
    1. Children’s privacy
    • Inbox Radar is intended for professional use and not directed to children under 13 (or under the age of digital consent in your region). Extension does not contain anything inappropirate for the children, but we also have nothing addressing the special needs of such a young minds.
    1. International transfers
    • We do not transfer your Gmail/Outlook message data to our servers. Slack API calls are made to Slack’s infrastructure, which may process data in various regions per Slack’s policies.
    1. Your rights
    • Because we do not maintain server-side copies of your personal data, requests to access/erase data are best fulfilled by you: remove the extension, clear its local storage, and revoke Slack access if connected.
    • For any questions, contact inboxradar@services.ardentcode.com
    1. Changes to this policy
    • If we materially change what we collect or how we use it, we will update this policy and the “Last updated” date. Continued use after changes constitutes acceptance.
    1. Contact
    • Questions or requests: ArdentCode I sp. z o.o., ul. Jeździecka 19 lok. 401, 53-032 Wrocław, Poland, inboxradar@services.ardentcode.com

Summary of data practices at a glance

    • Purpose: Unified triage across Gmail, Outlook, Slack.
    • Collection: Local-only processing of message metadata; optional Slack token for API access.
    • Storage: Chrome local extension storage on your device.
    • Sharing/Sale: None; no sale of data; no analytics.
    • Control: Revoke Slack access and/or uninstall to remove all local data.