Privacy policy

Last updated: 2026-05-08

What we collect

• A random opaque user ID (UUID) generated in your browser the first time you use the extension.
• The reactions you click and the public target you reacted to (e.g. a Facebook post URL or a GitHub repo).
• A timestamp of your reaction.
• A salted, day-rotated hash of your IP address — used only to rate-limit abuse. The hash is irreversible and is automatically discarded within 24 hours.

What we do not collect

• No name.
• No email.
• No raw IP address.
• No browser fingerprint, canvas hash, or font enumeration.
• No tracking cookies, analytics pixels, or third-party SDKs.

Where data lives

Reaction events are stored in AWS (region: us-east-1), encrypted at rest (S3 SSE-S3, DynamoDB AWS-managed encryption). Raw events are auto-expired after 30 days; aggregate reaction counts are kept indefinitely so the extension can keep displaying them.

How to reset your identity

Open the extension popup → Reset identity. This clears your UUID. Subsequent reactions will be tied to a fresh, unrelated UUID.

Your rights

Because we do not collect any personal data, we cannot identify you and therefore cannot link past reactions to your person. If you have specific questions, email privacy@example.com.

Disclaimer

Reactions and counts are community-estimated and may not be exact.