Grrab Privacy Policy
The use of information received from Google APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.
1. What Grrab Does (Single Purpose)
Grrab is a Chrome extension with a single purpose: to enable users to save images and social media posts from any webpage with a keyboard shortcut (Cmd+C on Mac, Ctrl+C on Windows/Linux), and to automatically organize saved items by content type (Img or SNS).
2. What We Collect, How, and Why
Grrab collects data only in response to your interaction with it — pressing the save shortcut, signing in, or pointing at (hovering) clippable content on the tab you are actively using. Grrab does not run background analytics across your browsing and does not collect or transmit data from pages you never interact with. Two narrow, feature-essential exceptions are described explicitly below: an anonymous, identifier-free clip count (Section 2.5) and on-demand fetching of images and link destinations to make clipping instant (Section 2.6).
2.1 Account Information
- What: Your Google account's unique identifier (UID), email address, display name, and profile picture URL.
- When collected: When you sign in via the Grrab side panel.
- How collected: Through Chrome's
chrome.identityAPI using OAuth 2.0. Grrab does not store passwords. - OAuth scopes requested:
openid,email,profile, andhttps://www.googleapis.com/auth/drive.file. - Why: To identify you as the owner of your saved items and to sync items across devices.
- Where stored: Firebase Authentication (Google Cloud).
2.2 Saved Item Metadata
- What: URLs, page titles, image URLs, image preview data (the thumbnail your browser already rendered on the source page, stored so Grrab can display the preview in the side panel when the original image URL is unreachable), content category (Img or SNS), domain name, timestamps, a content de-duplication identifier (a stable reference such as a video source URL or a post ID, used to avoid saving the same item twice), the detected platform label (e.g. the social network a saved item came from), an internal correlation ID (a short random string that matches an optimistically-shown card to its stored record), and the organizational folder you assigned (if any) for items you explicitly save.
- When collected: Only when you press the save shortcut on a page.
- How collected: Via a content script that runs only at the moment of save, reading the active page's URL, title, and (if you saved an image) the image URL.
- Why: To store and organize your clips so you can find them later in the Grrab side panel.
- Where stored: Firebase Firestore (Google Cloud, Asia Northeast region), under your user account.
2.3 Saved Files
- What: The actual image or content files you explicitly save.
- When collected: Only when you press the save shortcut.
- How collected: Downloaded from the source URL by Grrab.
- Why: To preserve the saved content for your later access.
- Where stored (you choose per save destination setting):
- Local folder: A folder on your computer that you select using Chrome's File System Access API. Grrab writes saved files directly to this folder and cannot access other folders.
- Google Drive: A folder named
Grrab_filesautomatically created in your Google Drive root. Grrab uses thedrive.fileOAuth scope, which means Grrab can only access files Grrab itself creates — not your other Drive files.
2.4 User Preferences
- What: Your save destination choice (local folder vs. Google Drive), UI toggles, and a reference to your selected local folder (if any).
- How collected: Via
chrome.storage.local. - Why: To remember your settings between sessions.
- Where stored: Locally on your device only. Not transmitted anywhere.
2.5 Anonymous Usage Count (when signed out)
- What: An anonymous signal that one clip occurred. The request body is empty — no URL, site, page, image, account, or device identifier is sent or stored. On the server it only increments aggregate counters (a running total and a per-day total).
- When collected: Only when you perform a clip while you are not signed in. Signed-in saves do not send this.
- How collected: A single fire-and-forget request to Grrab's server. It cannot be tied to you because no identifier is included.
- Why: To understand overall usage volume (how many clips happen) without identifying anyone or recording where clips occur.
- Where stored: As aggregate counters only, in Firebase Firestore (Google Cloud). No per-event or per-user records are created.
2.6 Image and Link Fetching (to make clipping instant)
- What: An image URL or a link URL on the tab you are actively using.
- When: (a) When the Grrab side panel displays previews of items you have already saved, the saved item's image URL may be routed through Grrab's image-proxy server so the preview can render even when the original host blocks direct loading. (b) When you point at (hover) or save a clippable item on the active tab, Grrab may resolve the item's final link (following redirects) and pre-fetch its image so that saving is instant.
- How: These fetches are performed by Grrab's own backend on your behalf (to bypass cross-origin/hotlink restrictions). They run on the active tab in response to your interaction with clippable content — not as background monitoring of pages you do not interact with.
- Why: To render previews reliably and to make the save action instantaneous.
- Video frames: When you clip a video whose frame cannot be read directly because the site serves it from another origin, Grrab briefly captures the current visible tab to obtain the frame you are clipping. This capture is used only to produce that clip image and is not stored separately.
- Retention: These fetches are transient — the URL is used to retrieve the image or follow the redirect and is not stored as a separate record. (URLs of items you explicitly save are stored as described in Section 2.2.)
2.7 Clipped Image (size adjustment, on-device upscaling, and storage)
- What: The image you clip, adjusted to your chosen clip size. If the source image is larger than your clip size it is downscaled; if it is smaller, it is enlarged using a super-resolution machine-learning model. This produced image is stored so Grrab can show it as the saved item's preview in the side panel.
- On-device upscaling: The upscaling runs entirely on your device using a model bundled with the extension (executed in a background offscreen document via WebAssembly). The image is not sent to any external or third-party AI service for upscaling.
- When: Only when you save an image clip while signed in.
- Where stored: The resulting clip image is uploaded to Firebase Storage (Google Cloud) under your user account, so it can serve as the item's preview — independently of, and in addition to, any local-folder or Google Drive copy you chose as your save destination.
- Why: So your saved item shows a reliable preview at your chosen size even when the original source image is later unreachable.
3. What We Don't Collect
- We do NOT keep a log of your browsing history or build a record of the pages you visit.
- We do NOT collect or store data from pages you never interact with, and we do not save items you did not choose to save.
- We do NOT use third-party analytics, advertising SDKs, or trackers. The only usage signal Grrab collects is the anonymous, identifier-free clip count described in Section 2.5.
- We do NOT sell or share your data with advertisers or data brokers.
- We do NOT send your saved items or page content to any external or third-party AI service for processing. (Image upscaling is performed by a model bundled with the extension that runs entirely on your device — see Section 2.7.)
- We do NOT collect sensitive content (e.g., email contents, passwords, financial data, health data).
- The thumbnail stored with a saved item is the preview your browser already rendered on the source page. To display previews reliably, Grrab may additionally fetch a saved item's image through its own image proxy (see Section 2.6); such fetches are transient and are not retained beyond the saved item's stored fields.
4. Permission Justifications
Grrab requests the following Chrome permissions and uses them as follows:
storage— To store your preferences (save destination, UI settings) viachrome.storage.localon your device only.downloads— When you save to your Downloads folder, to write the clipped image file there.tabs— To read the active tab's URL and title at the moment you save, and to coordinate messages between the side panel UI and content scripts.windows— To open and close Grrab's folder-picker popup window, used when you choose a local save folder.sidePanel— To display Grrab's main UI in Chrome's side panel, where you browse saved items by category.identity— For Google sign-in via OAuth 2.0 to identify your account and request access to your Drive (only withdrive.filescope).clipboardWrite— To copy a clipped image to your clipboard: the save shortcut copies the image you clip, and the side panel's Copy button copies a saved item's image, so you can paste it directly into another app. Grrab writes only image data to the clipboard; the copy happens locally and is not transmitted.offscreen— To run Grrab's on-device image upscaling (super-resolution) in a background offscreen document, so that when a clipped image is smaller than your chosen clip size it can be enlarged locally without freezing the page. The image is processed entirely on your device (see Section 2.7).notifications— To show a brief system notification confirming a clip finished saving when you have navigated away from the page during the clip (for example, while an image is being upscaled), so you still get confirmation when the in-page message isn't visible. These notifications contain only a generic status message and no personal data.
Host Permissions (<all_urls>)
Grrab requests permission to run on any URL because it is a universal save tool that must work on any website you choose to save from. Restricting to specific sites would defeat the core purpose.
Despite the broad URL pattern:
- Grrab acts only on the tab you are actively using, in response to your interaction — pressing the save shortcut or pointing at (hovering) clippable content. It highlights clippable items as you hover and, to make saving instant, may pre-resolve a hovered item's link and image (see Section 2.6).
- Grrab reads only the metadata necessary for clipping (URL, title, primary image, the element you point at).
- Grrab does not run background monitoring of your browsing and does not act on tabs you are not interacting with.
- Grrab does not collect or store data from pages you never interact with.
- Grrab does not run continuous or AI-based content analysis on the pages you visit.
Grrab's clipping machinery stays dormant until you interact with clippable content on the active tab.
5. Data Sharing
Grrab shares your data only with the following service providers, strictly to operate the extension's documented functionality:
5.1 Google (Firebase — Authentication, Firestore, and Storage)
- What is shared: Your account information, saved item metadata, and the clip image stored for previews (Section 2.7).
- Purpose: Backend infrastructure that hosts your account, saved items, and their preview images.
- Also processed here: The anonymous clip count (Section 2.5) and the on-demand image/link fetches (Section 2.6) are handled by Grrab's own backend running on Google Cloud. The image/link fetches are transient and are not stored; the clip count is stored only as aggregate totals with no identifier.
- Subject to: Google's privacy policy and Google Cloud Platform Terms of Service.
5.2 Google Drive (only if you choose Drive as save destination)
- What is shared: The files you explicitly save.
- Purpose: Storage of your saved files in your own Google Drive.
- Access scope:
drive.fileonly — Grrab can only see and modify files Grrab itself created. Grrab cannot see your other Drive files.
Grrab does NOT share your data with any other third party. We do not sell, rent, or transfer your data to advertisers, data brokers, or analytics providers.
6. Data Retention and Deletion
- Saved items: Retained until you delete them individually (using the delete button on each item in the side panel) or delete your account.
- Account data: Retained until you request account deletion.
- Local data (chrome.storage.local): Cleared when you uninstall Grrab or use Chrome's extension settings to clear extension data.
To request account deletion, email tlstlsgns@gmail.com.
7. Your Rights
- Access: View all your saved items via the Grrab side panel.
- Delete individual items: Use the delete button on each item card.
- Delete account: Email tlstlsgns@gmail.com requesting account deletion.
- Revoke OAuth access: Remove Grrab's permissions at any time via Google Account Security Settings.
- Local data: Use
chrome://extensionsto remove Grrab and clear local data.
8. Security
- All network communication uses HTTPS (TLS encryption).
- OAuth tokens are managed via Chrome's secure
chrome.identityAPI. - Backend infrastructure (Firebase) uses Google Cloud Platform's industry-standard security practices.
- Firebase Security Rules enforce per-user data isolation; one user cannot access another user's data.
- Grrab itself does not store passwords. Authentication is delegated entirely to Google's OAuth flow.
9. Children's Privacy
Grrab is not directed at children under 13 and does not knowingly collect data from children under 13. If we become aware of such collection, we will delete the data immediately.
10. Changes to This Policy
We may update this policy from time to time. Material changes will be reflected in the "Last Updated" date at the top of this page. We will not retroactively change the policy to expand data collection beyond what was disclosed at the time of your saves.
11. Open Source
Grrab is open source. You can review the entire codebase at github.com/tlstlsgns/Grrab to verify the data handling described in this policy.
12. Contact
- Email: tlstlsgns@gmail.com
- GitHub: https://github.com/tlstlsgns/Grrab
- Issues: https://github.com/tlstlsgns/Grrab/issues