Coohom Front Tools Privacy Policy

This Privacy Policy explains how the Coohom Front Tools Chrome extension processes information when users analyze the current Coohom page or inspect a selected page element to identify pub app and repository ownership.

Effective date: April 19, 2026

Coohom Front Tools is designed for ownership lookup on supported Coohom pages. It works only when users actively trigger page analysis or element inspection.

1. Information We Process

When you use the extension, the following information may be processed:

The `pub token` that you provide in the extension settings.
The URL of the current page.
Related static resource URLs from the current page, such as stylesheet and script URLs.
Selected element context needed for ownership lookup, such as tag name, id, class name, ancestry, text snippet, and matched resource hints.

2. How We Use Information

We use this information only to provide the extension's ownership lookup functionality, including:

Analyzing the current page to identify the related pub app and repository.
Inspecting a selected page element to infer its ownership.
Sending authenticated requests to the configured PUB MCP endpoint.

3. Data Storage and Transmission

The extension stores `pub token` in Chrome extension storage so the user does not need to enter it repeatedly.
Temporary tab analysis state may be stored in Chrome session storage during use.
`pub token` and ownership lookup context are sent only to the configured PUB MCP endpoint as needed for the extension's core functionality.

4. Permissions

The extension requests only the permissions required to deliver its single purpose:

activeTab: to inspect the currently active tab after user interaction.
storage: to store `pub token` and related extension settings.
Host permissions: limited to supported Coohom pages, required static asset domains, and the configured PUB MCP endpoint used for ownership lookup.

5. Data Sharing

We do not sell, rent, or share your data with unrelated third parties. Information is processed only as required to support the extension's ownership lookup functionality.

6. What We Do Not Do

We do not execute remote JavaScript or other remote code.
We do not access GitLab APIs.
We do not collect unrelated page content beyond what is needed for ownership lookup.
We do not use extension data for advertising, profiling, analytics, or cross-site tracking.

7. Security Note

The current repository default is an internal `http://` PUB MCP endpoint intended for internal environments. Before any public distribution that requires secure transport, the configured PUB MCP endpoint should be replaced with an `https://` endpoint.

8. Your Choices

You may stop using the extension at any time. You may also update or remove the stored `pub token`, clear browser extension storage, or uninstall the extension.

9. Contact

Company: coohom

Support: Contact the extension maintainer through your internal project support channel.