Privacy Policy

Honestly ("we," "our," or "us") provides a browser extension that aggregates authentic product opinions from social media platforms. This Privacy Policy explains how we collect, use, and protect your information when you use the Honestly Chrome extension.

SUMMARY

We collect your email address only if you sign in
We collect product page information only when you click "See Opinions"
We do not track your browsing history
We do not sell your data
We do not use advertising trackers

INFORMATION WE COLLECT

Information You Provide

Email Address (Optional)
If you choose to sign in using magic link authentication, we collect your email address. You can use the extension without signing in, but signing in enables viewing history.

Support Messages
If you submit a support request through the extension, we collect your message, email address, and the URL of the page you're on (to help us understand the context of your issue).

Information Collected Automatically

Product Page Metadata
When you click "See Opinions" on a product page, we collect:
• Product name
• Product URL
• Product price
• Product image URL
• Retailer name
• Brand and category (when available)

This information is extracted from the publicly visible content of the product page you're viewing. We use it to find matching opinions in our database and, if the product is new, to search social media for relevant discussions.

Viewing History (Authenticated Users Only)
If you're signed in, we record which products you've viewed opinions for. This powers the "History" feature in the extension popup, letting you revisit products you've researched.

Technical Information
Like all web services, our servers automatically receive your IP address when you make requests. We do not store IP addresses beyond standard server logs.

Information We Do NOT Collect

• Browsing history: We do not track which websites you visit
• Search history: We do not monitor your searches
• Keystrokes or form data: We do not capture what you type
• Financial information: We do not access payment details
• Location data: We do not track your location
• Passwords: We never access or store passwords

HOW WE USE YOUR INFORMATION

Email address — Send magic link for sign-in; respond to support requests
Product metadata — Query our opinion database; trigger searches for new products
Viewing history — Display your research history in the extension
Support messages — Respond to and resolve your issues

We do not use your data for advertising, profiling, or any purpose unrelated to providing the Honestly service.

HOW WE SHARE YOUR INFORMATION

Service Providers

We share data with the following third-party services that help us operate Honestly:

Supabase (Database & Authentication)
• Receives: Email address, viewing history, support requests, product data
• Purpose: Data storage, user authentication, and API infrastructure
• Privacy Policy: supabase.com/privacy

n8n on Render (Workflow Automation)
• Receives: Product metadata (name, URL, price, brand)
• Purpose: Trigger automated searches for product opinions on social platforms
• Privacy Policy: n8n.io/privacy

TikTok oEmbed API
• Receives: TikTok video URLs (from our database, not your data)
• Purpose: Fetch video thumbnails for display
• Privacy Policy: tiktok.com/legal/privacy-policy

We Do NOT Share Your Data With

• Advertising networks
• Data brokers
• Marketing companies
• Any third party for purposes unrelated to the service

We Do NOT Sell Your Data

We do not sell, rent, or trade your personal information to anyone, ever.

DATA STORAGE AND SECURITY

Where Your Data Is Stored

On Your Device (chrome.storage.local)
• Authentication tokens (encrypted by browser)
• UI preferences (panel width, button position)
• Temporary product cache (auto-expires after 5 minutes)
• Extension enabled/disabled state

This data stays on your device and is never synced across devices.

On Our Servers (Supabase)
• Email address and user ID (if signed in)
• Viewing history (if signed in)
• Support request messages

Our servers are located in the United States.

Security Measures

• All data transmitted over HTTPS (encrypted in transit)
• Authentication uses signed JWT tokens
• Database protected by Row Level Security (users can only access their own data)
• No sensitive keys exposed in client code

DATA RETENTION

Authentication tokens — Until you sign out
UI preferences — Until you uninstall the extension
Product cache — 5 minutes (automatic)
Viewing history — Until you request deletion
Support requests — Until resolved or you request deletion
Email address — Until you request deletion

YOUR RIGHTS AND CHOICES

All Users

Disable the Extension
You can disable Honestly at any time using the toggle in the extension popup or via right-click menu.

Uninstall the Extension
Uninstalling removes all locally stored data from your device.

Use Without Signing In
The core functionality works without creating an account. Signing in is optional.

For Users in the European Economic Area (GDPR)

If you're in the EEA, you have the right to:
• Access your personal data
• Correct inaccurate data
• Delete your data ("right to be forgotten")
• Export your data in a portable format
• Object to processing
• Restrict processing
• Withdraw consent at any time

Legal Basis for Processing:
• Legitimate interest: Providing the opinion aggregation service
• Consent: Email marketing (if we ever offer it)
• Contract: When you use our service

To exercise these rights, contact us at the email below. We respond within 30 days.

For California Residents (CCPA/CPRA)

California residents have the right to:
• Know what personal information we collect
• Delete your personal information
• Correct inaccurate personal information
• Opt-out of the sale or sharing of personal information
• Non-discrimination for exercising your rights

Categories of Personal Information Collected:
• Identifiers (email address)
• Internet activity (products viewed through our extension)
• Commercial information (product pages you've researched)

We do not sell or share your personal information as defined by the CCPA.

To exercise these rights, contact us at the email below. We respond within 45 days.

CHILDREN'S PRIVACY

Honestly is not intended for users under 13 years of age (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

INTERNATIONAL DATA TRANSFERS

Our servers are located in the United States. If you're using Honestly from outside the US, your data will be transferred to and processed in the United States. By using Honestly, you consent to this transfer.

CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. When we make material changes, we will:

1. Update the "Last Updated" date at the top

2. Notify you via the extension (for significant changes)

3. Post the updated policy at this URL

Your continued use of Honestly after changes constitutes acceptance of the updated policy.

CONTACT US

If you have questions about this Privacy Policy or want to exercise your data rights, contact us at:

Email: lets@usehonestly.com

We aim to respond to all requests within 30 days.

CHROME EXTENSION PERMISSIONS

For transparency, here's why Honestly requests each browser permission:

storage — Save your preferences (panel width, button position), authentication tokens, and temporary cache locally on your device

activeTab — Detect when you're on a product page and communicate with the widget

contextMenus — Provide a right-click option to enable/disable the extension

Host access to supabase.co — Connect to our database for opinions and authentication

Host access to n8n webhook — Trigger searches for new products

This privacy policy was last reviewed for accuracy against the Honestly codebase on January 14, 2026.