UpScraper Privacy Policy

Privacy policy for the UpScraper Chrome extension

This page describes what data the UpScraper extension processes, how that data is used, where it is stored, and when it is shared. This policy applies to the Chrome extension and its hosted sidebar web app.

Product

UpScraper Chrome extension

Contact

support@lunostudio.nl

Last Updated

May 17, 2026

What UpScraper does

UpScraper is a user-initiated extension that helps users collect image references and structured product information for backfilling and catalog work. It can receive product, brand, and specification data from user-authorized web pages, fetch related results from external sources, and optionally send the final results to a user-configured API endpoint.

UpScraper requests host access only for sites the user explicitly adds and approves, except localhost / loopback development hosts, which work locally without a separate permission prompt.

Data we process

User settings: allowed host entries, API endpoint, auth token entered by the user, UI preferences, queue behavior preferences, and preferred result action.
Extension working data: product, brand, and spec payloads supplied by the user’s own pages; queue items; scraped image URLs; catalog review items; scrape status; source page URL; and source page origin.
Identifiers: a locally generated extension user ID used for settings sync and analytics context.
Usage and diagnostics data: page views, interaction events, basic runtime error telemetry, browser user agent, session identifiers, and coarse location data if analytics or payment features are enabled.
Payment/support data: if the optional “Buy me a coffee” feature is used, the hosted payment flow may process payment-link metadata, country detection, payment status, and provider-specific transaction identifiers.

How data is used

To store extension settings and keep them in sync across the user’s Chrome profile.
To receive user-triggered export payloads from approved sites.
To search external sources such as GSMArena, Bing, DuckDuckGo, Clearbit, and Apple CDN for image or catalog data related to user-provided products and brands.
To display queue, results, settings, docs, and catalog information in the extension side panel.
To optionally send processed results to the API endpoint configured by the user when the user explicitly chooses the send action.
To measure product usage and diagnose errors if analytics is configured.
To create and check optional support-payment links if the payment feature is used.

Where data is stored

In the browser: extension state and working data are stored in Chrome extension storage, including chrome.storage.local, chrome.storage.sync, and chrome.storage.session.
In the hosted sidebar app: the extension loads its sidebar UI from a hosted web application and passes sidebar state to that app through a postMessage bridge so the UI can render current queue, settings, and status data.
In third-party services: only when the related feature is used or configured, data may be transmitted to analytics providers, payment providers, external scrape sources, or the user-configured API endpoint.

Who data is shared with

User-configured endpoints: when the user chooses the send action, UpScraper sends result rows to the API endpoint entered in Settings, including any configured bearer token.
Hosted sidebar infrastructure: the remote web app used for the side panel receives the state needed to render the UI.
Scrape/data sources: the extension may request pages or assets from sites such as GSMArena, Bing, DuckDuckGo, Clearbit, Apple CDN, and other user-facing sources used by the feature.
Analytics providers: if analytics is configured, usage and diagnostic events may be sent to Google Analytics.
Payment providers: if the optional support-payment feature is used, data may be sent to Netlify-hosted functions and payment providers such as Mollie or Tikkie.

UpScraper does not sell personal data. Data is used only for the extension features described in this policy.

Permissions and site access

UpScraper uses Chrome extension permissions such as storage, sidePanel, scripting, tabs, and activeTab. For site communication, the extension uses optional host permissions for non-local sites the user explicitly adds and approves.

Local development hosts such as localhost, 127.0.0.1, and ::1 are supported directly so users can test local integrations without repeated grant prompts.

Retention and user controls

Users can edit or remove saved allowed hosts and settings from the Settings tab.
Users can clear queue items, remove scraped images, or uninstall the extension to remove locally stored extension data.
Users can revoke optional host permissions from Chrome’s extension permission controls.
Third-party services such as analytics, payment providers, or a user’s own API may retain data according to their own policies.

Security

UpScraper is designed to minimize required permissions and requests host access dynamically when possible. Sensitive settings such as auth tokens are stored in extension storage and used only for the features configured by the user. No security measure is perfect, but we try to limit data processing to what is necessary for the extension’s user-facing features.

Contact

Questions about this policy or the extension can be sent to support@lunostudio.nl.