Privacy Policy

Last Updated: November 24, 2025

Cloud Palette ("the Extension") is committed to protecting your privacy. This privacy policy explains how we handle data when you use our Chrome extension.

TL;DR - We don't collect, transmit, or store any personal data.

Everything stays on your computer. No servers, no tracking, no analytics.

1. Waitlist and Email Communications

If you sign up for our early access waitlist, we collect and process the following information:

Information We Collect

  • Email address: Used solely to notify you when Cloud Palette launches and send occasional product updates (with your consent)
  • Signup timestamp: To track when you joined the waitlist
  • Source: Whether you signed up from our website or extension
  • Consent status: Your explicit consent to receive emails

How We Use Waitlist Data

  • Send you a launch notification when Cloud Palette is available
  • Send occasional product updates (only if you consented, typically once per week maximum)
  • Respond to your questions if you email us
  • We never sell or share your email with third parties

Third-Party Email Services

We use the following services to manage waitlist emails:

Your Rights (GDPR/CCPA Compliance)

  • Unsubscribe: Click the unsubscribe link in any email or email us at support@cloudpalette.app
  • Access your data: Request a copy of your data by emailing us
  • Delete your data: Request deletion by emailing us or unsubscribing
  • Data retention: We delete email addresses within 30 days of launch or upon request

Data Storage

  • Location: Data stored in Cloudflare D1 database (USA/EU regions, GDPR compliant)
  • Security: Encrypted in transit and at rest
Important: Waitlist email data is separate from the Chrome extension. The extension itself collects no data and makes no network requests.

2. Information We Collect (Extension)

Data Stored Locally

The Extension stores the following data locally on your device using Chrome's storage API (chrome.storage.local):

  • AWS Feature Index: A pre-loaded list of AWS Console features and their URLs (S3 Buckets, IAM Roles, Lambda Functions, etc.)
  • AWS Resources (Future Feature): In future versions, discovered AWS resource names (bucket names, role names, etc.) that you've browsed in the AWS Console

Data We DO NOT Collect

  • Personal information (name, email, etc.)
  • AWS credentials or access keys
  • Browsing history
  • Usage analytics or telemetry
  • Search queries
  • Any information about your AWS resources beyond their names/identifiers

3. How We Use Your Information

The locally stored data is used exclusively for:

  • Providing search functionality: To enable fuzzy search across AWS features and resources
  • Quick navigation: To allow you to quickly jump to AWS Console pages
  • Improving user experience: To remember discovered resources so you can access them faster

All processing happens locally on your device. No data ever leaves your computer.

4. Data Sharing and Transmission

Zero External Communication

The Extension makes NO external API calls and sends NO data to any servers, including:

  • No data sent to our servers (we don't have any)
  • No data sent to third-party analytics services
  • No data sent to advertising networks
  • No communication with AWS APIs

The Extension operates entirely offline using:

  • Chrome Storage API: For local data persistence
  • DOM inspection: To discover resources when browsing AWS Console (future feature)
  • Local computation: For search and navigation

5. Third-Party Services

The Extension does NOT integrate with any third-party services, including:

  • Google Analytics or other analytics platforms
  • Error tracking services (Sentry, Rollbar, etc.)
  • Advertising networks
  • Social media platforms
  • CDNs for loading external resources

All code runs locally within the extension context.

6. AWS Credentials and Security

We Never Access Your AWS Credentials

The Extension:

  • Does NOT access your AWS credentials
  • Does NOT access AWS cookies or session tokens
  • Does NOT make AWS API calls
  • Does NOT require AWS account permissions

How Resource Discovery Works (Future Feature)

In future versions, when resource discovery is implemented:

  • The Extension will read user visible text from AWS Console pages (resource names in tables/lists)
  • Resource names are stored locally only
  • No credentials or sensitive data is accessed
  • You can clear stored data anytime

7. Permissions Explained

The Extension requests the following Chrome permissions:

Permission Purpose
storage To store the AWS features index and the resource discovered locally on your device
activeTab To inject the command palette overlay on the current tab when you press Cmd+K
scripting To inject content scripts for the command palette interface

Why we need these permissions: These are the minimum permissions required for the Extension to function. We do not request broad permissions like "read and change all your data" beyond what's necessary.

8. Data Retention and Deletion

How Long We Keep Data

Data is stored locally indefinitely until you:

  • Manually clear Chrome extension storage
  • Uninstall the Extension
  • Clear Chrome browsing data

How to Delete Your Data

Option 1: Clear Storage Manually

  1. Open Chrome DevTools (F12) on any page
  2. Go to the Console tab
  3. Run this command: 
    chrome.storage.local.clear(() => {
  console.log('All data cleared');
});

Option 2: Uninstall the Extension

  1. Go to chrome://extensions/
  2. Find "AWS Console Command Palette"
  3. Click "Remove"

All locally stored data will be permanently deleted.

9. Children's Privacy

The Extension is not directed to children under the age of 13. We do not knowingly collect information from children. Since we don't collect any personal information from anyone, this is not a concern, but parents should be aware that the Extension is intended for professional use.

10. Security and Audits

Cloud Palette is committed to maintaining the highest security standards:

  • Regular security audits: We conduct regular reviews of our code and practices
  • Chrome Web Store compliance: Our extension meets all Chrome Web Store security requirements
  • Minimal permissions: We only request the permissions absolutely necessary for functionality
  • No external dependencies: All code runs locally with no third-party integrations

We take your security seriously and continually work to maintain the integrity of the Extension.

11. Changes to This Policy

We may update this privacy policy from time to time. When we do:

  • We will update the "Last Updated" date at the top of this page
  • Significant changes will be announced in the Extension's release notes
  • You will be notified of material changes through the Extension

We will never start collecting or transmitting data without explicit user consent and a clear update to this policy.

12. Your Rights

Since all data is stored locally on your device:

  • Access: You have full access to your data via Chrome DevTools → Application → Storage
  • Deletion: You can delete all data anytime (see Section 7)
  • Portability: You can export your data from Chrome storage if needed
  • Control: You have complete control over what's stored and when

You don't need to contact us to exercise these rights—you already have full control.

13. Contact Information

If you have questions about this privacy policy or the Extension's data practices:

We aim to respond to privacy-related questions within 48 hours.

14. Summary

Privacy First, Always

Here's our commitment in plain English:

  • Zero data collection: We don't collect personal information
  • Zero external communication: No servers, no APIs, no tracking
  • 100% local storage: Everything stays on your computer
  • Security first: Regular audits and Chrome Web Store compliance
  • You're in control: Delete your data anytime

This privacy policy is written in plain language to be accessible and understandable. If anything is unclear, please reach out.