Privacy Policy — Vendor Status Dashboard

Effective date: 2026-07-14
Contact: [email protected]

Vendor Status Dashboard is a Chrome extension for on-call engineers. It shows the status of vendors you choose in a toolbar popup and alerts you when one changes. It has no backend and no user accounts — it runs entirely in your browser. This policy explains exactly what it stores and what it sends.

What we store (locally, on your device)

Everything the extension saves lives in your browser’s chrome.storage.local and never leaves your machine except as described in “Network calls” below:

We do not collect your name, email, browsing history, or the contents of any page you visit. The extension requests no access to your tabs or browsing.

Network calls (the only data that leaves your device)

The extension makes network requests in exactly three cases, all of which you control:

  1. Vendor status pages you chose. It fetches the public status endpoint (/api/v2/summary.json) of each vendor you enable — the same public data your browser would load by visiting that status page. Nothing about you is sent; it’s a plain read of public information.
  2. Your own Slack webhook (Pro, optional). If you add a Slack incoming webhook, the extension posts a short status message to that URL — and only to hooks.slack.com — when a tracked vendor changes state. Your webhook URL is stored locally, sent only to Slack, and is never logged.
  3. Payment provider (ExtensionPay). To unlock and verify Pro, the extension talks to ExtensionPay (extensionpay.com). ExtensionPay handles checkout and tells the extension whether you’ve paid. We never see or store your card details. See ExtensionPay’s own privacy policy for how it processes payments.

That’s the complete list. There are no other servers involved.

What we never do

Permissions

The extension requests only what these features need: local storage, scheduled alarms (to check on a timer), and desktop notifications. Access to a vendor’s domain is limited to the preset status pages; adding a custom vendor asks your permission for that one domain at the moment you add it, and it’s revoked when you remove the vendor.

Data retention and removal

All data is local. Removing a vendor deletes its stored data immediately. Uninstalling the extension removes everything it stored.

Changes

If this policy changes, we’ll update the effective date above and post the new version at the same URL.

Contact

Questions? Email [email protected].