Privacy Policy

1. Data We Handle (Positive Disclosure)

Chrome Web Store policy requires a clear, positive disclosure of all data that the extension accesses, processes, or stores — even if that data never leaves your device. The following is a complete accounting of every category of data Gemini Export Studio handles:

Conversation Content

• The extension reads the HTML content of your Gemini conversations directly from the page DOM when you initiate an export
• This content is processed entirely in memory within your browser to generate the export file (PDF, Markdown, HTML, etc.)
• Conversation text is never transmitted to any external server — including ours
• Once the export is complete, the in-memory content is discarded

Merge Queue — Full Conversation Content

• When you add conversations to the merge queue, the extension stores the full conversation turn data (all chat messages and associated HTML) in chrome.storage.local under the key mergeQueue
• This cached content remains on your device only, until you export the merged result or manually clear the queue
• This data is never transmitted externally

User Preferences and Optional Metadata

• Your export settings (format, templates, PDF options, file naming, UI preferences) are stored locally under ace_settings_v1
• You may optionally enter a display name and email address in the extension settings for use as metadata in export files (e.g., author fields in PDF exports); these are stored locally and never transmitted to extension servers

Google Drive OAuth Tokens (Optional)

• If you connect Google Drive, an OAuth access token is stored locally under ace_cloud_tokens and cloud destination folder IDs are stored under ace_cloud_destinations
• These are used exclusively to upload export files to your own Drive; they are not shared with any other party
• If you never enable Drive sync, these keys are never written

Obsidian Vault Handle (Optional)

• If you configure Obsidian sync, a filesystem handle to your chosen Obsidian vault folder is stored in IndexedDB (ace-vault-db) using the browser's File System Access API
• This handle allows the extension to write export files directly into your local vault folder
• No vault content is read by the extension, and no data is transmitted externally

Images Fetched for Export Embedding

• The background service worker fetches images that appear in your Gemini conversations from Google's CDN (lh3.googleusercontent.com, lh3.google.com) in order to embed them as base64 data in export files
• Only image URLs that are already visible on your Gemini page are fetched; no conversation text is sent to Google during this process
• The fetched image data is used only for local embedding and is not stored persistently

2. How We Handle Your Data

This section describes exactly how each category of data flows through the extension — how it is accessed, how it is processed, and when it is discarded. No data category listed here is transmitted to our servers at any point.

Conversation Content

• How accessed: Read directly from the Gemini page DOM in your browser when you click Export
• How processed: Parsed in-memory by the extension's content script to build the export document
• Transit path: Stays entirely within your browser — no network request is made carrying your chat text
• Retention: Discarded from memory immediately after the export file is generated

Merge Queue Data

• How accessed: Conversation turn data is written to chrome.storage.local when you add a conversation to the merge queue
• How processed: Read back from local storage when you trigger a merge export; merged in-memory into a single document
• Transit path: Never leaves your device; no external transmission occurs
• Retention: Cleared automatically when you export the merged result or manually clear the queue

User Preferences

• How accessed: Read from chrome.storage.local (ace_settings_v1) each time the extension UI loads
• How processed: Applied as configuration to the export pipeline (format, template, styling)
• Transit path: Never transmitted; stored and read locally only
• Retention: Persisted until you change settings or uninstall the extension

Google Drive OAuth Tokens (Optional)

• How accessed: Retrieved from chrome.storage.local (ace_cloud_tokens) only when a Drive upload is initiated
• How processed: Passed as a Bearer token in the Authorization header of HTTPS requests to the Google Drive API to upload your export file
• Transit path: Sent only to www.googleapis.com over HTTPS — never to our servers
• Retention: Stored locally until you disconnect Drive sync or uninstall; no copy is kept on our servers

Obsidian Vault Handle (Optional)

• How accessed: Retrieved from IndexedDB (ace-vault-db) when an Obsidian export is triggered
• How processed: Used with the browser's File System Access API to write the export file to your local vault folder
• Transit path: Local filesystem write only — no network transmission
• Retention: Handle persists in IndexedDB until you disconnect Obsidian sync or uninstall

Images Fetched for Export Embedding

• How accessed: Image URLs already present on your Gemini page are passed to the background service worker
• How processed: Fetched from Google's CDN over HTTPS; converted to base64 and embedded in the export document
• Transit path: Browser → Google CDN (image bytes only, no chat text); base64 data used locally for embedding
• Retention: Not stored persistently; used only during the export operation then discarded

Chrome Debugger API (PDF / Screenshot Export)

• How accessed: The extension attaches Chrome's Debugger Protocol to a temporary background tab it creates
• How processed: Conversation HTML is injected into the temporary tab, rendered, and captured as a PDF or image using the Debugger API
• Transit path: Entirely local — the Debugger API operates within your browser; no data is sent externally
• Retention: The temporary tab is closed immediately after capture; no intermediate files are stored

3. Data We Do NOT Collect

The following data is never collected, transmitted, or stored on any server:

• Your Gemini chat content, messages, or conversation history (sent to our servers)
• Your IP address or device identifiers
• Your Google account information or identity
• Analytics, telemetry, or usage statistics about which features you use
• Error logs containing personal information
• Your browser history or activity outside of gemini.google.com
• Any personally identifiable information (PII) present in your chats
• Export file contents or metadata (sent to our servers)
• The titles or subjects of your Gemini conversations

We have no analytics infrastructure for conversation data. We cannot see your chats even if we wanted to — by design.

4. Data Stored Locally Only

The following data is stored exclusively on your device. None of it is transmitted to our servers or any third party (except where Google Drive is explicitly used for storage at your direction):

Extension Preferences (ace_settings_v1)

• Your preferred export format (e.g., PDF, Markdown)
• Custom export templates and styling preferences
• PDF page size, font, and margin settings
• File naming format preferences
• UI settings (theme, panel position)
• Optional display name and email for export metadata (never transmitted externally)

Merge Queue Cache (mergeQueue)

• The full conversation turn data (all chat messages and HTML) for each conversation added to your merge queue is cached in chrome.storage.local
• This allows multi-conversation merge operations to proceed even after you navigate away from a conversation page
• This data is cleared automatically when you export or manually clear the queue
• This data never leaves your device

Google Drive OAuth Tokens (Optional — ace_cloud_tokens, ace_cloud_destinations)

• If you choose to connect Google Drive, an OAuth access token is stored locally
• This token only grants permission to create files in your Drive — we never read existing files
• You can revoke access at any time via Google Account settings or by disconnecting in the extension
• If you never use Google Drive sync, no token is ever stored

Obsidian Vault Handle (Optional — IndexedDB ace-vault-db)

• If you configure Obsidian sync, a filesystem handle to your local vault folder is stored in IndexedDB using the browser's File System Access API
• This handle is used only to write export files into your local Obsidian vault
• No vault contents are read or transmitted; this is a local-only operation
• If you never use Obsidian sync, nothing is written to IndexedDB

All locally stored data is automatically deleted when you uninstall the extension.

5. Data Sharing

Gemini Export Studio does not share your data with third parties for advertising, analytics, or any purpose unrelated to delivering your requested export. The only external data transmissions that occur are listed below, each initiated explicitly by you:

Google Drive API — File Upload (Optional)

• Who: Google LLC (www.googleapis.com)
• What: The generated export file (e.g., a PDF or Markdown file you just exported) and an OAuth Bearer token
• Why: To upload the export file to your own Google Drive at your explicit direction
• When: Only when you have connected Drive sync and triggered an export with Drive upload enabled
• Scope limit: We request only the drive.file scope — permission to manage files created by this extension only; we cannot read, modify, or delete any other Drive files
• No conversation text shared: Only the final export file is uploaded; raw chat content is never sent to Google Drive API

Gemini Export Studio's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Google CDN — Image Fetching

• Who: Google LLC (lh3.googleusercontent.com, lh3.google.com)
• What: HTTP GET requests for image URLs already publicly visible on your Gemini page
• Why: To embed images as base64 data inside your export file so they appear offline
• When: Only during an export that includes image content
• No conversation text shared: Only image URLs are sent; no chat text, no user identity, no export content is included in these requests

Obsidian — Local Filesystem Only (Optional)

• Who: Not transmitted externally — this is a local filesystem write
• What: The generated export file is written to a folder on your device
• Why: To save exports directly into your Obsidian vault at your direction
• When: Only when you have configured Obsidian sync and triggered an export
• No external sharing: No data is sent to Obsidian's servers or any network endpoint

Chrome Web Store — Distribution Infrastructure

• Who: Google LLC (Chrome Web Store)
• What: Extension update manifests and binaries
• Why: Chrome automatically checks for and downloads extension updates
• When: Managed automatically by Chrome; we have no control over this process
• No user data shared: We do not transmit any user data to the Chrome Web Store; this is standard Chrome extension infrastructure

Google Fonts CDN — This Website Only

• Who: Google LLC (fonts.googleapis.com)
• What: Font file requests from this privacy policy website
• Why: To render the Inter and JetBrains Mono typefaces on this website
• When: When you visit this website; the Chrome extension itself does not use any external font CDN

No Other Sharing

We do not share, sell, rent, or transfer your data to any other party under any circumstances. There are no advertising networks, analytics providers, data brokers, or third-party SDKs embedded in this extension that receive your data.

6. Data Security

Gemini Export Studio is designed to minimize security risk through its local-first, server-free architecture. The following measures protect your data:

Local Storage Encryption

• All data stored in chrome.storage.local (preferences, merge queue, OAuth tokens) is protected by Chrome's storage layer, which is encrypted by your operating system's disk encryption when your device is locked
• We do not implement a separate encryption layer on top of Chrome's storage, as the OS-level protection is appropriate for this data

HTTPS-Only External Requests

• All external network requests made by the extension — to the Google Drive API and Google CDN — use HTTPS with TLS certificate validation enforced by Chrome
• No plaintext HTTP requests are made by the extension

No Server-Side Attack Surface

• Because we operate no servers that receive user data, there is no server-side database, no API endpoint, and no backend to compromise
• An attacker cannot steal your conversation data from our infrastructure because we hold none

Chrome Debugger Tab Isolation

• When generating PDFs, the extension creates a temporary background tab and immediately destroys it after capture
• The tab is not user-visible and is programmatically closed as soon as rendering completes
• No intermediate PDF or screenshot file is written to disk during this process

Minimal OAuth Scope

• The Google Drive OAuth integration requests only the drive.file scope, which is the narrowest scope available for file creation
• This scope cannot be used to read, browse, modify, or delete any files in your Drive that were not created by this extension

Responsible Disclosure

If you discover a security vulnerability in Gemini Export Studio, please report it responsibly by emailing masteringllmlabs@gmail.com. We will acknowledge reports within 72 hours and work to address confirmed issues promptly.

7. Chrome Extension Permissions

Gemini Export Studio requests the minimum necessary permissions. Here's exactly why each permission is needed:

host_permissions: gemini.google.com

Required to read the Gemini page DOM and extract your conversation content for export. Without this, the extension cannot access any page content.

storage

Required to save your preferences (export format, templates, settings), merge queue data, and optional OAuth tokens locally in Chrome's storage. All data stored here stays on your device.

downloads

Required to trigger the file download when you export a conversation. The extension uses Chrome's download API to save the generated file to your Downloads folder.

debugger

Used exclusively for client-side PDF rendering and screenshot capture. When you export as PDF or image, the extension uses the Chrome Debugger Protocol to: create a temporary background tab, inject the conversation HTML into it, render it fully, and capture the output as a PDF or screenshot. The tab is immediately closed after capture. No data is transmitted externally during this process — the debugger API is used entirely within your browser for local rendering. This is one of Chrome's most powerful APIs and we use it only because Chrome's standard print-to-PDF functionality is not available to extensions.

identity (Drive sync only)

This permission is declared in the extension manifest but is only activated when you explicitly initiate Google Drive sync. The permission enables the OAuth flow to authenticate with Google's Drive API. If you never use Google Drive sync, this permission is never invoked.

We do not request history, tabs, cookies, webRequest, or any other broad-access permissions. We never request access to any website other than gemini.google.com (and Google's APIs for optional Drive sync).

8. Your Rights (GDPR & CCPA)

Since we collect no personal data on our servers, most standard data rights requests are trivially satisfied — there's nothing to access, correct, or delete on our end.

GDPR (EU/EEA Users)

• Right of Access: We hold no personal data about you on our servers
• Right to Erasure: No data stored on our servers; uninstalling the extension clears all local data
• Right to Portability: Your export files are always in your possession
• Right to Object: Processing happens locally; there is no profiling or automated decision-making
• Lawful Basis: Processing (local, on-device) is performed under your explicit consent (you initiate each export)

CCPA (California Residents)

• Right to Know: We collect no personal information on our servers — there is nothing to disclose
• Right to Delete: Uninstall the extension — all local data is automatically deleted
• Right to Opt-Out of Sale: We do not sell personal information (we have none to sell)
• Non-Discrimination: We offer no tiered service based on privacy choices

To exercise any rights related to optional Google Drive sync, you can revoke the extension's Google Drive access at: myaccount.google.com/permissions

9. Children's Privacy

Gemini Export Studio is not directed at children under the age of 13 (or 16 in the EU/EEA). We do not knowingly collect any personal information from children.

Since we collect no personal data from any user, children's data is equally protected by our zero-collection architecture.

If you believe a child has used this extension in a way that concerns you, please contact us at masteringllmlabs@gmail.com.

10. Data Usage Declarations

To comply with Chrome Web Store Developer Program Policies, we explicitly declare that:

• We do not sell your data to third parties. No data — including conversation content, preferences, or any locally processed information — is ever sold.
• We do not use or transfer your data for purposes unrelated to the core functionality of the extension. Data accessed by the extension is used solely to generate and deliver your requested exports.
• We do not use or transfer your data to determine creditworthiness or for lending purposes.

11. Policy Changes

We may update this privacy policy from time to time. When we do:

• The "Last updated" date at the top of this page will be revised
• Significant changes will be noted in the Chrome Web Store extension listing changelog
• We will never retroactively change our policy to collect data we previously said we wouldn't collect
• Any change to data collection practices would require explicit user consent

Continued use of the extension after a policy update constitutes acceptance of the revised policy.

12. Contact Us

If you have questions, concerns, or requests related to this privacy policy or Gemini Export Studio's data practices, please reach out:

We aim to respond to all privacy-related inquiries within 72 hours.