Privacy Policy

Pinodock

How Pinodock handles your data β€” concisely, honestly, and completely. Short version: it doesn't leave your machine.

πŸ“… Last updated: May 15, 2026 πŸ“¦ Extension: Pinodock v0.2.0 🏒 Publisher: PencilCard
πŸ”’
Plain-English Summary: Pinodock stores everything locally on your device using Chrome's built-in storage API. We do not operate servers, collect analytics, or transmit your personal data anywhere. The only outbound network request is the weather widget, which fetches weather data from a third-party service β€” no personal or identifying information is sent.

Contents

  1. Data We Collect
  2. How Data Is Stored
  3. External Network Requests
  4. Permissions Justification
  5. Data Sharing
  6. Your Rights & Data Deletion
  7. Children's Privacy
  8. Policy Changes
  9. Contact

1. Data We Collect

Pinodock does not collect, transmit, or store any personal data on external servers. All data described below is stored exclusively in your browser's local storage on your own device and is never sent to PencilCard or any third party.

Data stored locally on your device

  • Clipboard history β€” text you have recently copied, kept in local storage to power the /clip command. Never transmitted.
  • Todo lists and habit logs β€” tasks and habit check-ins you create inside the extension.
  • Search history β€” queries you have typed in the launcher, used only for the "Recent searches" feature. Can be disabled in Settings.
  • Scratch pad content β€” notes appended via the /note command.
  • Reading list β€” URLs saved via the /save command.
  • Domain visit timing β€” time spent on active browser tabs, aggregated locally and displayed in the Usage dashboard. Specific URLs and page content are never recorded.
  • Settings and preferences β€” theme, layout, username, Pomodoro intervals, enabled features.
  • Custom URL aliases and snippets β€” shortcuts you define in Settings.

Data we do not collect

  • Full URLs, page titles, or browsing history beyond domain-level visit timing
  • File names, file contents, or filesystem metadata
  • Form inputs, passwords, or autofill data
  • IP addresses, device identifiers, or fingerprinting data
  • Crash reports or diagnostic telemetry

2. How Data Is Stored

Pinodock uses two Chrome storage mechanisms:

chrome.storage.local

Used for sensitive or large data: clipboard history, todos, habits, scratch pad, search history, reading list, usage stats. This data exists only on your current device and is not synced anywhere. It is cleared when you uninstall the extension or clear browser data.

Note: chrome.storage.local is sandboxed to the extension and not accessible by other extensions or websites. It is not encrypted at rest beyond the protection provided by your operating system's user account.

chrome.storage.sync

Used for non-sensitive preferences only: theme choice, layout preset, custom URL aliases, and non-sensitive text snippets. If you are signed into Chrome and have sync enabled, Google will sync these preferences across your devices using your Google account β€” this is a Google service, not a PencilCard service. We have no access to or visibility into this sync. You can disable Chrome sync at any time in Chrome settings.

⚠️
If you have sensitive custom snippets: Store them using chrome.storage.local mode (configurable in Settings β†’ Data). Snippets stored in sync mode may be transmitted to Google's servers as part of Chrome's normal sync infrastructure.

3. External Network Requests

Pinodock makes network requests only when you explicitly enable the relevant feature. All requests are made directly from your browser β€” PencilCard operates no servers that proxy or receive this data.

Public API plugins (no auth required)

When you enable these plugins, Pinodock calls their public APIs directly from your browser. No personal data is included in these requests.

  • Weather widget β€” calls wttr.in with your configured city name to retrieve current weather. Disabled by default.
  • Hacker News plugin β€” calls hacker-news.firebaseio.com to retrieve the current top story IDs and metadata. No user data is sent.
  • Crypto Prices plugin β€” calls api.coingecko.com for BTC, ETH and SOL prices. No user data is sent.
  • Reddit Feed plugin β€” calls www.reddit.com's public JSON feed for the subreddit you configure. No account credentials are used.
  • Translation feature β€” calls api.mymemory.translated.net when you use the /translate command. Only the text you submit for translation is sent.

Session-connected plugins (tab injection, no OAuth)

When you enable a session-connected plugin (Spotify, Gmail, Google Calendar, YouTube Studio, AWS Console, GitHub, or Todoist), Pinodock uses the scripting permission to inject a small, read-only JavaScript function into a tab you already have open for that service. The function reads specific DOM elements or localStorage values that are already present in your authenticated session β€” it does not make any additional network requests, does not modify the page, and does not write or delete any data.

The data read (e.g. your unread email count, now-playing track, today's calendar events) is stored temporarily in chrome.storage.local with a 5-minute cache. It is never transmitted to PencilCard or any third party. The injection only occurs into the specific host you have consented to by enabling the plugin.

If the relevant tab is not open, no injection occurs and no data is read.

⚠️
Session-connected plugins are opt-in. They are disabled by default. You must explicitly enable each one in Settings β†’ Plugins. Disabling a plugin stops all tab injection for that service immediately.

Sign-in and subscription entitlement

If you sign in to Pinodock, your Firebase ID token is verified and your subscription tier (Free / Pro / Enterprise) is fetched from firestore.googleapis.com. Only your Firebase UID is transmitted β€” no browsing data, clipboard content, or extension state is included. This call occurs once on sign-in and on periodic session refresh. Entitlement is cached locally so subsequent launches do not require a network call.

Features with no network requests

Launcher, clipboard history, todos, habits, Pomodoro, calculator, QR code generation, URL aliases, tab search, bookmark search, download listing, scratch pad, and ambient sounds β€” all operate entirely offline.

4. Permissions Justification

The following permissions are declared in Pinodock's manifest.json. Each permission is used exclusively for the feature described β€” never for tracking or analytics.

Permission Why it is needed
storage Stores all extension data (todos, habits, clipboard, preferences, plugin cache) locally using chrome.storage.local and chrome.storage.sync. Nothing leaves your device via this API.
bookmarks Searches your Chrome bookmarks by title and URL when you type in the launcher. No bookmarks are stored, modified, or transmitted outside your device.
downloads Powers the /dl command β€” lists your recent completed downloads by filename so you can locate or reveal them. No download data is stored or transmitted.
history Powers the // prefix in the launcher β€” searches your browser history by keyword so you can re-open recently visited pages. No history data is stored by Pinodock or transmitted anywhere. You can disable this in Settings β†’ Launcher.
tabs Powers the > tab-search prefix and Usage dashboard. Also used by session-connected plugins to locate a specific open tab (e.g. finding your open Gmail tab) before reading data from it. Tab titles and URLs stay local and are never transmitted.
scripting Used for two purposes: (1) injects a small read-only content script into every tab to power the Cmd+K global palette command from any page; (2) used exclusively by opt-in session-connected plugins (Spotify, Gmail, Google Calendar, YouTube Studio, AWS Console, GitHub, Todoist) β€” when you enable a plugin, Pinodock injects a read-only function into the specific tab you have open for that service to read data already present in your authenticated session. All injection is read-only and makes no additional network requests.
activeTab Supports the scripting permission above, allowing the injection to target the currently active tab when a plugin refresh is triggered from the new tab page.
idle Pauses the Pomodoro timer and usage tracking when your machine becomes idle, preventing inaccurate time statistics.
alarms Schedules Pomodoro session end events so the timer fires reliably even when the new tab page is not in focus.
notifications Fires a desktop notification when a Pomodoro session ends. No notification content is transmitted anywhere.
clipboardWrite Required to copy launcher results, command palette selections, and clipboard history entries to the system clipboard when you click a "Copy" action. Content scripts in MV3 require this permission to call the Clipboard API from a message listener. The clipboard content is never stored beyond what you already explicitly copied.
browsingData Powers the /clear-cache command and privacy tools in the command palette, which let you clear browser cache and site data on demand. Pinodock only performs these actions after you explicitly request them β€” nothing is cleared automatically or transmitted anywhere.
tabGroups Powers the /tabs merge command, which groups matching open tabs into a named Chrome tab group. Used only when you explicitly run this command β€” tab group data is never stored or transmitted outside your device.
contextMenus Adds two right-click menu items to selected text: "Save to Pinodock notes" (saves your selection as a sticky note in local storage) and "Highlight with Pinodock" (highlights the selection on the page and saves it to your local highlights list). These menu items appear only because you have the extension installed, and no text is ever transmitted.
host: *://*/* Pinodock declares access to all URLs. This single broad permission covers three uses: (1) the content script injected into every tab for the global palette command; (2) the > tab-search prefix reading tab titles from any open tab; (3) opt-in session-connected plugins injecting into specific service tabs (Spotify, Gmail, Google Calendar, YouTube Studio, AWS Console, GitHub, Todoist) when you enable them. Within this permission, the specific services Pinodock actually contacts are: wttr.in (weather), api.mymemory.translated.net (translation), hacker-news.firebaseio.com (Hacker News plugin), api.coingecko.com (Crypto Prices plugin), and www.reddit.com (Reddit Feed plugin). No other external requests are made.
⚠️
Omnibox keyword "pd": The Pinodock browser extension registers the omnibox keyword pd (this is an extension feature, not provided by the PencilCard website). Typing pd followed by a space in the Chrome address bar opens the Pinodock launcher pre-filled with your search. The text you type is never sent to PencilCard β€” it is handled locally by the extension.

Optional host permissions: Pinodock requests optional host access only for the specific third-party services you enable (weather, Hacker News, crypto prices, translation, and opt-in session-connected plugins such as Spotify, Gmail, Calendar, YouTube Studio, AWS Console, GitHub, and Todoist). These permissions are opt-in and used only when you enable the related plugin; no data is transmitted to PencilCard and any injected code is read-only and scoped to the consenting host.

5. Data Sharing

PencilCard does not sell, rent, trade, or otherwise share your personal data with any third party. PencilCard operates no servers that receive data from the extension.

The following data transmissions may occur depending on which features you enable:

  • Google Chrome sync (optional) β€” if you have Chrome sync enabled, non-sensitive preferences are synced via Google's infrastructure. PencilCard has no access to this data.
  • wttr.in β€” your configured city or location is sent to wttr.in when the weather widget is enabled. Disabled by default.
  • MyMemory translation API β€” text you submit via the /translate command is sent to api.mymemory.translated.net. Only triggered on explicit user action.
  • Hacker News, CoinGecko, Reddit public APIs β€” when the respective plugins are enabled, Pinodock calls these public APIs directly from your browser. No personal data is included in the requests.
  • Session-connected plugin services β€” when enabled, Pinodock reads data from your already-open browser tabs for Spotify, Gmail, Google Calendar, YouTube Studio, AWS Console, GitHub, and Todoist. This data is read locally from the existing page context; Pinodock makes no direct server requests to these services on your behalf, and the data is never sent to PencilCard.

Because the core product does not store user data on our servers, we cannot be compelled to share it. If you enable optional cloud features, those providers’ policies will apply to any transmitted data.

6. Your Rights & Data Deletion

Because all data is stored locally on your device, you have complete control at all times.

Delete all Pinodock data

Open Pinodock β†’ Settings β†’ Data β†’ "Clear all extension data". This permanently deletes all todos, habits, clipboard history, search history, scratch pad, and preferences from your device.

Delete specific data types

Individual data types can be cleared separately in Settings β†’ Data. Clipboard history can be cleared from the clipboard panel. Search history can be disabled or cleared in Settings β†’ Dashboard.

Uninstall

Uninstalling Pinodock from Chrome removes all locally stored data automatically. Chrome may offer to keep sync preferences β€” you can decline.

Access your data

All data Pinodock stores is directly inspectable in Chrome DevTools β†’ Application β†’ Storage β†’ Extension Storage, or by using the Settings β†’ Data export feature.

Your rights under UK & EU data protection law

Because Pinodock stores all data locally on your device and transmits nothing personal to PencilCard servers, you already hold complete control. Under UK GDPR and EU GDPR, you have the right to:

  • Access β€” all data is inspectable via Chrome DevTools β†’ Application β†’ Storage β†’ Extension Storage.
  • Rectification β€” edit or overwrite any stored preference directly in extension settings.
  • Erasure β€” use Settings β†’ Data β†’ "Clear all extension data" or uninstall the extension.
  • Portability β€” all data is stored in plain JSON and can be exported via Settings β†’ Data export.

The only personal data PencilCard processes is your Firebase UID for sign-in and subscription entitlement. To request deletion of your account, email privacy@pencilcard.com. For data held by third-party providers (Google Chrome sync, Firebase, AI providers you configure), exercise your rights directly with those services.

7. Children's Privacy

Pinodock does not knowingly collect any information from children under 13. As no personal data is collected or transmitted to any server, the extension is suitable for all ages. Parents should be aware that if Chrome sync is enabled on a shared device, non-sensitive preferences may sync via the signed-in Google account.

8. Policy Changes

We will update this page if the privacy practices of Pinodock change. Significant changes β€” such as any new data collection or new external network connections β€” will be communicated via a notice in the extension update and an update to the "Last updated" date above. For minor clarifications we update the effective date only. We will not retroactively apply material changes to data already collected without notifying you first.

The current version of this policy is always accessible at pencilcard.com/privacy-pinodock.

9. Contact

For privacy-related questions about Pinodock, contact us at:

We aim to respond within 5 business days.

← Company Privacy Policy Back to Pinodock