|
| 1 | +# **Privacy Policy – ChatGPT Diagram Renderer Browser Extension** |
| 2 | + |
| 3 | +*Last updated: 17 November 2025* |
| 4 | + |
| 5 | +This browser extension (“Extension”) helps you render diagrams from text using the Kroki rendering service. This Privacy Policy explains what data is processed, how it is used, and what third parties are involved. |
| 6 | + |
| 7 | +If you do not agree with this policy, please do not use the Extension. |
| 8 | + |
| 9 | +--- |
| 10 | + |
| 11 | +### 1. Data Controller |
| 12 | + |
| 13 | +The Extension is a client-side tool installed in your browser. |
| 14 | +There is no separate backend operated by the developer; all processing happens either: |
| 15 | + |
| 16 | +* locally in your browser, or |
| 17 | +* by sending diagram source text to the external service **kroki.io** for rendering. |
| 18 | + |
| 19 | +The developer does not run or control kroki.io. |
| 20 | + |
| 21 | +--- |
| 22 | + |
| 23 | +### 2. Data Processed by the Extension |
| 24 | + |
| 25 | +The Extension processes the following data: |
| 26 | + |
| 27 | +1. **Diagram Source Text** |
| 28 | + |
| 29 | + * When you use the Extension to render a diagram, the plain text you enter (such as PlantUML, Mermaid, Graphviz, etc.) is sent to **kroki.io** to generate an image. |
| 30 | + * This text **may contain personal or sensitive information**, depending on what you write. |
| 31 | + * The Extension does **not** automatically filter or anonymize your content. |
| 32 | + |
| 33 | +2. **Technical Data from Your Browser** |
| 34 | + |
| 35 | + * Standard technical data such as your IP address, user agent, and request metadata may be transmitted to **kroki.io** as part of the HTTP request, as with any normal web request. |
| 36 | + * This technical data is handled according to kroki.io’s own policies and server configuration, not by the Extension’s developer. |
| 37 | + |
| 38 | +3. **Local Storage / Settings** |
| 39 | + |
| 40 | + * The Extension may store configuration, UI settings, or cached data **locally in your browser** (e.g., via `localStorage`, `sync storage`, or similar browser extension storage APIs). |
| 41 | + * This data is **not** sent to the developer and is **not** shared with third parties, except when it is included in a diagram request that you actively render. |
| 42 | + |
| 43 | +--- |
| 44 | + |
| 45 | +### 3. Data Sharing with kroki.io |
| 46 | + |
| 47 | +To render diagrams, the Extension sends your diagram source text to the external service: |
| 48 | + |
| 49 | +> **Service:** kroki.io |
| 50 | +> **Purpose:** Generating diagram images from text |
| 51 | + |
| 52 | +* Your diagram text is included in the request sent to kroki.io. |
| 53 | +* kroki.io receives this text and the usual technical request data (e.g., IP address). |
| 54 | +* The developer of this Extension does **not** control kroki.io and has no insight into how they store or log data. |
| 55 | + |
| 56 | +You should assume that: |
| 57 | + |
| 58 | +* kroki.io **may log** requests for operational, debugging, or security purposes. |
| 59 | +* kroki.io’s processing of your data is governed by its **own** terms of service and privacy policy. |
| 60 | + |
| 61 | +If you cannot accept your diagram content being sent to an external service, you must not use the rendering functionality of this Extension. |
| 62 | + |
| 63 | +--- |
| 64 | + |
| 65 | +### 4. No Analytics, No Advertising, No User Accounts |
| 66 | + |
| 67 | +The Extension: |
| 68 | + |
| 69 | +* does **not** include third-party analytics (e.g. Google Analytics), |
| 70 | +* does **not** show ads, |
| 71 | +* does **not** create or manage user accounts, |
| 72 | +* does **not** send any usage statistics or telemetry to the developer. |
| 73 | + |
| 74 | +All data processing is limited to what is necessary to provide diagram rendering functionality. |
| 75 | + |
| 76 | +--- |
| 77 | + |
| 78 | +### 5. Your Responsibility for the Content You Send |
| 79 | + |
| 80 | +You are solely responsible for the content you enter into the Extension, including any personal or confidential information. |
| 81 | + |
| 82 | +Before sending diagram text to kroki.io via the Extension, you should: |
| 83 | + |
| 84 | +* avoid including **sensitive personal data** (e.g. health data, passwords, financial data), |
| 85 | +* anonymize or pseudonymize data where possible, |
| 86 | +* review whether sending this information to an external service is permissible under your local laws or organizational policies. |
| 87 | + |
| 88 | +--- |
| 89 | + |
| 90 | +### 6. Legal Basis (where applicable) |
| 91 | + |
| 92 | +Where privacy laws apply (such as GDPR in the EU), the processing of your data via this Extension is generally based on: |
| 93 | + |
| 94 | +* **Your consent and explicit action** – you choose to input diagram text and trigger rendering, which sends data to kroki.io. |
| 95 | +* **Legitimate interest** – providing the functionality of rendering diagrams as requested by you. |
| 96 | + |
| 97 | +--- |
| 98 | + |
| 99 | +### 7. Data Retention |
| 100 | + |
| 101 | +The Extension itself: |
| 102 | + |
| 103 | +* does **not** store your diagram content on any server operated by the developer. |
| 104 | +* only stores local settings and data in your browser, which you can clear at any time by removing or resetting the Extension or clearing your browser data. |
| 105 | + |
| 106 | +Any storage or logging on **kroki.io** is outside the developer’s control and governed by kroki.io’s own policies. |
| 107 | + |
| 108 | +--- |
| 109 | + |
| 110 | +### 8. Security |
| 111 | + |
| 112 | +* The Extension relies on your browser’s security model. |
| 113 | +* Requests to kroki.io are typically sent over **HTTPS** (if supported by the service), in order to protect data in transit against simple interception. |
| 114 | +* However, no method of transmission over the Internet is 100% secure, and the developer cannot guarantee the security of data once it leaves your device and is sent to kroki.io. |
| 115 | + |
| 116 | +--- |
| 117 | + |
| 118 | +### 9. Third-Party Services |
| 119 | + |
| 120 | +The main third-party service involved is: |
| 121 | + |
| 122 | +* **kroki.io** – for diagram rendering. |
| 123 | + |
| 124 | +You should review the terms, documentation, or privacy information provided by kroki.io directly to understand how they handle logs, data retention, and security. |
| 125 | + |
| 126 | +--- |
| 127 | + |
| 128 | +### 10. Children’s Privacy |
| 129 | + |
| 130 | +The Extension is not designed for, or targeted at, children under the age of 16. |
| 131 | +If you are under the age applicable in your jurisdiction, you should only use this Extension with the consent of a parent or legal guardian. |
| 132 | + |
| 133 | +--- |
| 134 | + |
| 135 | +### 11. Changes to This Privacy Policy |
| 136 | + |
| 137 | +This Privacy Policy may be updated from time to time, for example to reflect: |
| 138 | + |
| 139 | +* changes in functionality, |
| 140 | +* changes in third-party services (such as kroki.io), |
| 141 | +* changes in legal requirements. |
| 142 | + |
| 143 | +The “Last updated” date at the top will indicate the most recent revision. Continued use of the Extension after changes are published means you accept the updated policy. |
| 144 | + |
| 145 | +--- |
| 146 | + |
| 147 | +### 12. Contact |
| 148 | + |
| 149 | +If you have questions or requests regarding this Privacy Policy, you can contact the developer of the Extension via the contact information provided in the extension store listing or project repository or via [email protected]. |
| 150 | + |
| 151 | +--- |
0 commit comments