ChhayDigital Script Manager – Privacy Policy

ChhayDigital Script Manager (“the Extension”) is provided by ChhayDigital (“we”, “us”, “our”). This Privacy Policy explains how the Extension collects, uses, and protects user data.

1. Information We Collect

The Extension collects and processes the following information only for authenticated usage:

a. Account Information

• Username
• User ID (internal identifier)

This information is used solely to authenticate users registered with ChhayDigital.

b. Device Identifier

• Randomly generated Machine ID

This identifier is used to maintain login sessions, prevent unauthorized access, and allow administrators to remotely invalidate sessions when required.

c. Script Preferences

• Domains where scripts are enabled
• Script enable/disable status
• Script content provided by ChhayDigital administrators

These preferences are stored locally in the user’s browser using Chrome’s storage APIs.

2. How We Use the Data

The collected data is used exclusively to:

• Authenticate users in the Extension
• Verify login status with ChhayDigital servers
• Deliver administrator-approved scripts to authorized users
• Enable or disable scripts on a per-domain basis
• Maintain security and access control

3. Script Injection Behavior

The Extension injects only administrator-approved scripts and only on user-selected domains.

• Scripts are executed using Chrome’s User Scripts API
• No scripts are injected without user authentication
• No advertising, tracking, or analytics scripts are injected

4. Data Storage & Security

• Login state and preferences are stored locally in the browser
• Authentication requests are sent over secure HTTPS connections
• Passwords are never stored by the Extension
• User data is not sold, rented, or shared with third parties

5. Data Sharing

We do not share personal or usage data with advertisers, analytics providers, or data brokers.

Data is shared only with ChhayDigital servers for authentication and script delivery purposes.

6. Permissions Explanation

The Extension uses the following Chrome permissions:

• storage – to store login state and script preferences
• tabs – to detect the active domain
• userScripts – to safely execute administrator-approved scripts
• host permissions (<all_urls>) – to apply scripts to selected websites

7. User Control

Users can:

• Log out of the Extension at any time
• Enable or disable scripts per domain
• Remove stored scripts
• End the session by closing the browser

Administrators may remotely invalidate sessions for security purposes.

8. Data Retention

• Local data remains until logout or Extension removal
• Server-side session records are retained only as required for security and auditing

9. Changes to This Policy

This Privacy Policy may be updated periodically. Updates will be reflected on this page with a revised “Last updated” date.

10. Contact Information

If you have questions about this Privacy Policy, please contact: