Privacy policy

Last updated: May 2026. HTML Share is a Chrome extension and web app that turns the HTML of your active browser tab into a stable, shareable link.

Data we collect

• Your Google account email, name, avatar, and unique identifier, received from Supabase Auth when you sign in. We use it to identify you as the owner of the prototypes you publish and to enforce per-link access control.
• The HTML of the tab you click Publish on, stored in our object storage so we can serve it from a stable public URL. Republishing replaces the previous HTML at the same URL.
• A locally-generated fingerprint (an opaque hash of the page's URL or local file path) so the extension can map a file you re-open back to its existing public link without forcing you to remember it.
• Per-link access grants: when you mark a link as Restricted, we store the email addresses you invite, so the worker can verify viewers at view time.
• Viewer email addresses: when someone signs in to view a Restricted link, Supabase Auth records their email so we can check them against the grants list.

What the extension can do, and what it cannot

• The extension only reads the active tab's HTML when you explicitly click Publish. It does not run in the background, monitor your browsing, or read any other tab.
• The extension stores its session and a small local-file -> link mapping in chrome.storage.local, scoped to the extension. Nothing is synced to your Google account.
• The extension does not collect analytics, telemetry, or any information about pages you visit.

Chrome permissions and why we need them

• activeTab: read the HTML of the tab you clicked Publish on. Granted only at the moment of the click.
• scripting: extract the tab's outer HTML via chrome.scripting.executeScript after you click Publish.
• storage: persist your sign-in session and the fingerprint -> public-link mapping locally.
• identity: complete the Google sign-in flow via chrome.identity.launchWebAuthFlow.
• host_permissions: file:///*: required to capture local HTML files you open via file:// URLs (this is not covered by activeTab alone). You must also enable "Allow access to file URLs" for the extension in chrome://extensions for this to work.

What we don't do

• We don't sell or rent your data.
• We don't share your data with third parties beyond the infrastructure providers we use to operate the service (Supabase for auth and storage, Cloudflare for serving published links, Vercel for the web app).
• We don't analyze, scan, or train on the contents of your published prototypes.

Deleting your data

Email linkdash.app@gmail.com and we will delete your account and all stored prototypes within 7 days. A self-service delete flow ships in a future version.

Contact

Questions or concerns: linkdash.app@gmail.com.