Privacy Policy

1. Introduction

This Privacy Policy describes how Canvas Ninja ("we," "us," or "our") collects, uses, and shares information when you use our browser extension ("Extension"). By installing and using the Extension, you agree to the practices described in this policy.

2. Information We Collect

2.1 Account Information

• Email address: Collected when you create an account or log in
• Password: Used for authentication (stored securely via Supabase)
• Payment status: Whether you have an active subscription (monthly or lifetime)

2.2 Automatically Collected Information

• Authentication tokens: Session data to keep you logged in
• User preferences: Your settings and feature toggle states (e.g., Privacy Guard enabled/disabled, Answer Saver enabled/disabled, Show Canvas Toolbar preference)

2.3 Information from Canvas LMS

When using the Answer Saver feature, the Extension accesses:

• Quiz submission history from your Canvas LMS account
• Previously submitted answers on quizzes with multiple attempts
• Course and quiz identifiers from page URLs

3. Browser Permissions

The Extension requires the following permissions:

4. How We Use Your Information

We use collected information to:

• Authenticate your account and verify subscription status
• Provide and maintain Extension functionality
• Store your feature preferences locally on your device
• Process payments through our third-party payment processor

5. Data Storage

5.1 Local Storage

The following data is stored locally in your browser using Chrome's storage.local API:

• Email address
• Payment status (paid/lifetimePaid)
• Feature preferences (privacyGuardEnabled, saveCorrectAnswers, showInjectedUI)
• Authentication session tokens

5.2 Remote Storage

Account and subscription data is stored on Supabase servers, including:

• User account information
• Subscription/entitlement status

6. Third-Party Services

We use the following third-party services:

We do not sell your personal information to third parties.

7. Data Sharing

We do not share your personal information except:

• With service providers necessary to operate the Extension (Supabase, Stripe)
• If required by law or legal process
• To protect our rights or the safety of users

8. Data Security

We implement security measures including:

• Encrypted authentication via Supabase
• Session token expiration and automatic logout
• Secure payment processing via Stripe (we never store payment card details)

9. Your Rights and Choices

9.1 Access and Deletion

You can:

• Log out at any time to clear your session data
• Contact us to request deletion of your account and associated data

9.2 Manage Preferences

You can enable or disable features at any time through the Extension settings:

• Privacy Guard
• Answer Saver
• Canvas Toolbar visibility

9.3 Uninstall

Removing the Extension will delete all locally stored data. Contact us to delete server-side account data.

10. Children's Privacy

The Extension is not intended for use by individuals under 13 years of age. We do not knowingly collect personal information from children under 13.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last Updated" date at the top of this policy.

12. Data Retention

• Local data: Retained until you log out or uninstall the Extension
• Account data: Retained until you request account deletion
• Payment records: Retained as required for tax and legal compliance

13. International Users

Our services are hosted in the United States. By using the Extension, you consent to the transfer of your information to the United States, which may have different data protection laws than your country.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us:

• Discord: discord.gg/waFTBbmbQZ