Polytab — Privacy Policy
Last updated: June 17, 2026
Polytab is a browser extension that replaces your new tab page with a customizable dashboard. Your privacy matters — this policy explains what data the extension accesses, how it is used, and where it is stored.
1. Data that stays on your device
All of the following data is stored locally in your browser using the Chrome Storage API and is never transmitted to any external server:
- Dashboard layout, tile configuration, and theme preferences
- Notes, to-do items, and daily focus entries
- Pomodoro timer state
- Bookmarks and quick-link settings
- Cached feed content (Hacker News, Reddit, Product Hunt, RSS, podcasts)
2. Network requests
Polytab fetches content from third-party APIs to populate your dashboard tiles. These requests go directly from your browser to the respective services — Polytab does not operate a proxy or relay server. The services contacted include:
- Hacker News (hacker-news.firebaseio.com) — stories and comments
- Reddit (reddit.com) — subreddit posts
- Product Hunt (api.producthunt.com) — trending products
- Open-Meteo (api.open-meteo.com) — weather forecasts
- ip-api.com — approximate location by IP address, used solely to display local weather when device geolocation is unavailable
- RSS / podcast feeds — URLs you configure
- Google Calendar (googleapis.com) — calendar events, only if you explicitly connect your Google account
Polytab does not add tracking parameters, analytics identifiers, or any user-identifiable information to these requests.
3. Location data
The weather tile may request your approximate location in two ways:
- IP-based geolocation via ip-api.com — happens automatically and reveals only your approximate city-level location.
- Device geolocation via the browser Geolocation API — only used as a fallback, and only after you grant permission through the browser prompt.
Location data is used exclusively to fetch weather information and is not stored beyond the current cache cycle (30 minutes).
4. Browser permissions
Polytab requests the following permissions:
- storage — save your dashboard settings and cached content locally
- notifications — Pomodoro timer alerts
- alarms — schedule periodic background tasks (feed refresh, timer)
- topSites — display your most-visited sites tile
- identity — Google account sign-in for the Calendar tile (opt-in)
- system.cpu / system.memory — display hardware stats in the system monitor tile
- host permissions — fetch content from the third-party APIs listed above and RSS/podcast URLs you configure
5. Google account data
If you choose to connect Google Calendar, Polytab requests read-only access to your calendar events via OAuth 2.0. This data is displayed in your dashboard and cached locally. Polytab does not store, share, or transmit your Google account credentials or calendar data to any third party.
6. Feedback form
Polytab includes an optional feedback form. If you choose to submit feedback, the message text, feedback type, and your email address (if you provide one) are sent to a Cloudflare Worker endpoint operated by the developer. This information is used solely to read and respond to your feedback. No other data is collected through this form.
7. Analytics and tracking
Polytab does not include any analytics, telemetry, crash-reporting, or ad-tracking code. No usage data is collected or transmitted.
8. Data sharing
Polytab does not sell, share, or transfer your data to any third party, except as described in the Feedback section above when you voluntarily submit feedback.
9. Children's privacy
Polytab is not directed at children under 13 and does not knowingly collect personal information from children.
10. Changes to this policy
If this policy is updated, the revised version will be published at this same URL with an updated date. Continued use of the extension after changes constitutes acceptance of the revised policy.