Privacy Policy

SitePin by Webico — Chrome Extension

Last updated: April 14, 2026

1. Introduction

SitePin by Webico ("the Extension") is a Chrome extension that allows users to pin visual feedback directly on any website. Feedback is sent to Webico CRM where it creates tasks with pixel-perfect screenshots. This privacy policy explains how we collect, use, and protect your data.

2. Data We Collect

The Extension only collects data when you actively submit feedback:

  • Screenshot: A cropped viewport screenshot (JPEG, ~100-200KB) of the area around your click position. Captured via Chrome's captureVisibleTab API.
  • Feedback text: The description you type in the feedback form.
  • Page URL: The URL of the page where you submitted feedback.
  • Browser metadata: Browser name, OS, screen size, viewport dimensions. No personal identifiers.
  • CSS selector: The DOM selector of the element you clicked on.
  • CRM URL: The Webico CRM instance URL you configured (stored locally in Chrome storage).

3. How We Use Your Data

  • Screenshots and feedback text are uploaded to your Webico CRM instance to create project tasks.
  • Data is sent directly to YOUR CRM server — we do not operate any intermediary servers.
  • Browser metadata helps developers understand the context of your feedback.
  • CRM URL is stored in Chrome local storage for convenience — never transmitted elsewhere.

4. Data Storage

  • Chrome local storage: CRM URL only. Cleared when you uninstall the extension.
  • Your CRM server: Screenshots and feedback are stored on your own Webico CRM instance. Data retention follows your CRM's policies.
  • We do NOT store any data on our own servers beyond what's in your CRM.

5. Permissions Explained

  • activeTab: Required to capture screenshot of the current tab and inject the feedback widget.
  • tabs: Required to detect the current tab URL and auto-match with projects in your CRM.
  • scripting: Required to inject the feedback UI (pin marker, form) into the web page.
  • storage: Required to save your CRM URL locally so you don't have to enter it every time.
  • host_permissions (all URLs): Required because the extension needs to work on ANY website your team is reviewing — not just specific domains.

6. Third-Party Sharing

We do NOT share, sell, or transfer your data to any third parties. All data flows directly between your browser and your Webico CRM instance.

7. Security

  • All communication uses HTTPS encryption.
  • Screenshots are transmitted as base64-encoded JPEG over secure API endpoints.
  • No data is cached or logged by the extension beyond Chrome local storage.

8. Your Rights

  • You can uninstall the extension at any time to stop all data collection.
  • You can clear Chrome local storage to remove saved CRM URL.
  • Feedback tasks and screenshots in your CRM can be deleted through the CRM interface.

9. Contact

If you have questions about this privacy policy, contact us at:

Webico
Email: hello@webico.ai
Website: webico.ai