Privacy Policy

Introduction

Welcome to Cueston ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, and safeguard your data when you use our Chrome browser extension and web application.

Information We Collect

1. Authentication Information

When you use the Cueston Chrome extension, we store your API authentication token locally using Chrome’s storage API. This token is required to:

• Authenticate your connection to the Cueston dashboard
• Maintain your logged-in session
• Enable the element picker functionality

Storage: Your API token is stored locally on your device using Chrome's secure storage API and is never transmitted to third parties.

2. Account Information

When creating an account on cueston.com, we collect:

• Email address
• Name (optional)
• Password (securely encrypted)

3. Usage Data

We collect usage analytics such as:

• Product tours, tooltips, and banners you create
• Configured URL patterns
• View counts and engagement
• Browser type and version

How We Use Your Information

• Service Delivery
• Authentication
• Analytics
• Customer Support
• Feature Improvement

What We DO NOT Do

• We do not sell your data
• We do not transfer your data to third parties except as required by law
• We do not use your data for unrelated purposes
• We do not evaluate creditworthiness
• We do not track your browsing activity. The extension only activates on URLs you explicitly configure in your Cueston dashboard
• We do not collect data from websites you haven’t configured

Data Storage and Security

• HTTPS/TLS encryption
• Secure local token storage
• Password hashing & encryption
• Strict internal access controls

Chrome Extension Permissions

• activeTab – enables the element picker
• storage – stores your token locally
• tabs – opens the dashboard & validates URLs
• scripting – injects the picker script on demand
• <all_urls> – activates Cueston on configured domains only

Chrome Web Store Compliance

• Single Purpose: Cueston provides product tour and onboarding functionality only
• No Remote Code: All code is packaged with the extension
• Limited Data Collection: We only collect data necessary for authentication and service delivery
• No Data Sales: We never sell user data to third parties

Third-Party Services

• Cloud hosting infrastructure
• Supabase (database)
• Analytics providers

All third-party providers are contractually required to protect your data.

Your Rights

• Access
• Correction
• Deletion
• Export
• Extension disconnection (removes local token)

Data Retention

We retain your data while your account is active. If deleted, your information is removed within 30 days unless legally required otherwise.

Children’s Privacy

Cueston is not intended for children under 13. If we discover such data, we delete it immediately.

Changes to This Privacy Policy

Updates may occur periodically. The “Last Updated” date reflects the newest version.

Contact Us

• Email: privacy@cueston.com
• Website: www.cueston.com
• Support: www.cueston.com/support

GDPR Compliance (EU Users)

• Right to be informed
• Right of access
• Right to rectification
• Right to erasure
• Right to restrict processing
• Right to data portability
• Right to object

Contact: privacy@cueston.com