Privacy Policy for MiroMiro

Last Updated: January 20, 2025

Introduction

MiroMiro ("we", "our", or "us") is a Chrome browser extension that helps designers and developers capture and download visual assets from websites. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our extension.

Information We Collect

Personal Information

When you use MiroMiro, we may collect the following personal information:

• Authentication Information: Email address, name, and profile information obtained through OAuth authentication providers (Google, GitHub, etc.)
• Account Data: User ID, authentication tokens (access and refresh tokens), and session data
• Usage Metrics: Asset extraction counts, contrast check counts, Lottie extraction counts, and design system extraction counts to enforce usage limits based on your subscription tier

Automatically Collected Information

• Web Browsing Data: URLs of websites you visit while the extension is active, used to capture and catalog network resources (images, fonts, videos, stylesheets)
• Captured Content: Visual assets (images, SVGs, fonts, videos), color palettes, typography information, and DOM elements that you choose to capture using the extension
• Technical Data: Browser type, extension version, and error logs for debugging purposes

How We Use Your Information

We use the collected information for the following purposes:

1. Authentication & Account Management: To create and manage your account, maintain your session, and verify your identity
2. Core Functionality: To enable asset capture, inspector mode, and download features
3. Usage Limits & Billing: To track your usage against subscription tier limits (Free, Starter, Pro) and manage premium features
4. Service Improvement: To analyze usage patterns, fix bugs, and improve the extension's performance
5. Customer Support: To respond to your inquiries and provide technical assistance
6. Legal Compliance: To comply with applicable laws, regulations, and legal processes

Data Storage and Security

• Storage Provider: Your data is stored securely using Supabase, a trusted backend-as-a-service provider
• Local Storage: Authentication tokens and session data are stored locally in your browser using Chrome's storage API
• Security Measures: We implement industry-standard security measures including encryption for data transmission (HTTPS/WSS), secure token storage, and access controls
• Data Retention: We retain your personal information for as long as your account is active or as needed to provide you services. You may request deletion of your account at any time

Data Sharing and Disclosure

We do NOT sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• Service Providers: With Supabase (backend infrastructure) to provide core functionality
• Legal Requirements: When required by law, court order, or government regulation
• Business Transfers: In connection with any merger, sale of company assets, or acquisition (users will be notified)
• With Your Consent: When you explicitly authorize us to share specific information

Your Rights and Choices

Depending on your location, you may have the following rights:

General Rights

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your account and associated data
• Opt-Out: Disable the extension or uninstall it at any time
• Data Portability: Request your data in a structured, machine-readable format

How to Exercise Your Rights

To exercise any of these rights, please contact us at sorilc@hotmail.com. We will respond to your request within 30 days.

GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Legal Basis for Processing: We process your data based on (1) your consent, (2) contract performance, or (3) legitimate business interests
• Right to Object: You may object to processing based on legitimate interests
• Right to Lodge a Complaint: You may file a complaint with your local data protection authority
• Data Transfers: Your data may be transferred to and processed in countries outside the EEA. We ensure adequate safeguards are in place

CCPA/CPRA Compliance (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: What personal information we collect, use, disclose, and sell
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: We do NOT sell your personal information
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
• Shine the Light: Request information about data shared with third parties for their direct marketing purposes

California Privacy Notice: In the past 12 months, we have collected the following categories of personal information: identifiers (email, name, user ID), internet activity (browsing history, captured content), and usage data. We do not sell personal information.

CalOPPA Compliance

In accordance with the California Online Privacy Protection Act (CalOPPA):

• We do not track users across third-party websites and therefore do not respond to Do Not Track (DNT) signals
• Third parties cannot collect personally identifiable information about your online activities over time and across different websites when you use our extension

Children's Privacy (COPPA)

MiroMiro is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that we have collected information from a child under 13, we will delete it immediately. If you believe we have collected information from a child under 13, please contact us.

Third-Party Services

Our extension integrates with the following third-party services:

• Supabase: Backend infrastructure and authentication (Supabase Privacy Policy)
• OAuth Providers: Google, GitHub, or other authentication providers you choose to use

These third parties have their own privacy policies governing their use of your information.

Cookies and Tracking Technologies

MiroMiro uses local browser storage (chrome.storage API) to store authentication tokens and user preferences. We do not use cookies or third-party tracking technologies for advertising or analytics purposes.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Updating the "Last Updated" date at the top of this policy
• Displaying a notification in the extension (for significant changes)
• Sending an email to your registered email address (for material changes)

Your continued use of MiroMiro after changes are posted constitutes your acceptance of the revised Privacy Policy.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from your jurisdiction. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: sorilc@hotmail.com

Summary of Your Privacy Rights

You have the right to:

• Know what data we collect and how we use it
• Access your personal information
• Correct inaccurate information
• Delete your account and data
• Opt-out of data collection by uninstalling the extension
• Not be discriminated against for exercising your rights

We commit to:

• Never sell your personal information
• Use your data only for the extension's core functionality
• Protect your data with industry-standard security measures
• Respect your privacy choices
• Be transparent about our data practices

Thank you for trusting MiroMiro with your information.