Extension Privacy Policy

Overview

CloneWebsite ("the Extension") is a Chrome browser extension that allows you to clone webpages with pixel-perfect accuracy. We are committed to protecting your privacy. This policy explains what data the Extension accesses and how it is used.

Last updated: June 20, 2025

Data We Do NOT Collect

No personal data collection: The Extension does not collect, store, or transmit your name, email, browsing history, or any other personally identifiable information.
No analytics or tracking: The Extension does not include any analytics SDKs, tracking pixels, or telemetry.
No remote servers: Core cloning functionality operates entirely within your browser. No data is sent to our servers.

Data Stored Locally

The following data is stored only in your browser's local storage (chrome.storage) and IndexedDB:

Cloned project files: ZIP archives and extracted files from pages you clone, saved to IndexedDB for offline access.
Extension settings: UI preferences and configuration options.
AI configuration (optional): If you choose to use the BYOK AI feature, your API key, base URL, and model name are stored locally in chrome.storage. This data never leaves your browser except to connect directly to the AI endpoint you configure.

Permissions and Why We Need Them

Permission	Purpose
`scripting`	Injects content scripts into the active tab to extract DOM structure, computed styles, and resources from the page you choose to clone.
`storage`	Saves extension settings, AI configuration, and cloned projects to local browser storage and IndexedDB.
`<all_urls>` (host permission)	Allows cloning of any webpage you visit. The Extension only acts when you explicitly trigger a clone action.
`https://api.openai.com/*` (optional host permission)	Used only if you enable the BYOK AI feature and configure an OpenAI-compatible endpoint. This permission is requested dynamically based on your configured Base URL.

AI Feature (Optional, BYOK)

The Extension includes an optional AI-assisted code editing feature that uses your own OpenAI-compatible API key ("Bring Your Own Key"). When enabled:

API requests are sent directly from your browser to the endpoint URL you configure.
We do not proxy, intercept, or store any AI request or response data.
Your API key is stored only in local browser storage and is never transmitted to us.
You can disable this feature at any time by clearing your AI settings.

Third-Party Services

The Extension does not integrate with any third-party analytics, advertising, or tracking services. The only external connections are:

Resource downloads: When cloning a page, the Extension fetches resources (images, CSS, fonts, JS) from the original page's servers. This is the same as your browser loading those resources normally.
AI endpoint (optional): If you configure the BYOK AI feature, requests go to your specified endpoint.

Data Security

All data is stored locally in your browser's secure storage mechanisms.
No data is transmitted over the network except for page resource downloads (during cloning) and optional AI API calls (to your configured endpoint).
The Extension uses Chrome's Manifest V3 security model with a sandboxed content security policy.

Children's Privacy

The Extension is not directed at children under 13 and does not knowingly collect any data from children.

Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated date.

Contact

If you have questions about this privacy policy, contact us at: support@clonewebsite.app

Data We Do NOT Collect

No personal data collection: The Extension does not collect, store, or transmit your name, email, browsing history, or any other personally identifiable information.

No analytics or tracking: The Extension does not include any analytics SDKs, tracking pixels, or telemetry.

No remote servers: Core cloning functionality operates entirely within your browser. No data is sent to our servers.

Data Stored Locally

The following data is stored only in your browser's local storage (chrome.storage) and IndexedDB:

Cloned project files: ZIP archives and extracted files from pages you clone, saved to IndexedDB for offline access.

Extension settings: UI preferences and configuration options.

AI configuration (optional): If you choose to use the BYOK AI feature, your API key, base URL, and model name are stored locally in chrome.storage. This data never leaves your browser except to connect directly to the AI endpoint you configure.

Permissions and Why We Need Them

Permission	Purpose
`scripting`	Injects content scripts into the active tab to extract DOM structure, computed styles, and resources from the page you choose to clone.
`storage`	Saves extension settings, AI configuration, and cloned projects to local browser storage and IndexedDB.
`<all_urls>` (host permission)	Allows cloning of any webpage you visit. The Extension only acts when you explicitly trigger a clone action.
`https://api.openai.com/*` (optional host permission)	Used only if you enable the BYOK AI feature and configure an OpenAI-compatible endpoint. This permission is requested dynamically based on your configured Base URL.

AI Feature (Optional, BYOK)

The Extension includes an optional AI-assisted code editing feature that uses your own OpenAI-compatible API key ("Bring Your Own Key"). When enabled:

API requests are sent directly from your browser to the endpoint URL you configure.

We do not proxy, intercept, or store any AI request or response data.

Your API key is stored only in local browser storage and is never transmitted to us.

You can disable this feature at any time by clearing your AI settings.

Third-Party Services

The Extension does not integrate with any third-party analytics, advertising, or tracking services. The only external connections are:

Resource downloads: When cloning a page, the Extension fetches resources (images, CSS, fonts, JS) from the original page's servers. This is the same as your browser loading those resources normally.

AI endpoint (optional): If you configure the BYOK AI feature, requests go to your specified endpoint.

Data Security

All data is stored locally in your browser's secure storage mechanisms.

No data is transmitted over the network except for page resource downloads (during cloning) and optional AI API calls (to your configured endpoint).

The Extension uses Chrome's Manifest V3 security model with a sandboxed content security policy.