Privacy Policy

Last Updated: June 18, 2026

Overview

EventPing is a browser extension that helps you track event registration deadlines from your Gmail. This privacy policy explains how we access, use, store, and protect your data.

Data Collection

EventPing collects the following Google user data:

• Gmail messages: Unread emails matching your configured keywords and sender filters
• Email metadata: Subject line, sender email address, and message body text
• User settings: Your configured keywords, filters, and preferences

How We Use Your Data

We use your Gmail data solely to:

• Scan for event registration emails based on your filters
• Extract registration URLs from email content
• Display pending registrations in the extension popup
• Send you optional notifications about found registrations

Limited Use Disclosure: EventPing's use of information received from Gmail APIs adheres to Google API Services User Data Policy, including the Limited Use requirements. We only use Gmail data to provide and improve the core functionality of finding and tracking event registrations.

Data Storage

All data is stored locally on your device using Chrome's built-in storage API. No data is sent to external servers, databases, or third-party services.

Detected Forms Privacy Protection

When the extension detects registration forms on pages you visit, it stores only the domain name (e.g., eventbrite.com), not the full URL or path. This protects your privacy by:

• Not tracking specific pages you visit
• Not storing query parameters that might contain sensitive data
• Minimizing stored information

Trade-off: The "Open" button in detected forms navigates to the domain homepage rather than the exact registration page. You may need to navigate to the form manually.

What Gets Stored

chrome.storage.sync (synced across devices)

• enabled: boolean - extension on/off
• checkTime: string - daily check time
• includeKeywords: array - keywords to search for
• excludeKeywords: array - keywords to skip
• includeEmails: array - allowed sender emails
• excludeEmails: array - blocked sender emails
• maxResults: number - max emails per check
• notifications: boolean - show notifications
• autoOpen: boolean - auto-open tabs
• processedEmails: array - already-checked email IDs (last 100)
• dismissedUrls: array - URLs user dismissed (last 200)

chrome.storage.local (device-only)

• pendingRegistrations: array - current registration URLs waiting
• detectedForms: array - forms found on pages

External Data Access

Extension only calls:

• Gmail API (https://gmail.googleapis.com) - read unread emails matching your filters
• Google OAuth - authenticate (standard Google login flow)

No tracking. No analytics. No third-party servers.

Data You Control

View stored data

// Open console in extension popup (right-click > Inspect)
chrome.storage.sync.get(null, console.log);
chrome.storage.local.get(null, console.log);

Clear all data

Settings page has buttons to clear:

• Processed emails list
• Dismissed URLs list

Or clear everything:

chrome.storage.sync.clear();
chrome.storage.local.clear();

Revoke Gmail access

Go to: https://myaccount.google.com/permissions
Find "EventPing" → Remove access

Gmail API Permissions

Extension requests:

• https://www.googleapis.com/auth/gmail.readonly - read-only access to Gmail

What it reads:

• Unread emails matching your keyword/sender filters
• Email subject, sender, body text (to extract URLs)

What it cannot do:

• Send emails
• Delete emails
• Modify emails
• Access sent/drafts/trash
• Read emails after marking as read

OAuth Token Storage

Chrome stores OAuth token securely via chrome.identity API. Extension cannot export or view raw token. Token auto-refreshes when expired.

Sync vs Local

chrome.storage.sync (8 KB limit):

• Settings and filters
• Small lists (processed emails, dismissed URLs)
• Syncs across Chrome browsers signed into same Google account

chrome.storage.local (10 MB limit):

• Pending URLs and detected forms
• Stays on current device only

Data Sharing and Transfers

We do not share, transfer, sell, or disclose your Google user data to any third parties.

The extension operates entirely locally in your browser. The only external communication is direct API calls to Google's servers for Gmail access and OAuth authentication.

Data Protection

Your data is protected through:

• Local-only storage: All data stays on your device, encrypted by Chrome's storage system
• Secure OAuth: Gmail access tokens are managed securely by Chrome's identity API
• HTTPS-only: All API requests to Google use encrypted HTTPS connections
• Read-only access: Extension cannot modify, delete, or send emails

Data Retention and Deletion

EventPing retains your data only as long as needed to provide the service:

• Processed emails list: Last 100 email IDs (prevents duplicate scanning)
• Dismissed URLs: Last 200 dismissed registrations
• Pending registrations: Stored until you open or dismiss them
• Settings: Stored until you change or clear them

To delete your data:

• Use the "Clear" buttons in Settings to remove specific lists
• Uninstall the extension to remove all local data
• Revoke Gmail access at Google Account Permissions

No Data Sales or Misuse

We do not and will never:

• Sell your data to third parties, advertisers, or data brokers
• Use your data for advertising or marketing purposes
• Use your data to determine creditworthiness or for lending purposes
• Use your data to train artificial intelligence or machine learning models
• Transfer your data to third parties for any purpose other than providing this extension's functionality

No Server Communication

Extension architecture:

Your Browser → Gmail API (Google's servers)
     ↓
Local Chrome Storage (your device)

No intermediate servers. No tracking. No analytics. No third-party services.

Changes to This Policy

If we change how EventPing uses Google user data, we will update this privacy policy and notify users through the extension or Chrome Web Store listing.

EventPing Extension | GitHub