Privacy Policy

Who we are (the controller)

Tabthrough is operated by Patryk Hadasz, sole trader, established in Poland (EU). For all questions about this policy or your personal data, contact contact@tabthrough.com. We are the data controller for everything described below. We have not appointed a Data Protection Officer (we are not required to under GDPR Art. 37). If you are in the European Economic Area or the UK, you can also lodge a complaint with your national supervisory authority — in Poland, this is the President of the Personal Data Protection Office (UODO).

What Tabthrough is

Tabthrough is a browser extension for Chrome and Firefox that provides an interactive presentation agenda — in Chrome's Side Panel or Firefox's sidebar. It helps you navigate between browser tabs during live demos using keyboard shortcuts and auto-detection of active URLs.

The free tier runs entirely within your browser. Tabthrough Pro is an optional paid tier that adds a saved presentations library (and later, cloud sync). Pro requires you to create an account; it brings in two third-party services — Firebase (authentication) and Polar.sh (subscription billing). This policy applies to both Chrome and Firefox builds and covers both tiers.

Data we access in your browser

To function, Tabthrough needs access to the following browser data:

• Active tab URL — read to match the current tab against your agenda steps. This happens locally, in the extension's background process (a service worker in Chrome, a background script in Firefox). The URL is never stored beyond the current session and never transmitted anywhere.
• Tab metadata — tab IDs and window IDs are used to switch focus between tabs when you advance a step. No page content is read.
• Keyboard navigation script — so that Ctrl/Cmd+Arrow and Esc work while any tab is focused, Tabthrough injects a small script into every page you visit. It listens for those specific keystrokes and ignores everything else: keys typed into inputs, textareas, password fields, and contenteditable regions are not processed. The script does not read page content, form data, or DOM elements; it does not transmit anything outside your browser.

Data we store on your device

Tabthrough uses the browser's built-in extension storage APIs (storage.local and storage.session). Everything below stays on your device unless explicitly noted.

• Presentation deck — your agenda steps, labels, URLs, and notes (key: flow_deck). Persists across browser restarts.
• Saved presentations library (Pro) — your saved decks, identified by UUID (key: flow_library). Stays local; cloud sync is opt-in and not yet implemented.
• Session state — current step index, timer start time, managed tab IDs (key: flow_state). Cleared when the browser closes.
• Sign-in user record (Pro) — Firebase user ID, email, display name, photo URL, and a refresh token (key: flow_user). Stored only after you sign in. Signing out clears this.
• Firebase ID token (Pro) — short-lived JWT used to authenticate calls to our backend (key: flow_id_token, session-scoped, refreshed automatically).
• Entitlement cache (Pro) — your paid/unpaid status with a 24-hour cache and 7-day offline grace period (key: flow_entitlement). Lets the extension keep working through brief network failures.

The extension itself does not store data in cookies or localStorage. (The marketing site you're reading does use localStorage to remember your cookie-banner choice — see "This website" below.)

What the free tier collects

Without sign-in, the extension collects nothing. No name, no email, no IP address, no usage analytics, no crash reports, no browsing history, no page content. URLs of your active tabs are matched against your deck patterns in-memory and discarded immediately.

Purposes and legal bases (GDPR Art. 6)

If you are in the EEA or UK, we rely on the following lawful bases:

• Creating and operating your Pro account (email, name, photo URL, Firebase user ID, refresh token) — performance of a contract, Art. 6(1)(b).
• Processing your subscription (Polar customer ID, subscription ID, plan, status, period end, checkout email) — performance of a contract, Art. 6(1)(b), and legal obligation, Art. 6(1)(c), for tax and accounting record-keeping.
• Product telemetry while signed in (event counts under your Firebase user ID) — legitimate interest, Art. 6(1)(f), in understanding which features are used so we can improve them. You can object at any time (see "Your rights" below).
• Google Analytics on the marketing site — consent, Art. 6(1)(a), captured via the cookie banner. No analytics scripts load unless you click Accept.
• Security and abuse prevention (Firebase Auth tokens, rate limiting on Cloud Functions) — legitimate interest, Art. 6(1)(f), in keeping the service safe for all users.

Account and authentication (Pro)

To create a Tabthrough Pro account you sign in via Firebase Authentication using one of these methods:

• Email and password — your password is sent directly from your browser to Firebase over HTTPS. It is not stored or readable by Tabthrough or our backend.
• Google — you go through Google's sign-in flow via chrome.identity. Google returns a signed ID token; we never see your Google password.

From the chosen identity provider we receive and store: your email address, your display name, your profile photo URL (if available), and a stable provider-issued user ID. Authentication is handled by Google Firebase; their privacy policy applies to the tokens, devices, and metadata Firebase processes during sign-in.

You can sign out at any time from the account dropdown inside the presenter view. Signing out removes the user record and tokens from your device's storage.

Payments and subscription (Pro)

Tabthrough Pro is billed by Polar.sh, who acts as Merchant of Record. Polar — not Tabthrough — is the legal seller of your subscription. Polar in turn uses Stripe for card processing. Polar's own privacy notice governs the data Polar collects directly from you at checkout (billing address, card data, tax-relevant info, IP); we receive only the webhook fields listed below.

• We never see your full card number, CVC, or any other payment instrument data. The card form lives on Polar's domain (buy.polar.sh), and the card is tokenized by Stripe.
• Polar shares with us, via webhook: your subscription status (active / trialing / canceled / etc.), Polar's customer ID, the subscription ID, plan, current period end date, and the email address you provided at checkout (used to match the subscription to your Firebase account).
• We store these fields under users/{your-uid} in Firestore (see "Backend infrastructure" below).
• You receive a receipt directly from Polar after each charge.

To cancel or update billing, open the account dropdown when signed in and use the "Manage subscription" link — this generates a per-session Polar customer portal URL tied to your account.

Backend infrastructure (Pro)

Pro relies on two Firebase services hosted in europe-west1 (Belgium):

• Cloud Functions — two endpoints. polarWebhook receives subscription events from Polar (server-to-server, you never call it). getEntitlement is called by the extension, with your Firebase ID token, to fetch your current paid status.
• Firestore — a single document per user at users/{your-uid} containing the subscription metadata listed above. Readable only by you (authenticated as {your-uid}); writable only by our Cloud Functions, not by the extension itself.

Firebase is operated by Google. Their Firebase Privacy and Security documentation describes how they handle hosted data, regional storage, and security.

Usage telemetry (Pro)

While signed in, we record per-user counts of the following events, stored against your Firebase user ID in Firestore:

• save_succeeded — a deck was saved to the library
• save_failed — a save attempt failed
• load_succeeded — a saved deck was loaded
• paywall_shown — the upgrade prompt was displayed
• checkout_started — the user clicked through to Polar checkout
• checkout_completed — subscription successfully created (echo of the Polar webhook)

We do not record the contents of your decks, the URLs you visit during presentations, or which tabs are active. The free tier sends no telemetry at all. If we add new event types, we will update this list before they begin firing.

Presentation contents

Your decks — titles, agenda steps, notes, URLs you chose to include — are stored locally on your device. If you save a deck to a file (Pro export feature), that file lives on your machine.

Future versions may offer cloud sync to Google Drive, OneDrive, or Dropbox. Cloud sync is opt-in: until you explicitly enable it for a specific provider, your decks never leave your device. We will update this policy and obtain your explicit consent before any presentation contents are transmitted off your device.

How long we keep data (retention)

• Firebase Auth record — kept until you delete your account (see below). After deletion, the record is removed within 30 days, including from routine backups.
• Firestore subscription document — kept while the subscription is active; archived for 5 years after the last invoice to satisfy EU accounting and tax obligations (Polish Accounting Act, art. 74), then deleted.
• Polar / Stripe records — retained by Polar and Stripe under their own policies; financial records are typically kept for 7–10 years under their applicable laws.
• Telemetry event counts — kept for up to 24 months, then aggregated or deleted.
• Cloud Functions / hosting logs — kept for up to 30 days for operational diagnostics.
• Google Analytics events — retention set to the GA4 minimum (2 months for user and event data).
• Data on your device — kept until you uninstall the extension or clear extension storage.

International data transfers

Firestore and Cloud Functions are hosted in the EU (europe-west1, Belgium), but the underlying providers — Google (Firebase), Polar.sh, Stripe — are US-incorporated and may process data in the United States or other countries for support, logging, or fraud prevention.

Where personal data is transferred outside the EEA or UK, the transfer relies on the European Commission's Standard Contractual Clauses (2021/914), together with supplementary measures and, where applicable, the EU–US Data Privacy Framework (Google and Stripe are self-certified participants). Copies of the relevant clauses are available from the providers' trust pages, linked above, and on request.

Your rights

If you are in the EEA or UK, GDPR (Arts. 15–22) gives you the right to:

• Access the personal data we hold about you
• Rectify inaccurate or incomplete data
• Erase your data ("right to be forgotten")
• Restrict or object to processing — including objecting to the legitimate-interest telemetry described above
• Portability — receive your data in a structured, machine-readable format
• Withdraw consent at any time (without affecting prior processing); for the marketing site, use the Cookie settings link to revoke GA4 consent
• Lodge a complaint with your national supervisory authority — in Poland, the UODO; otherwise the authority in your country of residence

To exercise any of these rights, email contact@tabthrough.com from the address associated with your account. We respond within 30 days (GDPR Art. 12(3)), extendable by two months for complex requests with notice to you.

Your California privacy rights

If you are a California resident, the California Consumer Privacy Act (CCPA, as amended by CPRA) gives you specific rights. The categories of personal information we collect (in the past 12 months and going forward) are: identifiers (email, Firebase UID, Polar customer ID), commercial information (subscription status and plan), and internet or network activity information (telemetry event counts, GA4 events on the marketing site if you accepted).

We do not sell or share your personal information for cross-context behavioral advertising, and we have not done so in the past 12 months. We do not knowingly process the personal information of consumers under 16.

You have the right to: know what we collect and why, delete your data, correct inaccurate data, limit the use of sensitive personal information (we do not collect any), and not be discriminated against for exercising these rights. To exercise them, email contact@tabthrough.com. We may need to verify your identity by confirming you control the email address tied to your account.

Data deletion

You have multiple ways to remove your data:

• Sign out — removes your user record, tokens, and entitlement cache from this device. Your Firebase account and Polar subscription remain unchanged.
• Cancel subscription — open the Polar customer portal from the account dropdown; cancellation stops future charges and (eventually) flips your entitlement to false.
• Delete account — email contact@tabthrough.com from the email associated with your account; we will delete your Firebase Auth record, your Firestore document, and request Polar to cancel any active subscription within 30 days. Subscription billing records that we are legally required to retain (see "Retention" above) are kept under restricted access until their statutory period ends, then deleted. You will receive confirmation.

The presentation decks stored on your device are removed by uninstalling the extension or clearing extension storage in your browser settings.

Security

We apply reasonable technical and organizational measures to protect your personal data (GDPR Art. 32):

• All traffic between the extension, our Cloud Functions, Firebase, and Polar is over HTTPS/TLS.
• Authentication is token-based (Firebase ID tokens, ~1 hour validity, auto-refreshed).
• Firestore access is gated by per-user security rules; only you can read your own document, and only our server-side Cloud Functions can write to it.
• Cloud Function secrets (Polar webhook signing key, etc.) are stored in Google Secret Manager, not in source code.
• Card data never reaches our infrastructure — it is collected and tokenized on Polar's and Stripe's PCI-DSS compliant systems.

No system is perfectly secure. In the event of a personal data breach affecting you, we will notify you and the relevant supervisory authority where required by GDPR Arts. 33–34 (within 72 hours of awareness, where feasible).

Children

Tabthrough is not directed at children under 16, and we do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, contact contact@tabthrough.com and we will delete it promptly.

Third-party services summary

By tier:

• Free tier — no third-party services. The extension makes no outbound network requests of its own. Navigating to a URL as part of a step uses your browser's normal navigation; Tabthrough is not involved in that traffic.
• Pro tier — Firebase (Google) for authentication and backend, Polar.sh as Merchant of Record for billing, Stripe as Polar's underlying payment processor.

Installation & distribution

Tabthrough is distributed through two stores; both builds are functionally identical and bound by this same policy.

• Chrome Web Store — installing or updating through the Chrome Web Store is subject to Google's Privacy Policy. We have no visibility into data Google collects during installation, updates, or store browsing.
• Mozilla Add-ons (AMO) — installing the Firefox version from AMO is subject to Mozilla's Privacy Policy. Same caveat: we have no visibility into data Mozilla collects.

However you install it, the extension behaves identically across both browsers. The free tier collects nothing; the Pro tier behaves as described in the sections above.

This website (marketing site)

Everything above describes the extension. The marketing site you're reading right now (tabthrough.com) is separate and uses one third-party service: Google Analytics 4, opt-in via the consent banner shown on first visit. We use only Google Analytics on this site; declining the banner loads no analytics scripts at all.

If you accept, the following is collected by Google on our behalf:

• Page views — which pages you visit and in what order
• Approximate location — country / region. GA4 truncates IP addresses before storage; we do not retain full IPs
• Referrer — the URL or search engine that sent you here
• Device basics — browser, OS, screen size, language

If you decline, no Google Analytics script is loaded and no analytics cookies are set. Your choice is remembered in this browser via localStorage (key tabthrough-ga-consent) — this entry is strictly necessary to remember your consent choice itself and falls under the ePrivacy "strictly necessary" exemption. You can change your mind any time using the Cookie settings link in the footer — that reopens the banner; choosing decline again will also clear any GA cookies that were already set.

We do not use the data for advertising, do not build user profiles, and do not share it with any other party. Google's own data handling is covered by Google's Privacy Policy.

Changes to this policy

If this policy changes materially — for example, if we add any new form of analytics, a new third-party processor, or a new category of data collection — we will update the date at the top of this page and note the change in the extension's changelog. For material changes that affect how we process your personal data, we will provide reasonable advance notice (at least 30 days where feasible) before the change takes effect, so that you can review it and, if you disagree, exercise your rights including deletion.

Questions? Reach out at contact@tabthrough.com.